Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 10: Firefox öffnet automatisch Tab mit Werbeseite

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 04.01.2016, 10:47   #1
Gnuschperli
 
Windows 10: Firefox öffnet automatisch Tab mit Werbeseite - Standard

Windows 10: Firefox öffnet automatisch Tab mit Werbeseite



Hallo zusammen

Ich habe heute meinen Computer ganz normal aufgestartet und Firefox geöffnet, worauf meine letzte Session wie üblich gekommen ist, aber in einem neuen Tab eine Werbeanzeige aufgegangen ist
Code:
ATTFilter
h**p://ih.adscale.de/adscale-ih/pup?v=2&iid=409101451844559677&hid=409&sid=NGY2MzQw&lb=node09.lb.adscale.de&nu=0&uu=418571451423751369&apaid=NWMzMDQw,OGFjMjAw&ssl=0&x=418571451423751369&ref=hxxp://www.spruechetante.de/sprueche-sammlung/index.php/tag/glueck-wuenschen/&iidx=02&pup=true&ws=http%3A%2F%2Fwww.spruechetante.de%2Fsprueche-sammlung%2Findex.php%2Ftag%2Fglueck-wuenschen%2Fpage%2F2%2F
         
Da mir das gleich Spanisch vorkam, habe ich den Browser komplett geschlossen und nochmals gestartet mit demselben Ergebnis. Die Tabs in der offenen Session sind alle seriös und öffnen nie direkt Werbeanzeigen. In den letzten Tagen habe ich weder etwas Ungewöhnliches gemacht noch bemerkt. Benutze jetzt für den Moment Chrome, wo das Problem nicht besteht.

Ich persönlich halte das nicht gerade für einen dringenden Fall (und scheinbar nur auf Firefox beschränkt), schreibe aber gerade eine überaus wichtige Arbeit, bin daher etwas bzw. sehr paranoid und möchte mich absichern. Ich wäre daher für rasche Hilfe sehr dankbar und hoffe ich gehe euch mit meiner Übervorsicht nicht auf die Nerven

FRST-Scan

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
durchgeführt von Nutzername (Administrator) auf Nutzername-PC (04-01-2016 09:34:54)
Gestartet von C:\Users\Nutzername\Desktop
Geladene Profile: Nutzername &  (Verfügbare Profile: Nutzername & Gast)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_960c1f056a541068\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_960c1f056a541068\AESTSr64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Validity Sensors, Inc.) C:\Windows\System32\vfsFPService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
() C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
(Sigmatel) C:\Windows\System\w98eject.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPResignFileLoader.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6525.42271.0_x64__8wekyb3d8bbwe\HxTsr.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-11-20] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HPCam_Menu] => c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2009-11-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-11] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157456 2015-12-09] (Apple Inc.)
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [2926800 2015-01-27] ()
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\RunOnce: [Uninstall C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\RunOnce: [Uninstall C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\RunOnce: [Uninstall C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\Policies\system: [WallpaperStyle] 2
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\MountPoints2: {e3c2411f-460a-11df-a569-00247ef24dba} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [149504 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [2926800 2015-01-27] ()
HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [WallpaperStyle] 2
HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e3c2411f-460a-11df-a569-00247ef24dba} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [149504 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-4260271641-664959227-3636034554-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-4260271641-664959227-3636034554-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-4260271641-664959227-3636034554-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [WallpaperStyle] 2
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-11] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\w98Eject.lnk [2012-05-18]
ShortcutTarget: w98Eject.lnk -> C:\Windows\System\w98eject.exe (Sigmatel)
Startup: C:\Users\Nutzername\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2013-10-05]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicyScripts: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9-x64 01 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-10-29] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-10-29] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-10-29] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-10-29] (Lavasoft Limited)
Winsock: Catalog9-x64 05 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-10-29] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a071c040-9ce7-4a7a-bf97-3ce0d539368f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c4aeb9d4-3ba0-4ad5-b4cf-635840139274}: [DhcpNameServer] 192.168.137.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_CH&c=94&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_CH&c=94&bd=Pavilion&pf=cnnb
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_CH&c=94&bd=Pavilion&pf=cnnb
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome_first&locale=de_CH&c=94&bd=Pavilion&pf=cnnb
HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_CH&c=94&bd=Pavilion&pf=cnnb
HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome_first&locale=de_CH&c=94&bd=Pavilion&pf=cnnb
HKU\S-1-5-21-4260271641-664959227-3636034554-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_CH&c=94&bd=Pavilion&pf=cnnb
HKU\S-1-5-21-4260271641-664959227-3636034554-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_CH&c=94&bd=Pavilion&pf=cnnb
SearchScopes: HKLM -> DefaultScope {1C42C71A-D478-4F5C-BFBC-27A7A486FFCF} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKLM -> {1C42C71A-D478-4F5C-BFBC-27A7A486FFCF} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {1C42C71A-D478-4F5C-BFBC-27A7A486FFCF} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKU\S-1-5-21-4260271641-664959227-3636034554-1000 -> DefaultScope {1C42C71A-D478-4F5C-BFBC-27A7A486FFCF} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKU\S-1-5-21-4260271641-664959227-3636034554-1000 -> {1C42C71A-D478-4F5C-BFBC-27A7A486FFCF} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {1C42C71A-D478-4F5C-BFBC-27A7A486FFCF} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {1C42C71A-D478-4F5C-BFBC-27A7A486FFCF} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKU\S-1-5-21-4260271641-664959227-3636034554-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {1C42C71A-D478-4F5C-BFBC-27A7A486FFCF} URL = 
BHO: Kein Name -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> Keine Datei
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-09] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-09] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-09] (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: Kein Name -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> Keine Datei
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-09] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-4260271641-664959227-3636034554-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Nutzername\AppData\Roaming\Mozilla\Firefox\Profiles\g09m4yg0.default
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxp://www.google.ch/
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-09] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-01-24] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4260271641-664959227-3636034554-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nutzername\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-31] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nutzername\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-31] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Nutzername\AppData\Roaming\Mozilla\Firefox\Profiles\g09m4yg0.default\searchplugins\yahoo-lavasoft.xml [2015-10-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-12-29] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-12-29] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-03-01] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-03-01] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-11]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-11]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2015-11-19]
FF HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext => nicht gefunden
FF HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext => nicht gefunden
FF HKU\S-1-5-21-4260271641-664959227-3636034554-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext => nicht gefunden

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\pdf.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll => Keine Datei
CHR Plugin: (Skype Toolbars) - C:\Users\Nutzername\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll => Keine Datei
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\Nutzername\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Nutzername\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Nutzername\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-06]
CHR Extension: (Google-Suche) - C:\Users\Nutzername\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (DivX HiQ) - C:\Users\Nutzername\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-03-01]
CHR Extension: (Avast Online Security) - C:\Users\Nutzername\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Nutzername\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-01]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Nutzername\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-03-01]
CHR Extension: (Google Mail) - C:\Users\Nutzername\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-09]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AESTFilters; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-11] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 STacSV; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated)
R2 vfsFPService; C:\Windows\system32\vfsFPService.exe [721712 2009-06-03] (Validity Sensors, Inc.)
R2 vfsFPService; C:\Windows\SysWOW64\vfsFPService.exe [599344 2009-06-03] (Validity Sensors, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-11] (AVAST Software)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\System32\drivers\bcmwl63al.sys [5170176 2015-10-30] (Broadcom Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R3 i8042HDR; C:\Windows\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows (R) Codename Longhorn DDK provider)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [34304 2012-01-11] (ManyCam LLC)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-04] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2012-02-22] (ManyCam LLC)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13920 2012-05-23] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2009-07-23] (CyberLink Corp.)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-04 09:34 - 2016-01-04 09:36 - 00039559 _____ C:\Users\Nutzername\Desktop\FRST.txt
2016-01-04 09:34 - 2016-01-04 09:34 - 00000000 ____D C:\FRST
2016-01-04 09:31 - 2016-01-04 09:34 - 02370560 _____ (Farbar) C:\Users\Nutzername\Desktop\FRST64.exe
2015-12-29 08:32 - 2015-12-29 08:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-21 17:00 - 2015-12-21 17:00 - 00709605 _____ C:\Users\Nutzername\Downloads\Merkblatt_Wohin_mit_den_Wertstoffen.pdf
2015-12-21 16:57 - 2015-12-21 16:57 - 00550487 _____ C:\Users\Nutzername\Downloads\Guesel_2015.pdf
2015-12-21 11:16 - 2015-12-21 11:16 - 00002880 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-12-21 11:16 - 2015-12-21 11:16 - 00000000 ____D C:\Program Files\CCleaner
2015-12-21 11:08 - 2015-12-21 11:08 - 00001852 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-12-21 11:08 - 2015-12-21 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-21 11:08 - 2015-12-21 11:08 - 00000000 ____D C:\Program Files\iTunes
2015-12-21 11:08 - 2015-12-21 11:08 - 00000000 ____D C:\Program Files\iPod
2015-12-21 11:08 - 2015-12-21 11:08 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-12-18 20:20 - 2015-12-07 05:48 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-18 20:20 - 2015-12-07 05:48 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2015-12-18 20:20 - 2015-12-07 05:07 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-18 20:20 - 2015-12-07 04:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-18 20:20 - 2015-12-07 04:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-18 20:19 - 2015-12-07 05:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-18 20:19 - 2015-12-07 05:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-18 20:19 - 2015-12-07 05:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-18 20:19 - 2015-12-07 05:48 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-18 20:19 - 2015-12-07 05:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-18 20:19 - 2015-12-07 05:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-18 20:19 - 2015-12-07 05:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-18 20:19 - 2015-12-07 05:47 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-18 20:19 - 2015-12-07 05:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-18 20:19 - 2015-12-07 05:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-18 20:19 - 2015-12-07 05:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-18 20:19 - 2015-12-07 05:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-18 20:19 - 2015-12-07 05:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-18 20:19 - 2015-12-07 05:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-18 20:19 - 2015-12-07 05:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-18 20:19 - 2015-12-07 05:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-18 20:19 - 2015-12-07 05:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-18 20:19 - 2015-12-07 05:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-18 20:19 - 2015-12-07 05:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-18 20:19 - 2015-12-07 05:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-18 20:19 - 2015-12-07 05:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-18 20:19 - 2015-12-07 05:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-18 20:19 - 2015-12-07 05:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-18 20:19 - 2015-12-07 05:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-18 20:19 - 2015-12-07 05:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-18 20:19 - 2015-12-07 05:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-18 20:19 - 2015-12-07 05:03 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-18 20:19 - 2015-12-07 05:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-18 20:19 - 2015-12-07 05:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-18 20:19 - 2015-12-07 05:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-18 20:19 - 2015-12-07 05:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-18 20:19 - 2015-12-07 05:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-18 20:19 - 2015-12-07 05:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-18 20:19 - 2015-12-07 05:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-18 20:19 - 2015-12-07 05:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-18 20:19 - 2015-12-07 04:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-18 20:19 - 2015-12-07 04:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-18 20:19 - 2015-12-07 04:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-18 20:19 - 2015-12-07 04:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-18 20:19 - 2015-12-07 04:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-18 20:19 - 2015-12-07 04:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-18 20:19 - 2015-12-07 04:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2015-12-18 20:19 - 2015-12-07 04:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-18 20:19 - 2015-12-07 04:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-18 20:19 - 2015-12-07 04:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-18 20:19 - 2015-12-07 04:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-18 20:19 - 2015-12-07 04:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-18 20:19 - 2015-12-07 04:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-18 20:19 - 2015-12-07 04:54 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2015-12-18 20:19 - 2015-12-07 04:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-18 20:19 - 2015-12-07 04:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-18 20:19 - 2015-12-07 04:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-18 20:19 - 2015-12-07 04:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-18 20:19 - 2015-12-07 04:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-18 20:19 - 2015-12-07 04:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-18 20:19 - 2015-12-07 04:47 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-18 20:19 - 2015-12-07 04:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-18 20:19 - 2015-12-07 04:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-18 20:19 - 2015-12-07 04:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-18 20:19 - 2015-12-07 04:44 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-18 20:19 - 2015-12-07 04:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-18 20:19 - 2015-12-07 04:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-18 20:19 - 2015-12-07 04:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-18 20:19 - 2015-12-07 04:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-18 20:19 - 2015-12-07 04:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-18 20:19 - 2015-12-07 04:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-18 20:19 - 2015-12-07 04:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-18 20:19 - 2015-12-07 04:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-18 20:19 - 2015-12-07 04:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-18 20:19 - 2015-12-07 04:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-17 08:36 - 2015-12-17 08:36 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-12 10:26 - 2015-12-12 10:26 - 00000000 ____D C:\Users\Nutzername\AppData\Local\ActiveSync
2015-12-12 10:24 - 2015-12-12 10:24 - 00000020 ___SH C:\Users\Nutzername\ntuser.ini
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-12-12 04:43 - 2015-12-21 09:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-12 04:28 - 2015-12-12 04:28 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recovery Manager
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Apple Computer
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default\AppData\Local\Apple Computer
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default\AppData\Local\Apple
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recovery Manager
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Apple Computer
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple Computer
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple
2015-12-12 04:19 - 2015-12-12 04:19 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-12-12 04:18 - 2015-12-12 04:32 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-12-12 04:15 - 2015-12-23 18:13 - 00000000 ____D C:\Users\Nutzername
2015-12-12 04:15 - 2015-12-12 04:38 - 00000000 ____D C:\Users\Gast
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Startmenü
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Videos
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Vorlagen
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Startmenü
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Netzwerkumgebung
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Lokale Einstellungen
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Eigene Dateien
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Druckumgebung
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Documents\Eigene Videos
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Documents\Eigene Musik
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Documents\Eigene Bilder
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\AppData\Local\Verlauf
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\AppData\Local\Anwendungsdaten
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Anwendungsdaten
2015-12-12 04:11 - 2015-12-12 04:11 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2015-12-12 04:10 - 2015-12-12 04:10 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-12-12 04:10 - 2015-12-12 04:10 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-12-12 04:10 - 2015-12-12 04:10 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-12-12 04:10 - 2015-12-12 04:10 - 00000000 ____D C:\Program Files\IDT
2015-12-12 04:10 - 2015-12-12 04:10 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2015-12-12 04:10 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-12-12 04:10 - 2010-03-23 14:53 - 12772352 _____ (IDT, Inc.) C:\WINDOWS\system32\idtcpl64.cpl
2015-12-12 04:10 - 2010-03-23 14:53 - 03348480 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2015-12-12 04:10 - 2010-03-23 14:53 - 00564224 _____ (IDT, Inc.) C:\WINDOWS\system32\idt64mp1.exe
2015-12-12 04:10 - 2010-03-23 14:53 - 00487424 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2015-12-12 04:10 - 2010-01-26 18:30 - 00162816 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTAC64.dll
2015-12-12 04:10 - 2009-10-09 16:45 - 00442368 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTEC64.dll
2015-12-12 04:10 - 2009-03-02 17:58 - 00068608 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTAR64.dll
2015-12-12 04:10 - 2009-03-02 17:47 - 00090624 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTCo64.dll
2015-12-12 04:09 - 2015-12-12 04:09 - 00000000 ____D C:\Program Files\Synaptics
2015-12-12 03:59 - 2015-12-21 12:01 - 00000000 ____D C:\Windows.old
2015-12-12 03:58 - 2015-12-12 03:58 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-12 03:58 - 2015-12-12 03:58 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-12 03:58 - 2015-12-12 03:58 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-12 03:58 - 2015-12-12 03:58 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-12 03:58 - 2015-12-12 03:58 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-12-12 03:58 - 2015-12-12 03:58 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-12-12 03:58 - 2015-12-12 03:58 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-12-12 03:56 - 2015-10-29 19:43 - 06238720 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons000c.dll
2015-12-12 03:56 - 2015-10-29 19:41 - 06238720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons000c.dll
2015-12-12 03:56 - 2015-10-29 19:30 - 02354176 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData000c.dll
2015-12-12 03:56 - 2015-10-29 19:27 - 02268672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData000c.dll
2015-12-12 03:55 - 2015-12-12 03:55 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-12 03:52 - 2015-12-12 04:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-12 03:52 - 2015-12-12 03:52 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-12-12 03:52 - 2015-12-12 03:52 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-12 03:52 - 2015-12-12 03:52 - 00000000 ____D C:\Program Files\MSBuild
2015-12-12 03:52 - 2015-12-12 03:52 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-12 03:51 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-12 03:51 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-12 03:51 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-12-12 03:51 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-12 03:51 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-12 03:51 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-11 12:47 - 2015-12-12 04:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-11 00:34 - 2015-12-11 00:34 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-12-11 00:34 - 2015-12-11 00:34 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-04 09:34 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2016-01-04 09:32 - 2012-10-03 19:44 - 00000000 ____D C:\Users\Nutzername\Documents\Outlook-Dateien
2016-01-04 09:29 - 2010-05-02 12:08 - 00001148 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-04 09:15 - 2014-09-09 19:05 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-04 09:10 - 2015-06-17 07:59 - 00001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-01-04 09:02 - 2015-10-29 13:30 - 00004180 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5056D5AE-D540-4282-A3D9-3CE81CA5EE48}
2016-01-04 09:01 - 2014-07-04 12:56 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-04 09:00 - 2013-11-09 13:33 - 00000000 ___RD C:\Users\Nutzername\Dropbox
2016-01-04 08:59 - 2013-11-09 13:21 - 00000000 ____D C:\Users\Nutzername\AppData\Roaming\Dropbox
2016-01-04 08:58 - 2015-06-17 07:59 - 00001250 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-01-04 08:58 - 2010-05-02 12:08 - 00001144 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-03 20:17 - 2015-10-30 19:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-03 20:17 - 2015-10-30 19:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-03 20:17 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-03 20:17 - 2015-08-02 17:51 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-01 18:25 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-31 08:10 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-30 09:09 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-30 09:08 - 2014-05-07 00:44 - 00002956 _____ C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-4260271641-664959227-3636034554-1000
2015-12-29 08:15 - 2014-09-09 19:05 - 00003858 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-27 22:10 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-27 22:10 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-23 07:58 - 2012-10-03 18:45 - 00000000 ____D C:\Users\Nutzername\Nutzername
2015-12-21 12:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-21 11:08 - 2010-04-12 08:46 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-12-21 09:40 - 2012-05-07 22:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-21 09:36 - 2010-04-12 16:20 - 00000441 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-12-21 02:24 - 2015-10-30 07:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-12-21 02:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-21 02:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-21 02:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-19 12:35 - 2014-09-24 13:35 - 00451040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-12-19 12:35 - 2014-09-24 13:35 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2015-12-15 00:01 - 2013-10-29 09:37 - 00000000 __RDO C:\Users\Nutzername\SkyDrive
2015-12-14 10:42 - 2015-08-02 18:32 - 00002445 _____ C:\Users\Nutzername\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-13 09:36 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-12 10:53 - 2015-08-07 19:16 - 00000000 ____D C:\Users\Nutzername\AppData\Local\PackageStaging
2015-12-12 10:53 - 2012-11-19 14:02 - 00000000 ____D C:\Users\Nutzername\AppData\Local\Packages
2015-12-12 10:47 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-12 10:26 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-12-12 10:26 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-12 10:25 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-12 10:24 - 2012-11-19 14:03 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-12 04:57 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-12 04:56 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2015-12-12 04:56 - 2013-10-29 03:30 - 00064773 _____ C:\WINDOWS\diagwrn.xml
2015-12-12 04:56 - 2013-10-29 03:30 - 00064773 _____ C:\WINDOWS\diagerr.xml
2015-12-12 04:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-12 04:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-12 04:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2015-12-12 04:43 - 2015-06-17 07:59 - 00003790 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2015-12-12 04:43 - 2015-06-17 07:59 - 00003562 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2015-12-12 04:43 - 2014-09-24 13:35 - 00002954 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-12-12 04:43 - 2014-03-05 15:02 - 00002304 _____ C:\WINDOWS\System32\Tasks\{6807955D-95F5-4432-972F-8A436B89A6AE}
2015-12-12 04:43 - 2012-11-19 14:12 - 00002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4260271641-664959227-3636034554-1000
2015-12-12 04:43 - 2012-11-19 13:12 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-12 04:43 - 2011-02-08 17:14 - 00002362 _____ C:\WINDOWS\System32\Tasks\{348F62FF-81FD-4927-A6C2-B88232295883}
2015-12-12 04:43 - 2011-01-12 18:49 - 00002026 _____ C:\WINDOWS\System32\Tasks\{0291DAD5-E7B8-40D2-9C0E-801870BB6F82}
2015-12-12 04:43 - 2010-05-02 12:08 - 00003660 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-12 04:43 - 2010-05-02 12:08 - 00003436 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-12 04:43 - 2010-04-12 09:22 - 00002180 _____ C:\WINDOWS\System32\Tasks\{0045FFD3-A467-4D80-9AF5-66B75135CC26}
2015-12-12 04:42 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2015-12-12 04:42 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-12 04:32 - 2015-11-19 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 5
2015-12-12 04:32 - 2015-10-30 19:47 - 00000000 ____D C:\WINDOWS\ShellNew
2015-12-12 04:32 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2015-12-12 04:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-12-12 04:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-12-12 04:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-12-12 04:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-12-12 04:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help
2015-12-12 04:32 - 2015-09-23 15:22 - 00000000 ____D C:\Users\Nutzername\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stata 14
2015-12-12 04:32 - 2015-04-01 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTax.schwyz 2014 nP
2015-12-12 04:32 - 2014-04-24 10:00 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-12-12 04:32 - 2014-04-24 10:00 - 00000000 ____D C:\WINDOWS\en
2015-12-12 04:32 - 2014-04-24 10:00 - 00000000 ____D C:\WINDOWS\de
2015-12-12 04:32 - 2014-04-05 11:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTax.schwyz 2013 nP
2015-12-12 04:32 - 2013-10-23 08:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-12 04:32 - 2013-03-27 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTax.schwyz 2012 nP
2015-12-12 04:32 - 2011-11-20 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-12-12 04:32 - 2011-03-01 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
2015-12-12 04:32 - 2011-01-12 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-12 04:32 - 2010-04-27 12:53 - 00000000 ____D C:\Users\Nutzername\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-12-12 04:32 - 2010-01-23 12:20 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recovery Manager
2015-12-12 04:32 - 2009-12-01 21:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-12-12 04:32 - 2009-12-01 21:30 - 00000000 ____D C:\Users\Nutzername\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recovery Manager
2015-12-12 04:32 - 2009-09-04 13:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-12-12 04:32 - 2009-09-04 13:00 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard
2015-12-12 04:32 - 2009-08-25 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
2015-12-12 04:28 - 2015-07-10 10:05 - 00000000 ____D C:\Users\Default.migrated
2015-12-12 04:23 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-12-12 04:23 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-12-12 04:23 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-12-12 04:23 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-12-12 04:23 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-12 04:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-12-12 04:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-12-12 04:23 - 2012-02-02 11:04 - 00000000 ____D C:\WINDOWS\system32\SPReview
2015-12-12 04:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-12 04:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-12 04:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-12-12 04:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\IME
2015-12-12 04:22 - 2011-10-13 20:51 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2015-12-12 04:20 - 2015-10-30 19:36 - 00000000 ____D C:\WINDOWS\OCR
2015-12-12 04:20 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-12-12 04:20 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-12 04:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\System
2015-12-12 04:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\schemas
2015-12-12 04:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-12-12 04:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod
2015-12-12 04:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\IME
2015-12-12 04:20 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-12-12 04:20 - 2012-11-19 17:41 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-12-12 04:20 - 2009-08-25 10:31 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-12-12 04:19 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-12-12 04:19 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-12 04:19 - 2015-06-13 07:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxis
2015-12-12 04:19 - 2012-10-25 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2015-12-12 04:19 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-12-12 04:18 - 2012-07-26 09:12 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-12-12 04:17 - 2009-12-01 21:30 - 00000000 ____D C:\Users\Nutzername\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2015-12-12 04:16 - 2012-11-19 15:53 - 00000000 ____D C:\Users\Gast\AppData\Local\Packages
2015-12-12 04:16 - 2010-01-23 12:20 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2015-12-12 04:14 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-12 04:07 - 2015-10-30 19:58 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-12-12 04:05 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-12 03:59 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-12 03:59 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-12 03:59 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-12 03:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-12 03:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-12 03:52 - 2015-10-30 08:17 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-12-12 03:52 - 2015-10-30 08:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-12-12 03:52 - 2015-10-30 08:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-12-12 03:52 - 2015-10-30 08:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2015-12-11 12:47 - 2015-06-17 07:59 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-12-11 00:34 - 2014-09-24 13:35 - 01055560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-12-11 00:34 - 2014-09-24 13:35 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-12-11 00:34 - 2014-09-24 13:35 - 00155304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-12-11 00:34 - 2014-09-24 13:35 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-12-11 00:34 - 2014-09-24 13:35 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-12-11 00:34 - 2014-09-24 13:35 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-12-10 17:35 - 2013-07-17 10:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-10 17:25 - 2010-04-12 15:51 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-09 08:43 - 2009-12-01 21:33 - 00000000 ____D C:\ProgramData\Microsoft Help

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-08-20 09:51 - 2015-08-17 11:12 - 0011241 _____ () C:\Users\Nutzername\AppData\Roaming\Microsoft Excel 97-2003.CAL
2012-06-26 13:47 - 2012-06-26 13:47 - 0000000 _____ () C:\Users\Nutzername\AppData\Roaming\wklnhst.dat
2009-12-19 14:06 - 2009-12-19 14:06 - 0000024 _____ () C:\Users\Nutzername\AppData\Local\73648-88365-27475-00IP7-22847
2009-12-01 21:58 - 2009-12-01 21:58 - 0000000 _____ () C:\Users\Nutzername\AppData\Local\AtStart.txt
2009-12-01 21:58 - 2009-12-01 21:58 - 0000000 _____ () C:\Users\Nutzername\AppData\Local\DSwitch.txt
2009-12-01 21:58 - 2009-12-01 21:58 - 0000000 _____ () C:\Users\Nutzername\AppData\Local\QSwitch.txt
2009-12-01 20:15 - 2014-11-12 09:42 - 0007597 _____ () C:\Users\Nutzername\AppData\Local\resmon.resmoncfg
2013-06-07 08:42 - 2013-06-07 08:42 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-10-03 21:44 - 2015-08-17 08:21 - 0000185 _____ () C:\ProgramData\HPWALog.txt
2010-04-12 14:32 - 2010-04-12 14:32 - 0004940 _____ () C:\ProgramData\mtbjfghn.xbe
2009-08-25 01:30 - 2009-08-25 01:30 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2009-09-04 12:23 - 2009-09-04 12:23 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-08-25 01:29 - 2009-08-25 01:29 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-09-04 12:16 - 2009-09-04 12:18 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-08-25 01:29 - 2009-08-25 01:29 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2009-08-25 01:30 - 2009-08-25 01:30 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2009-09-04 12:16 - 2009-09-04 12:16 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-09-04 12:18 - 2009-09-04 12:23 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2009-08-25 01:30 - 2009-08-25 01:30 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-25 12:43

==================== Ende von FRST.txt ============================
         
Addition Datei kann ich bei Bedarf gerne nachliefern, war leider zu gross

TDSSKiller und Mbam fanden jeweils keine Bedrohungen, die Reports kann ich bei Bedarf natürlich auch nachliefern.

Ich hoffe ich habe soweit alles richtig gemacht und ihr könnt mir einen Ratschlag zum weiteren Vorgehen geben.

Herzlichen Dank für eure Hilfe und liebe Grüsse
Gnuschperli

Alt 04.01.2016, 11:27   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10: Firefox öffnet automatisch Tab mit Werbeseite - Standard

Windows 10: Firefox öffnet automatisch Tab mit Werbeseite



Hi,

addition.txt bitte nachreichen


Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 04.01.2016, 12:00   #3
Gnuschperli
 
Windows 10: Firefox öffnet automatisch Tab mit Werbeseite - Standard

Windows 10: Firefox öffnet automatisch Tab mit Werbeseite



Hi

Vielen Dank für die schnelle Rückmeldung.

Addition.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-12-2015
durchgeführt von Nutzername (2016-01-04 09:37:40)
Gestartet von C:\Users\Nutzername\Desktop
Windows 10 Pro (X64) (2015-12-12 03:57:09)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4260271641-664959227-3636034554-500 - Administrator - Disabled)
Nutzername (S-1-5-21-4260271641-664959227-3636034554-1000 - Administrator - Enabled) => C:\Users\Nutzername
DefaultAccount (S-1-5-21-4260271641-664959227-3636034554-503 - Limited - Disabled)
Gast (S-1-5-21-4260271641-664959227-3636034554-501 - Limited - Disabled) => C:\Users\Gast

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 8.2.1 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.204 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B93CD779-D1C1-4B4D-A9E5-564A542C6DFD}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{F11053A9-C5E1-0218-918E-8B97A8DCF3EA}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.2.0.8 - Swiss Academic Software)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
eTax.schwyz 2012 nP 11.0.4 (HKLM-x32\...\4623-6347-5575-7867) (Version: 11.0.4 - Information Factory AG)
eTax.schwyz 2013 nP 12.0.5 (HKLM-x32\...\0444-9509-4988-5221) (Version: 12.0.5 - Information Factory AG)
eTax.schwyz 2014 nP 1.6.0 (HKLM-x32\...\1036-5372-1441-3171) (Version: 1.6.0 - Information Factory AG)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{7FD7F421-39B2-4CAC-BC41-7D83DDBAB329}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Integrated Module with Bluetooth wireless technology (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9602 - Broadcom Corporation)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3123 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.0.30.1 - Hewlett-Packard)
HP Photosmart 7520 series - Grundlegende Software für das Gerät (HKLM\...\{62883BA5-32F6-44D0-AF9D-9CBED778F36F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 7520 series Hilfe (HKLM-x32\...\{2230C40A-ADE0-4231-98EC-7AAFC14BC7F3}) (Version: 28.0.0 - Hewlett Packard)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.12.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{348A1F5B-07B3-4436-9A47-FFE44EFE856E}) (Version: 11.51.0004 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
iTunes (HKLM\...\{8A4D15F4-2148-48DF-AC31-9513E5B734ED}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.17 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Facebook 32-bit (HKLM-x32\...\{95140000-007C-0409-0000-0000000FF1CE}) (Version: 14.0.6114.5003 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 en-US)) (Version: 43.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.3.5835 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.0 - pdfforge)
PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Stata 14 (HKLM-x32\...\{BB31D61A-AFF4-4E2F-B9CD-611C2E51402A}) (Version: 14.0 - StataCorp LP)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Validity Sensors software (HKLM\...\{F65B8208-5221-43D9-AA12-DDEA64EC4AF6}) (Version: 2.8.120 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4260271641-664959227-3636034554-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03CA8F5A-3649-4F2E-B26C-8DAD6A01311B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {07243F2D-D6AC-4AE2-B315-0D83628CEFCA} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {119785F1-27BC-4DF4-B2D3-3A3E6948D1FB} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {1269B979-F74B-4F25-9BE4-B3D8FCB5F900} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {1380805F-C0EF-41BC-B758-0A50F7E4CA31} - System32\Tasks\{6807955D-95F5-4432-972F-8A436B89A6AE} => Firefox.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1618
Task: {141EA52B-83CA-49ED-956F-27902DDCF191} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {15D92E41-195B-464C-94DC-5D5E8F0ABEFE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {18124BA4-E7E8-4F68-A917-AA0648ECE488} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {24353665-E677-4B44-A4AF-8B43E9AFA27B} - System32\Tasks\{348F62FF-81FD-4927-A6C2-B88232295883} => pcalua.exe -a C:\Users\Nutzername\Sonstiges\Desktop\upd-PCL6-X64-5.2.5.9108.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {24BDB1F1-5DF8-47A8-9898-033718EAE188} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-07-23] (CyberLink Corp.)
Task: {24CE9859-9E31-4F14-AB7D-31BEA8FC4B73} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2DE22C3F-D851-43FB-B607-17FD9473FBAE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {33B7F09B-9609-4B56-91F5-49DB63646213} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {363FC26D-9BE6-4E59-8E7E-91B0F98C058A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {393DE3B3-7A10-4267-A734-AB843C647496} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {3D5898BF-D365-4D1E-9F9E-2E961AD95A8A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {3ED8AC47-53E0-4EF8-8098-32A341946282} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {470AE303-9ADC-42D4-97C7-08B11D8FA125} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {485AD369-0888-4F7E-831E-F230C9F86BA6} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {51B04E1E-12A5-4E26-A3F4-323AA0897BC1} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {523881B2-E01F-4F78-90EE-40371A936CBF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {5A286A29-191E-41B8-827A-4E3A9053A1DA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {5B2D1129-24A7-4E2C-ABF7-2817F0A57815} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {5F3CABBC-1CF5-4A35-84B6-8E2DA0CD18E6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {63FFFC44-24F0-4CF0-B966-AFAD97999D11} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {784A2529-2D4F-4F7C-89BA-A16490D2592A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {784DF3E2-0271-4249-B593-CC124440DCB6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {7E92F694-84EE-4862-ADCF-34825814C406} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2014-08-19] (Microsoft)
Task: {8CF59252-E2D5-404D-928C-8DAB3AEAE1A1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-11] (AVAST Software)
Task: {950473DE-7D6A-4CC4-82DA-CCC8C490C8CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-08-19] (Microsoft)
Task: {A5635BCB-B3B9-4BB3-B1B1-91804573F1BB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A73CA112-7AB0-4977-A61E-B85E6DF07A0C} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {A7F173AE-0806-423B-B924-77736D5889FC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {AA7B4FEA-CFB4-412E-B91E-5E8CDC07E40B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {AD1CC11A-E89E-4939-897C-D3F6BB572143} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {AF78A064-FED2-4883-84F0-B14D2C241899} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B7850CF2-89E9-443B-8935-C084015F6D35} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {BD58FF06-FD2B-494B-991A-69BEFD6DFD96} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {BE370D5D-65D9-4F0E-B683-873F09DE03EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {C0B811C3-5631-4DC4-9B49-0C4172A74DC4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {C4EDF36A-AE55-4994-BEAB-D040FC332D7A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {CF256376-0909-40B7-86BE-891C217F3AFE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-10] (Microsoft Corporation)
Task: {D02CD671-903E-4352-AD86-2690A01D3328} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-4260271641-664959227-3636034554-1000
Task: {D8686914-D19C-44C2-98A4-B434C58B4242} - System32\Tasks\{0291DAD5-E7B8-40D2-9C0E-801870BB6F82} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {E395392D-551C-45DE-A777-CE4956116B6C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {E51DD0B3-6D31-4D87-9DF9-7E0EF495608F} - System32\Tasks\{0045FFD3-A467-4D80-9AF5-66B75135CC26} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {E6C59F4D-183D-40A5-B861-651EA1DAEA0A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {EA75D5B8-8509-401B-B377-BABB77D39E55} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {EB8B0B8D-A5C5-44F8-B13B-F5C177B642BF} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {ECD172F6-5E76-451C-BE64-33B77D1585E2} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29] (Adobe Systems Incorporated)
Task: {F41A09EB-6007-4680-A529-31A5D3905EE5} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {F95F4C9D-5A93-4C60-ABE4-FED84F1CCC56} - System32\Tasks\Hewlett-Packard\HP Support Assistant\GetAssistance Maintenance Events => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil.exe [2014-08-19] (Hewlett-Packard)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Nutzername\Desktop\age2.bat - Verknüpfung.lnk -> C:\Program Files (x86)\Microsoft Games\Age of Empires II\age2_x1\age2.bat.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-12-18 20:19 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 20:19 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-18 20:20 - 2015-12-07 04:37 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-18 20:19 - 2015-12-07 04:33 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-18 20:20 - 2015-12-07 04:34 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-18 20:20 - 2015-12-07 04:36 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-01-27 13:18 - 2015-01-27 13:18 - 02926800 _____ () C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
2015-12-17 07:55 - 2015-12-18 20:22 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-11 00:34 - 2015-12-11 00:34 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-11 00:34 - 2015-12-11 00:34 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-20 12:21 - 2015-12-20 12:21 - 02805760 _____ () C:\Program Files\AVAST Software\Avast\defs\15122000\algo.dll
2015-12-11 00:34 - 2015-12-11 00:34 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-21 09:37 - 2015-12-21 09:37 - 02805760 _____ () C:\Program Files\AVAST Software\Avast\defs\15122001\algo.dll
2016-01-03 19:55 - 2016-01-03 19:55 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\16010301\algo.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-12-11 00:34 - 2015-12-11 00:34 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-12-11 12:46 - 2015-10-31 01:59 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-11 12:46 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00022848 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00023352 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00042296 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd
2015-12-11 12:46 - 2015-10-31 01:59 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-11 12:46 - 2015-10-31 01:59 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-11 12:46 - 2015-10-31 01:59 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-11 12:46 - 2015-10-31 02:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2015-12-11 12:46 - 2015-10-31 01:59 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-11 12:46 - 2015-12-08 22:36 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-11 12:46 - 2015-10-31 01:59 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-11 12:46 - 2015-10-31 02:00 - 00109520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 01737032 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2015-12-11 12:46 - 2015-10-31 02:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-11 12:46 - 2015-10-31 02:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-11 12:46 - 2015-10-31 02:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00021320 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-11 12:46 - 2015-10-31 02:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2015-12-11 12:46 - 2015-10-31 02:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-11 12:46 - 2015-10-31 02:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-11 12:46 - 2015-10-31 02:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-11 12:46 - 2015-10-31 02:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-11 12:46 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-11 12:46 - 2015-10-31 02:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2015-12-11 12:46 - 2015-10-31 02:00 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2015-12-11 12:46 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2015-10-05 13:55 - 2015-11-05 01:04 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2015-12-11 12:46 - 2015-12-08 22:36 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-11 12:46 - 2015-10-31 01:59 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2015-12-11 12:46 - 2015-10-31 01:59 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2015-12-11 12:46 - 2015-10-31 02:00 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00021304 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd
2015-12-11 12:46 - 2015-10-31 02:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2015-12-11 12:46 - 2015-12-08 22:36 - 01826608 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-11 12:46 - 2015-10-31 02:00 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 03891504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 01950000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00519984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00133936 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00225080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00486704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2015-12-11 12:46 - 2015-12-08 22:36 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-06-17 08:01 - 2015-10-31 02:01 - 00019920 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-06-17 08:00 - 2015-10-31 02:00 - 00786904 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-01 07:11 - 2015-10-31 02:00 - 00063448 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-17 08:01 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-12-17 07:55 - 2015-12-18 20:22 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-12-17 07:55 - 2015-12-18 20:22 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-12-17 08:29 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-17 08:29 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4260271641-664959227-3636034554-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Nutzername\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Nutzername\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-4260271641-664959227-3636034554-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\System32\oobe\info\backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: HPADVISOR => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Java\jre6\bin\jusched.exe"
HKLM\...\StartupApproved\Run: => "Zune Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "WirelessAssistant"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\StartupApproved\StartupFolder: => "OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\StartupApproved\Run: => "HP Photosmart 7520 series (NET)"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "HP Photosmart 7520 series (NET)"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5BEC662C-4B51-40CC-9656-AC191EA35BC4}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{FC31921F-1262-46F2-9DE9-62B33658EF36}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{34A2B52C-3F8B-482E-B73A-FB5601DFCCF9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{21FDCCDA-F728-4393-B96B-CE49B0CA12E9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{19954ABB-FF97-43F2-822B-6A7D7C4B0803}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{882178B3-237F-4B29-9956-1EB688A946BC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E161262F-1A93-46F1-BCC5-C3BA75209B84}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9C271B71-546C-4A40-BAB9-9C6676727CA2}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{59726D15-235B-4895-A9ED-ABC87A53DB40}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{A25EBB2A-FFE9-4575-8AF6-6E28C881F1E4}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\DeviceSetup.exe
FirewallRules: [{15322E5B-8DDB-4B4B-B6B3-EA39A27BE34C}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\SendAFax.exe
FirewallRules: [{DE3560A6-0A15-4197-A25B-D491D70D2C19}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\DigitalWizards.exe
FirewallRules: [{4D3F0424-40DD-4FA2-8261-A5B161896B6F}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\FaxApplications.exe
FirewallRules: [{771CE044-51C7-42E8-AE49-4E7600AFB1E6}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{E193D1C3-A53F-433F-8699-540BD59DD352}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{F447CE99-386B-4D17-B876-1F0EA7DD755B}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{4DF9E9FA-5E7E-4385-97DC-4A596373AEAF}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{A0CA4456-4F74-483D-8FD5-E19FF88C2F1B}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{62757205-C62A-42A5-A00D-87345EE3707B}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{5BF8CB5E-8C90-4BFC-A62B-55A5CA634A32}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{4C4F8715-E4DD-4520-9B90-2D6CD5203BC7}] => (Allow) svchost.exe
FirewallRules: [TCP Query User{ACF4F0EE-BB24-40D3-A14E-6DB19A2023CB}C:\program files (x86)\microsoft games\age of empires iii\age3y.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires iii\age3y.exe
FirewallRules: [UDP Query User{855555CC-D66A-4261-9AF5-1BBD0DCB6575}C:\program files (x86)\microsoft games\age of empires iii\age3y.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires iii\age3y.exe
FirewallRules: [{8CFBC067-BE73-4873-A62B-5B5DFE372067}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{F53F9400-1E23-401B-861E-30827951328F}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{2DFF6612-94E2-4760-9E8A-7E4243256643}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{6F21A671-E94E-4D45-9C86-3B8001DDF5B4}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{15114B0A-9EAC-4061-BD64-7420DAD53C40}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{ABBD55D8-979C-4A93-B197-AD85174FD6BC}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{4E9D2DBB-6117-47A1-A538-F731B31FAF23}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{9FE0A0E7-B094-43C9-B883-04283D4936A6}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{4008FEEF-A69E-45F5-9015-B5F71998ABEF}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{B66878B1-EBBA-4414-B103-37520989CF43}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{86FBB7F7-9CD8-4D08-92BF-5E46802020C5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6CCFBC0B-FD08-45E7-821F-1CDDF36FB0B3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D621832C-F058-4A06-9A0C-4968365A1885}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{D1C5D875-CD90-48DE-A0C1-27E1E55AA39E}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [UDP Query User{B3D92DC9-5AB0-4B71-846C-1F2A5D7C0707}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [TCP Query User{EF1F6B11-96F3-42EE-9769-5C7D8BE658E1}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Block) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [UDP Query User{B875AF11-FCF8-4333-831C-1DD00DACF79C}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Block) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [TCP Query User{1388A0EB-DA55-46A1-8CA4-9AC003461955}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{FF853FEF-B28F-4324-A129-148B2D633DAE}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{7E97AAAA-74DD-43F3-BF77-67ACEE88AFE0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8088293F-C0D4-4766-A31F-6EA3D2513FEF}] => (Allow) LPort=2869
FirewallRules: [{A1382CC5-F399-422C-8664-30D2C2EBD636}] => (Allow) LPort=1900
FirewallRules: [{0E6D1ECA-9575-44E6-80DA-E5F7AD9F4273}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{C97BFC02-898C-4D59-9FF1-37D010CA27CB}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{CC81A614-D3C4-44C8-83C6-D12C55899667}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [{FDC2F744-B084-4675-844C-FD95B53F045F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D0568165-4EBF-42CA-8F63-7EF40FF74FB9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{FAD7DBEE-2A04-4FBF-A860-819E6AFB2904}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E606FCB2-83EC-455A-965B-24EC5B4E1559}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{8CD4BE3E-D8BE-496D-A180-52A2D8D6881B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E8F6067D-9EB4-4B5E-B37F-F46D97140A9E}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe

==================== Wiederherstellungspunkte =========================

22-12-2015 10:20:56 Windows Update
25-12-2015 13:04:29 Windows Update
27-12-2015 19:03:21 Windows-Sicherung
31-12-2015 09:45:07 Windows Update
03-01-2016 19:00:48 Windows-Sicherung

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/04/2016 09:30:34 AM) (Source: Outlook) (EventID: 27) (User: )
Description: OAB (Offline Address Book) files are invalid. Replaced with stub. (Last errors in event data).

Error: (01/03/2016 08:15:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/03/2016 07:21:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/03/2016 07:21:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/03/2016 07:21:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/03/2016 07:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/03/2016 07:00:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/03/2016 08:08:14 AM) (Source: Outlook) (EventID: 27) (User: )
Description: OAB (Offline Address Book) files are invalid. Replaced with stub. (Last errors in event data).

Error: (01/01/2016 06:41:49 PM) (Source: Outlook) (EventID: 27) (User: )
Description: OAB (Offline Address Book) files are invalid. Replaced with stub. (Last errors in event data).

Error: (12/31/2015 12:11:58 PM) (Source: Outlook) (EventID: 27) (User: )
Description: OAB (Offline Address Book) files are invalid. Replaced with stub. (Last errors in event data).


Systemfehler:
=============
Error: (01/04/2016 09:01:14 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (01/04/2016 02:35:10 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_1097115c erreicht.

Error: (01/04/2016 02:35:10 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _1097115c erreicht.

Error: (01/04/2016 02:35:10 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Benutzerdatenspeicher _1097115c" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (01/04/2016 02:35:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_1097115c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/04/2016 02:35:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _1097115c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/04/2016 02:35:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_1097115c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/04/2016 02:34:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1097115c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/04/2016 02:34:58 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/04/2016 01:03:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070490 fehlgeschlagen: Hewlett-Packard  - Imaging, Other hardware - Null Fax - HP Photosmart 7520 series


CodeIntegrity:
===================================
  Date: 2015-12-30 13:24:38.660
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-21 09:37:10.552
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-19 10:36:19.339
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-17 07:50:21.908
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-12 04:43:03.963
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-12 04:39:11.950
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-12 04:08:19.510
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz
Prozentuale Nutzung des RAM: 60%
Installierter physikalischer RAM: 4063.18 MB
Verfügbarer physikalischer RAM: 1586.96 MB
Summe virtueller Speicher: 8159.18 MB
Verfügbarer virtueller Speicher: 4825.86 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:675.96 GB) (Free:484.18 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (RECOVERY) (Fixed) (Total:21.4 GB) (Free:9.44 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (WD SmartWare) (CDROM) (Total:0.63 GB) (Free:0 GB) UDF
Drive g: (My Passport) (Fixed) (Total:465.11 GB) (Free:39.95 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 9CB79060)
Partition 1: (Active) - (Size=455 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=676 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=849 MB) - (Type=27)
Partition 4: (Not Active) - (Size=21.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.1 GB) (Disk ID: 00021968)
Partition 1: (Not Active) - (Size=465.1 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Liebe Grüsse
Gnuschperli
__________________

Alt 04.01.2016, 12:15   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10: Firefox öffnet automatisch Tab mit Werbeseite - Standard

Windows 10: Firefox öffnet automatisch Tab mit Werbeseite



Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Zitat:
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
Von Avast kann man nur dringend abraten. Der in Windows 10 vorhandene Windows Defender ist als vollwertiger Virenscanner schon völlig ok.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.01.2016, 12:25   #5
Gnuschperli
 
Windows 10: Firefox öffnet automatisch Tab mit Werbeseite - Standard

Windows 10: Firefox öffnet automatisch Tab mit Werbeseite



Ich hatte in den letzten 7 Tagen keine Funde.

Ich habe nach dem Vorfall mit TDSS und Mbam gescannt. Reports kommen gleich.


TDSS (Teil 1)
Code:
ATTFilter
10:09:58.0027 0x1ea0  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
10:10:17.0244 0x1ea0  ============================================================
10:10:17.0244 0x1ea0  Current date / time: 2016/01/04 10:10:17.0244
10:10:17.0244 0x1ea0  SystemInfo:
10:10:17.0244 0x1ea0  
10:10:17.0244 0x1ea0  OS Version: 10.0.10586 ServicePack: 0.0
10:10:17.0244 0x1ea0  Product type: Workstation
10:10:17.0244 0x1ea0  ComputerName: Nutzername-PC
10:10:17.0245 0x1ea0  UserName: Nutzername
10:10:17.0245 0x1ea0  Windows directory: C:\WINDOWS
10:10:17.0245 0x1ea0  System windows directory: C:\WINDOWS
10:10:17.0245 0x1ea0  Running under WOW64
10:10:17.0245 0x1ea0  Processor architecture: Intel x64
10:10:17.0245 0x1ea0  Number of processors: 2
10:10:17.0245 0x1ea0  Page size: 0x1000
10:10:17.0245 0x1ea0  Boot type: Normal boot
10:10:17.0245 0x1ea0  ============================================================
10:10:17.0879 0x1ea0  KLMD registered as C:\WINDOWS\system32\drivers\98416047.sys
10:10:18.0468 0x1ea0  System UUID: {54F8BF24-FF03-6C8D-68ED-9B4A0DC86926}
10:10:19.0432 0x1ea0  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:10:19.0452 0x1ea0  Drive \Device\Harddisk1\DR1 - Size: 0x7446E00000 ( 465.11 Gb ), SectorSize: 0x200, Cylinders: 0xED2B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:10:19.0454 0x1ea0  ============================================================
10:10:19.0454 0x1ea0  \Device\Harddisk0\DR0:
10:10:19.0454 0x1ea0  MBR partitions:
10:10:19.0454 0x1ea0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE3800
10:10:19.0454 0x1ea0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xE4000, BlocksNum 0x547EBF14
10:10:19.0454 0x1ea0  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x54A78800, BlocksNum 0x2ACD6F0
10:10:19.0454 0x1ea0  \Device\Harddisk1\DR1:
10:10:19.0454 0x1ea0  MBR partitions:
10:10:19.0454 0x1ea0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A236800
10:10:19.0454 0x1ea0  ============================================================
10:10:19.0486 0x1ea0  C: <-> \Device\Harddisk0\DR0\Partition2
10:10:19.0532 0x1ea0  D: <-> \Device\Harddisk0\DR0\Partition3
10:10:19.0832 0x1ea0  G: <-> \Device\Harddisk1\DR1\Partition1
10:10:19.0832 0x1ea0  ============================================================
10:10:19.0832 0x1ea0  Initialize success
10:10:19.0832 0x1ea0  ============================================================
10:10:53.0958 0x1920  ============================================================
10:10:53.0958 0x1920  Scan started
10:10:53.0958 0x1920  Mode: Manual; SigCheck; TDLFS; 
10:10:53.0958 0x1920  ============================================================
10:10:53.0958 0x1920  KSN ping started
10:10:54.0105 0x1920  KSN ping finished: true
10:10:58.0112 0x1920  ================ Scan system memory ========================
10:10:58.0112 0x1920  System memory - ok
10:10:58.0112 0x1920  ================ Scan services =============================
10:10:58.0297 0x1920  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
10:10:58.0502 0x1920  1394ohci - ok
10:10:58.0533 0x1920  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
10:10:58.0638 0x1920  3ware - ok
10:10:58.0676 0x1920  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer   C:\WINDOWS\system32\DRIVERS\Accelerometer.sys
10:10:58.0738 0x1920  Accelerometer - ok
10:10:58.0791 0x1920  [ 6B6C39AB2CD7BEB6CFF624522E5449DE, 740D99D2C525FB4F81FB2754281CECEA5FF13DD2120081306728FE33859F28F2 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
10:10:58.0876 0x1920  ACPI - ok
10:10:58.0907 0x1920  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
10:10:58.0976 0x1920  acpiex - ok
10:10:59.0008 0x1920  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
10:10:59.0071 0x1920  acpipagr - ok
10:10:59.0092 0x1920  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
10:10:59.0192 0x1920  AcpiPmi - ok
10:10:59.0224 0x1920  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
10:10:59.0294 0x1920  acpitime - ok
10:10:59.0377 0x1920  [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:10:59.0393 0x1920  AdobeARMservice - ok
10:10:59.0608 0x1920  [ C3E7E1F3C85A6788F3BA078BA214341E, A3D72ACE045730DC1C8A6F4E3937C5C765AB447BF7C573BEC53DE8148EB4A1C8 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:10:59.0617 0x1920  AdobeFlashPlayerUpdateSvc - ok
10:10:59.0708 0x1920  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
10:10:59.0831 0x1920  ADP80XX - ok
10:10:59.0940 0x1920  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_960c1f056a541068\AESTSr64.exe
10:10:59.0993 0x1920  AESTFilters - ok
10:11:00.0024 0x1920  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
10:11:00.0141 0x1920  AFD - ok
10:11:00.0178 0x1920  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
10:11:00.0240 0x1920  agp440 - ok
10:11:00.0280 0x1920  [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
10:11:00.0378 0x1920  ahcache - ok
10:11:00.0409 0x1920  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
10:11:00.0441 0x1920  AJRouter - ok
10:11:00.0478 0x1920  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG             C:\WINDOWS\System32\alg.exe
10:11:00.0509 0x1920  ALG - ok
10:11:00.0540 0x1920  [ 7FE59496114A48A64E98E3218664A3E6, 1C11EE3686CB7F57783A5A5F56CCED71F61A46B26B0F4C4D04B1B37E8AC5A7D1 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
10:11:00.0593 0x1920  AMD External Events Utility - ok
10:11:00.0673 0x1920  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
10:11:00.0740 0x1920  AmdK8 - ok
10:11:01.0205 0x1920  [ E66C25946B3D9268D8E10D3769CF4719, C273A59D3A29549E3C8BBF896015CA0E5D64A4ECCD6C2FF360927773DA736022 ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
10:11:01.0858 0x1920  amdkmdag - ok
10:11:01.0927 0x1920  [ D1D66D1D42E53B53AFC7598058E71796, 12A1C8D895891F89745493091174D3FF5A9953F21427E7E1BE1120DA762E0CBD ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
10:11:01.0980 0x1920  amdkmdap - ok
10:11:02.0011 0x1920  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
10:11:02.0079 0x1920  AmdPPM - ok
10:11:02.0126 0x1920  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
10:11:02.0180 0x1920  amdsata - ok
10:11:02.0211 0x1920  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
10:11:02.0258 0x1920  amdsbs - ok
10:11:02.0296 0x1920  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
10:11:02.0343 0x1920  amdxata - ok
10:11:02.0358 0x1920  [ 2BBD3A492B93C7E669D01EE88977D7DE, 311EA890E555E144F4B0DDC3112B2EB5CB848DEA4F33A300942494D8989473E0 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
10:11:02.0412 0x1920  AppID - ok
10:11:02.0459 0x1920  [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
10:11:02.0496 0x1920  AppIDSvc - ok
10:11:02.0527 0x1920  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
10:11:02.0558 0x1920  Appinfo - ok
10:11:02.0643 0x1920  [ BB6093AD659360CB350F4E84B445F36D, 16E16AD8E58C3777E2C858C8223BEB3CC9999E6FDCD23A0013C39AAADC54193C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:11:02.0643 0x1920  Apple Mobile Device - ok
10:11:02.0681 0x1920  [ B4AE5296C9597F45E1CFE0B1DBE7739E, C9DCA8EF32720D68119CC23DF4BCD783FFB5F999D14EDCC7937D17C590323B4B ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
10:11:02.0728 0x1920  AppMgmt - ok
10:11:02.0743 0x2710  Object required for P2P: [ C3E7E1F3C85A6788F3BA078BA214341E ] AdobeFlashPlayerUpdateSvc
10:11:02.0781 0x1920  [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
10:11:02.0843 0x1920  AppReadiness - ok
10:11:02.0927 0x1920  [ BF58041024FEF96B48F7D691003B4BCB, FAD25702256AA8E668F082E16C2C05FD7FA907DCA88787BF36121D1B073350C9 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
10:11:02.0959 0x2710  Object send P2P result: true
10:11:03.0059 0x1920  AppXSvc - ok
10:11:03.0097 0x1920  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
10:11:03.0181 0x1920  arcsas - ok
10:11:03.0197 0x1920  [ 7BC1F2FC2A9D79E1EBBBF6D69AC3BA1F, 236265BE3F1B2130025A3A10152893BD0D18AD8965732361058B775F010539A2 ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
10:11:03.0244 0x1920  aswHwid - ok
10:11:03.0281 0x1920  [ 68E76C1675AC171A84F5B7230652E19D, A707A4E51110B15FF7D73C95D4D9C1E457FC9D93E1479BDB67EBDDDD6AC28D8E ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
10:11:03.0328 0x1920  aswMonFlt - ok
10:11:03.0344 0x1920  [ 2D6B49A071216796106E7804AB2BA7DC, 6A58A3B36EA05A24333482F87CFD315F73E56A64E46493E82E0FE9115E284168 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
10:11:03.0382 0x1920  aswRdr - ok
10:11:03.0429 0x1920  [ E46B51C99BB750A81AC6A68362475A5C, 2A61C09902B39696D151B9D5E6A60FFC3CF3EA02613EC64BBAB4DEE3C78838E2 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
10:11:03.0482 0x1920  aswRvrt - ok
10:11:03.0544 0x1920  [ A428CC308673A5E74F91D92E4A2B205D, 0A768AA4BD1CD22B5181EDA692F7CB9A43F627BB4FFEEFBB8CBC77A45107A443 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
10:11:03.0629 0x1920  aswSnx - ok
10:11:03.0682 0x1920  [ C24A42A7689DB63EEF157797AA7012B5, AC25AFAD13E59DFBF68B9F9B9527F266F4671A5E0A1F04D9EA71D36C00AC21E9 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
10:11:03.0745 0x1920  aswSP - ok
10:11:03.0782 0x1920  [ D9079E1A1C2A1F8ED5F37AF8E6CD3161, 629E3A642C5E3BEA65CDD2E08CAD69F9649A98BDA906678B51D3D2C9DB5BB253 ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
10:11:03.0798 0x1920  aswStm - ok
10:11:03.0829 0x1920  [ 3BEC32A0B646D914921FD56AA39998C1, 8DB7CBF3DEF8EAE1D7D28C38B3A0FCD5C2A04D772078B907F35C66451355A04A ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
10:11:03.0882 0x1920  aswVmm - ok
10:11:03.0914 0x1920  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
10:11:03.0998 0x1920  AsyncMac - ok
10:11:04.0030 0x1920  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
10:11:04.0079 0x1920  atapi - ok
10:11:04.0098 0x1920  [ 04A5815DF7E8B037DF674D3CCACC0C31, BC49D6C135C50254BF952B790046BE364DFDDA786F1EACEE4CC8880B764B7A92 ] AtiHdmiService  C:\WINDOWS\system32\drivers\AtiHdmi.sys
10:11:04.0161 0x1920  AtiHdmiService - ok
10:11:04.0198 0x1920  [ 890BF20BDF500E4E84720EA84448EDDF, EF5EECA20FFB6B78277CE551877479DB79E91DB23B46530C1D0E746F0F51FBBF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
10:11:04.0245 0x1920  AudioEndpointBuilder - ok
10:11:04.0298 0x1920  [ FAC1E762CB49992381691B00D2069B3E, 9973814BB259A370E6A17EDFB785CED9C634721E6D6FE069667B669AE60EB5F6 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
10:11:04.0361 0x1920  Audiosrv - ok
10:11:04.0431 0x1920  [ F5CB8703A4F51EE30E5C090C78073AA4, 90683F39E9AA315FFB66A9F014AD1BEBF19EA62908247C133455815F6632E578 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:11:04.0446 0x1920  avast! Antivirus - ok
10:11:04.0486 0x1920  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
10:11:04.0517 0x1920  AxInstSV - ok
10:11:04.0564 0x1920  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
10:11:04.0664 0x1920  b06bdrv - ok
10:11:04.0685 0x1920  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
10:11:04.0784 0x1920  BasicDisplay - ok
10:11:04.0802 0x1920  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
10:11:04.0849 0x1920  BasicRender - ok
10:11:04.0904 0x1920  [ F8FE7E12F8151E0A17C23CF840599F9A, 5D1AA3A5DAC08B521A7BE775F32434AFF1F5F19B69CD16D2D94B0D399E61C371 ] bcbtums         C:\WINDOWS\system32\drivers\bcbtums.sys
10:11:04.0920 0x1920  bcbtums - ok
10:11:05.0088 0x1920  [ 34CFED0DFCC0FECF4B5F817D54904E9B, 388107153B70C3107CE2DB72E319A15EF78A6BE776D155F5ECE9F9A64A3B8814 ] BCM43XX         C:\WINDOWS\System32\drivers\bcmwl63al.sys
10:11:05.0480 0x1920  BCM43XX - ok
10:11:05.0580 0x1920  [ ACB44407FF63C3A5A22AB5782F209604, 86BE221F07EB49D2149710CCCE4F0C24677560FEFD41F093C6D2BA0C962CF5C3 ] BcmBtRSupport   C:\WINDOWS\system32\BtwRSupportService.exe
10:11:05.0680 0x1920  BcmBtRSupport - ok
10:11:05.0696 0x1920  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
10:11:05.0727 0x1920  bcmfn - ok
10:11:05.0746 0x1920  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
10:11:05.0796 0x1920  bcmfn2 - ok
10:11:05.0847 0x1920  [ F8F398A4AF7E0917320BC2B2CD812888, 02B9A6EA0AA750CA9B62AB09E99956C35E252A12B22C2CBFDC4E941ED5870591 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
10:11:05.0896 0x1920  BDESVC - ok
10:11:05.0912 0x1920  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:11:05.0981 0x1920  Beep - ok
10:11:06.0027 0x1920  [ 8EA08141590CB9331FA773FB430E91E4, 0507499EF423CC9EE9AC18C2B5CBF9965E69481C69DC96E361C2184C53C3F404 ] BFE             C:\WINDOWS\System32\bfe.dll
10:11:06.0096 0x1920  BFE - ok
10:11:06.0165 0x1920  [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS            C:\WINDOWS\System32\qmgr.dll
10:11:06.0250 0x1920  BITS - ok
10:11:06.0297 0x1920  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:11:06.0312 0x1920  Bonjour Service - ok
10:11:06.0350 0x1920  [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
10:11:06.0413 0x1920  bowser - ok
10:11:06.0466 0x1920  [ 62C0D7CD771F26198F76F56B81D8A5B5, 3505DA8B68486D393BF7DCE5F463EA7F88387E6F06BC8175F3514BD6AFE25C37 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
10:11:06.0529 0x1920  BrokerInfrastructure - ok
10:11:06.0550 0x1920  [ DA4C9335434E71D6CC86A3CA567769CC, 9FE5EE3CC91CADBF952446E0A9A79A8834B03C8D4C47D6E9257AF64B2C17F518 ] Browser         C:\WINDOWS\System32\browser.dll
10:11:06.0582 0x1920  Browser - ok
10:11:06.0597 0x1920  [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
10:11:06.0647 0x1920  BthAvrcpTg - ok
10:11:06.0651 0x1920  [ 7F2165B51C19A5F59BCA94E0A1B1E0D3, 09F0A23554761C5559BED50941BCC40519F88003B6D655527F514D5F9D4CB469 ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
10:11:06.0752 0x1920  BthEnum - ok
10:11:06.0767 0x1920  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
10:11:06.0830 0x1920  BthHFEnum - ok
10:11:06.0851 0x1920  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
10:11:06.0914 0x1920  bthhfhid - ok
10:11:06.0956 0x1920  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
10:11:07.0003 0x1920  BthHFSrv - ok
10:11:07.0034 0x1920  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
10:11:07.0103 0x1920  BTHMODEM - ok
10:11:07.0134 0x1920  [ 09C3DB1B137B269A822F941D867A6BB6, CC99FBD76DA19D951864D4967EA9F3C048811E9BB7BBB67B724FC82A50B14516 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
10:11:07.0203 0x1920  BthPan - ok
10:11:07.0257 0x1920  [ 6D75ECFB3891B61B81225F36A0C408B8, F0A08B40DBED7CB134671AA01AB0E5EEB7B1FE31331C857616E0204A3C8F08ED ] BTHPORT         C:\WINDOWS\system32\DRIVERS\BTHport.sys
10:11:07.0388 0x1920  BTHPORT - ok
10:11:07.0435 0x1920  [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv         C:\WINDOWS\system32\bthserv.dll
10:11:07.0457 0x1920  bthserv - ok
10:11:07.0472 0x1920  [ F001B81D47CEBF96E60CE971FFCC45C4, EE419B557C52B0F1704B5D58E7FA9A996B33E78CC02EA4CA1D28CAB8CFD77D95 ] BTHUSB          C:\WINDOWS\system32\DRIVERS\BTHUSB.sys
10:11:07.0519 0x1920  BTHUSB - ok
10:11:07.0554 0x1920  [ BC279FCEE9FC8CBF991D5DE539771AA9, 5DE007672BFBFA78C44CC08251F495420402AFF4AD01541AA84AD37BD4A58190 ] btwampfl        C:\WINDOWS\system32\DRIVERS\btwampfl.sys
10:11:07.0619 0x1920  btwampfl - ok
10:11:07.0634 0x1920  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
10:11:07.0703 0x1920  buttonconverter - ok
10:11:07.0756 0x1920  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
10:11:07.0819 0x1920  CapImg - ok
10:11:07.0857 0x1920  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
10:11:07.0904 0x1920  cdfs - ok
10:11:07.0957 0x1920  [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
10:11:08.0004 0x1920  CDPSvc - ok
10:11:08.0035 0x1920  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
10:11:08.0104 0x1920  cdrom - ok
10:11:08.0135 0x1920  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
10:11:08.0158 0x1920  CertPropSvc - ok
10:11:08.0189 0x1920  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
10:11:08.0236 0x1920  circlass - ok
10:11:08.0278 0x1920  [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
10:11:08.0358 0x1920  CLFS - ok
10:11:08.0405 0x1920  [ BE10905777246CA6AA74F48FE9236517, D51B13FB176D82665C91B59B3C6E229CE746E20ED1BB20DADF6184C7A29E69AF ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
10:11:08.0436 0x1920  ClipSVC - ok
10:11:08.0474 0x1920  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
10:11:08.0559 0x1920  CmBatt - ok
10:11:08.0606 0x1920  [ 80977779A19947939D680A4899E829EC, 6D510B1EFA39D79D0A8B3CD4F00937A4DDC1411664B001D4ABC546C98345F630 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
10:11:08.0721 0x1920  CNG - ok
10:11:08.0737 0x1920  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
10:11:08.0791 0x1920  cnghwassist - ok
10:11:08.0859 0x1920  [ F9A79C5B27037821112C50A9C8FB367A, D9990AE1A0CA767E54C9D3FD2C6EA2A068DFD5A270102E915F71648A0C59097B ] Com4QLBEx       C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
10:11:08.0875 0x1920  Com4QLBEx - ok
10:11:08.0921 0x1920  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
10:11:09.0037 0x1920  CompositeBus - ok
10:11:09.0037 0x1920  COMSysApp - ok
10:11:09.0091 0x1920  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
10:11:09.0159 0x1920  condrv - ok
10:11:09.0221 0x1920  [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
10:11:09.0273 0x1920  CoreMessagingRegistrar - ok
10:11:09.0352 0x1920  [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
10:11:09.0388 0x1920  CryptSvc - ok
10:11:09.0435 0x1920  [ 5D578EAAFB6FD4F59523E5878B541296, 73573124787B79179880AFAF9CB8427237A1605A9F13D7783228DE24D18963C0 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
10:11:09.0538 0x1920  CSC - ok
10:11:09.0583 0x1920  [ 5F07CCEE514894C9474AEDCA50B6C2C7, 38F54897C91A2E7D80D00852CEB173B26E822D7C68F35D31228245F811E028A8 ] CscService      C:\WINDOWS\System32\cscsvc.dll
10:11:09.0646 0x1920  CscService - ok
10:11:09.0660 0x1920  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam             C:\WINDOWS\system32\drivers\dam.sys
10:11:09.0707 0x1920  dam - ok
10:11:09.0760 0x1920  dbupdate - ok
10:11:09.0760 0x1920  dbupdatem - ok
10:11:09.0822 0x1920  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:11:09.0907 0x1920  DcomLaunch - ok
10:11:09.0939 0x1920  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
10:11:09.0980 0x1920  DcpSvc - ok
10:11:10.0127 0x1920  [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
10:11:10.0181 0x1920  defragsvc - ok
10:11:10.0228 0x1920  [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
10:11:10.0292 0x1920  DeviceAssociationService - ok
10:11:10.0323 0x1920  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
10:11:10.0363 0x1920  DeviceInstall - ok
10:11:10.0366 0x1920  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
10:11:10.0413 0x1920  DevQueryBroker - ok
10:11:10.0444 0x1920  [ C9478D7DB7BE5D7ACE65CB1167F07320, D5082D09EE62E34A195768040B741E22ACC9421CFF315423D77A63ABF8F5E39E ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
10:11:10.0498 0x1920  Dfsc - ok
10:11:10.0529 0x1920  [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
10:11:10.0567 0x1920  Dhcp - ok
10:11:10.0629 0x1920  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
10:11:10.0645 0x1920  diagnosticshub.standardcollector.service - ok
10:11:10.0714 0x1920  [ 7AE76C7BC60B53999AD07F6A8AFF15C0, 8DC5DA1FAE508D03433C051C877657038BA346707D37FDBC2FE74B4C1F3509A0 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
10:11:10.0798 0x1920  DiagTrack - ok
10:11:10.0814 0x1920  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\WINDOWS\system32\drivers\disk.sys
10:11:10.0867 0x1920  disk - ok
10:11:10.0914 0x1920  [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
10:11:10.0966 0x1920  DmEnrollmentSvc - ok
10:11:10.0998 0x1920  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
10:11:11.0045 0x1920  dmvsc - ok
10:11:11.0072 0x1920  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
10:11:11.0103 0x1920  dmwappushservice - ok
10:11:11.0135 0x1920  [ 570BB222E3AFC4407636B53F6EABFA70, D0194A128370BB0A337B61402F9EEDD6F7942ADB19BF672D0F92DA2DA563D0DD ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:11:11.0172 0x1920  Dnscache - ok
10:11:11.0188 0x1920  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
10:11:11.0235 0x1920  dot3svc - ok
10:11:11.0272 0x1920  [ C0AA415718DDD13A136E353844628A65, 7E2F2A139E897EAE56038B920BDA9381094BC0AE9E626F6634E6B444B8B0C91F ] dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys
10:11:11.0388 0x1920  dot4 - ok
10:11:11.0419 0x1920  [ CC88A1D8A39752859101ECCE1F1BC888, F21C1D478180BC5E932BB2C2E4618E3ED463CA87ACEDEB139682D218435F82F1 ] Dot4Print       C:\WINDOWS\System32\drivers\Dot4Prt.sys
10:11:11.0488 0x1920  Dot4Print - ok
10:11:11.0519 0x1920  [ 292ADB7C57B5457F18F2FC06934B0B40, 12FFDF5F48A79B1B4ADBB88BA2CB6C59DD6719554E8EA6BEEFE99B3E3C66F1AC ] dot4usb         C:\WINDOWS\system32\DRIVERS\dot4usb.sys
10:11:11.0551 0x1920  dot4usb - ok
10:11:11.0588 0x1920  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS             C:\WINDOWS\system32\dps.dll
10:11:11.0619 0x1920  DPS - ok
10:11:11.0668 0x1920  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
10:11:11.0712 0x1920  drmkaud - ok
10:11:11.0743 0x1920  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
10:11:11.0788 0x1920  DsmSvc - ok
10:11:11.0819 0x1920  [ 120BECF7452992DAEBD3878BFE5B2412, A1FE8FC039835A5B59ABD789F5C1BFEA2C091A29978CE386C9880E13178930E5 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
10:11:11.0851 0x1920  DsSvc - ok
10:11:11.0955 0x1920  [ A2512BC5F2ABD84D8B3CB0D76ADB749A, 14A1FBF606ED537B9E1B7A939C010A2BA9D609D147FB89AE52D116E59A21D99E ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
10:11:12.0120 0x1920  DXGKrnl - ok
10:11:12.0161 0x1920  [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
10:11:12.0191 0x1920  Eaphost - ok
10:11:12.0318 0x1920  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
10:11:12.0509 0x1920  ebdrv - ok
10:11:12.0556 0x1920  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS             C:\WINDOWS\System32\lsass.exe
10:11:12.0578 0x1920  EFS - ok
10:11:12.0609 0x1920  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
10:11:12.0671 0x1920  EhStorClass - ok
10:11:12.0683 0x1920  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
10:11:12.0746 0x1920  EhStorTcgDrv - ok
10:11:12.0794 0x1920  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
10:11:12.0825 0x1920  embeddedmode - ok
10:11:12.0856 0x1920  [ 524C79054636D2E5751169005006460B, 1EBA5972E13C5BB07BBD94D6647B86469B4910F60A3C8BDDC6BB5736EF99C9C3 ] enecir          C:\WINDOWS\system32\DRIVERS\enecir.sys
10:11:12.0924 0x1920  enecir - ok
10:11:12.0971 0x1920  [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
10:11:13.0009 0x1920  EntAppSvc - ok
10:11:13.0040 0x1920  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
10:11:13.0109 0x1920  ErrDev - ok
10:11:13.0178 0x1920  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem     C:\WINDOWS\system32\es.dll
10:11:13.0225 0x1920  EventSystem - ok
10:11:13.0257 0x1920  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
10:11:13.0341 0x1920  exfat - ok
10:11:13.0379 0x1920  [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
10:11:13.0457 0x1920  fastfat - ok
10:11:13.0509 0x1920  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax             C:\WINDOWS\system32\fxssvc.exe
10:11:13.0579 0x1920  Fax - ok
10:11:13.0594 0x1920  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
10:11:13.0657 0x1920  fdc - ok
10:11:13.0678 0x1920  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
10:11:13.0726 0x1920  fdPHost - ok
10:11:13.0741 0x1920  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
10:11:13.0779 0x1920  FDResPub - ok
10:11:13.0810 0x1920  [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
10:11:13.0842 0x1920  fhsvc - ok
10:11:13.0878 0x1920  [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
10:11:13.0925 0x1920  FileCrypt - ok
10:11:13.0957 0x1920  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
10:11:13.0979 0x1920  FileInfo - ok
10:11:13.0994 0x1920  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
10:11:14.0057 0x1920  Filetrace - ok
10:11:14.0079 0x1920  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
10:11:14.0126 0x1920  flpydisk - ok
10:11:14.0179 0x1920  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
10:11:14.0242 0x1920  FltMgr - ok
10:11:14.0314 0x1920  [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache       C:\WINDOWS\system32\FntCache.dll
10:11:14.0431 0x1920  FontCache - ok
10:11:14.0542 0x1920  [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:11:14.0585 0x1920  FontCache3.0.0.0 - ok
10:11:14.0631 0x1920  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
10:11:14.0682 0x1920  FsDepends - ok
10:11:14.0700 0x1920  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:11:14.0747 0x1920  Fs_Rec - ok
10:11:14.0785 0x1920  [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
10:11:14.0863 0x1920  fvevol - ok
10:11:14.0887 0x1920  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
10:11:14.0934 0x1920  gagp30kx - ok
10:11:14.0965 0x1920  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
10:11:15.0018 0x1920  GEARAspiWDM - ok
10:11:15.0034 0x1920  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
10:11:15.0103 0x1920  gencounter - ok
10:11:15.0134 0x1920  [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
10:11:15.0188 0x1920  genericusbfn - ok
10:11:15.0219 0x1920  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
10:11:15.0285 0x1920  GPIOClx0101 - ok
10:11:15.0350 0x1920  [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
10:11:15.0451 0x1920  gpsvc - ok
10:11:15.0506 0x1920  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
10:11:15.0569 0x1920  GpuEnergyDrv - ok
10:11:15.0621 0x1920  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:11:15.0637 0x1920  gupdate - ok
10:11:15.0653 0x1920  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:11:15.0668 0x1920  gupdatem - ok
10:11:15.0691 0x1920  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
10:11:15.0770 0x1920  HDAudBus - ok
10:11:15.0791 0x1920  [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
10:11:15.0854 0x1920  HidBatt - ok
10:11:15.0892 0x1920  [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
10:11:15.0955 0x1920  HidBth - ok
10:11:15.0970 0x1920  [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
10:11:16.0039 0x1920  hidi2c - ok
10:11:16.0070 0x1920  [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
10:11:16.0108 0x1920  hidinterrupt - ok
10:11:16.0124 0x1920  [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
10:11:16.0191 0x1920  HidIr - ok
10:11:16.0224 0x1920  [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv         C:\WINDOWS\system32\hidserv.dll
10:11:16.0255 0x1920  hidserv - ok
10:11:16.0295 0x1920  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
10:11:16.0342 0x1920  HidUsb - ok
10:11:16.0374 0x1920  [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
10:11:16.0427 0x1920  HomeGroupListener - ok
10:11:16.0458 0x1920  [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
10:11:16.0511 0x1920  HomeGroupProvider - ok
10:11:16.0543 0x1920  [ 2DFB151FD34DF104DAC0ADF070EDA83C, 8F127C7AAA2229FF1BD940274648EE84DB291B641390B1FA6B2DD9D8C8A9257A ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
10:11:16.0558 0x1920  HPDrvMntSvc.exe - ok
10:11:16.0592 0x1920  [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt        C:\WINDOWS\system32\DRIVERS\hpdskflt.sys
10:11:16.0627 0x1920  hpdskflt - ok
10:11:16.0674 0x1920  [ 184C500CB9F69585F3FE85E1D2667CD8, 188452FC824305F24F2021432DB4A9170F1F0DEEDF2245A16D01EF27511FD365 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
10:11:16.0696 0x1920  hpqwmiex - ok
10:11:16.0743 0x1920  [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
10:11:16.0812 0x1920  HpSAMD - ok
10:11:16.0843 0x1920  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv           C:\WINDOWS\system32\Hpservice.exe
10:11:16.0859 0x1920  hpsrv - ok
10:11:16.0928 0x1920  [ 595F362A7C2F64304EFC77C72E7B9F84, 9C68F14DDC738212C839038CA0909C8D124ABB93C202EAE124872203BB3AD4BF ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
10:11:16.0943 0x1920  HPSupportSolutionsFrameworkService - ok
10:11:16.0997 0x1920  [ A403DAE4B083EB96BC6CEDB47639B4F8, 6F5709CEA93789C075E4BE4041EC43C94910617DA4123DEE178E74E4A9B26708 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
10:11:17.0128 0x1920  HTTP - ok
10:11:17.0160 0x1920  [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
10:11:17.0228 0x1920  hwpolicy - ok
10:11:17.0259 0x1920  [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
10:11:17.0313 0x1920  hyperkbd - ok
10:11:17.0344 0x1920  [ 45E0F744B0887E2701B1C59DC86147EC, 04EB75A07B2949AB994F355BBEE33DE2069F94504D738DC7E66ABB1C9F1C31C8 ] i8042HDR        C:\WINDOWS\system32\DRIVERS\i8042HDR.sys
10:11:17.0398 0x1920  i8042HDR - ok
10:11:17.0429 0x1920  [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
10:11:17.0491 0x1920  i8042prt - ok
10:11:17.0529 0x1920  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
10:11:17.0576 0x1920  iai2c - ok
10:11:17.0614 0x1920  [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
10:11:17.0645 0x1920  iaLPSS2i_I2C - ok
10:11:17.0693 0x1920  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
10:11:17.0730 0x1920  iaLPSSi_GPIO - ok
10:11:17.0745 0x1920  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
10:11:17.0777 0x1920  iaLPSSi_I2C - ok
10:11:17.0815 0x1920  [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
10:11:17.0909 0x1920  iaStorAV - ok
10:11:17.0956 0x1920  [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
10:11:18.0031 0x1920  iaStorV - ok
10:11:18.0062 0x1920  [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
10:11:18.0131 0x1920  ibbus - ok
10:11:18.0196 0x1920  [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
10:11:18.0247 0x1920  icssvc - ok
10:11:18.0316 0x1920  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:11:18.0347 0x1920  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
10:11:18.0463 0x1920  Detect skipped due to KSN trusted
10:11:18.0463 0x1920  IDriverT - ok
10:11:18.0478 0x1920  IEEtwCollectorService - ok
10:11:18.0547 0x1920  [ 12F8D27ED8623DDDC09A549EDADCBAC9, D3A3F0588D9CAF1027D8BC14601E2A6AB7E5924A2C23C90D38A9E14538DB02A9 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
10:11:18.0647 0x1920  IKEEXT - ok
10:11:18.0663 0x1920  [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
10:11:18.0701 0x1920  intelide - ok
10:11:18.0716 0x1920  [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
10:11:18.0763 0x1920  intelpep - ok
10:11:18.0803 0x1920  [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
10:11:18.0865 0x1920  intelppm - ok
10:11:18.0881 0x1920  [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
10:11:18.0952 0x1920  IoQos - ok
10:11:18.0999 0x1920  [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:11:19.0075 0x1920  IpFilterDriver - ok
10:11:19.0151 0x1920  [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
10:11:19.0223 0x1920  iphlpsvc - ok
10:11:19.0257 0x1920  [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
10:11:19.0324 0x1920  IPMIDRV - ok
10:11:19.0355 0x1920  [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
10:11:19.0433 0x1920  IPNAT - ok
10:11:19.0524 0x1920  [ BD713ED20CFD71C32C4BE1928423AE9A, E0EE95FEA3930EA335D9B1FF74EEFAA61ECEC89AEBB1D0E43A1E1088F9990273 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:11:19.0555 0x1920  iPod Service - ok
10:11:19.0586 0x1920  [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
10:11:19.0656 0x1920  IRENUM - ok
10:11:19.0687 0x1920  [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
10:11:19.0725 0x1920  isapnp - ok
10:11:19.0772 0x1920  [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
10:11:19.0845 0x1920  iScsiPrt - ok
10:11:19.0876 0x1920  [ F8844B00C10E386C704C610E95A9847D, 3E3CFDDD0DD9E98542BAE07ED9CF922D98370C94BE364BA84F677EAA01ED775A ] JMCR            C:\WINDOWS\system32\DRIVERS\jmcr.sys
10:11:19.0961 0x1920  JMCR - ok
10:11:19.0992 0x1920  [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
10:11:20.0061 0x1920  kbdclass - ok
10:11:20.0092 0x1920  [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
10:11:20.0265 0x1920  kbdhid - ok
10:11:20.0296 0x1920  [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
10:11:20.0334 0x1920  kdnic - ok
10:11:20.0365 0x1920  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso          C:\WINDOWS\system32\lsass.exe
10:11:20.0396 0x1920  KeyIso - ok
10:11:20.0417 0x1920  [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
10:11:20.0464 0x1920  KSecDD - ok
10:11:20.0496 0x1920  [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
10:11:20.0549 0x1920  KSecPkg - ok
10:11:20.0649 0x1920  [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
10:11:20.0696 0x1920  ksthunk - ok
10:11:20.0737 0x1920  [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
10:11:20.0821 0x1920  KtmRm - ok
10:11:20.0853 0x1920  [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
10:11:20.0921 0x1920  LanmanServer - ok
10:11:20.0937 0x1920  [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
10:11:20.0984 0x1920  LanmanWorkstation - ok
10:11:21.0000 0x1920  [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
10:11:21.0037 0x1920  lfsvc - ok
10:11:21.0053 0x1920  [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
10:11:21.0100 0x1920  LicenseManager - ok
10:11:21.0122 0x1920  [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
10:11:21.0184 0x1920  lltdio - ok
10:11:21.0237 0x1920  [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
10:11:21.0268 0x1920  lltdsvc - ok
10:11:21.0316 0x1920  [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
10:11:21.0338 0x1920  lmhosts - ok
10:11:21.0369 0x1920  [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
10:11:21.0425 0x1920  LSI_SAS - ok
10:11:21.0457 0x1920  [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
10:11:21.0503 0x1920  LSI_SAS2i - ok
10:11:21.0525 0x1920  [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
10:11:21.0572 0x1920  LSI_SAS3i - ok
10:11:21.0603 0x1920  [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
10:11:21.0641 0x1920  LSI_SSS - ok
10:11:21.0714 0x1920  [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM             C:\WINDOWS\System32\lsm.dll
10:11:21.0793 0x1920  LSM - ok
10:11:21.0816 0x1920  [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
10:11:21.0893 0x1920  luafv - ok
10:11:21.0941 0x1920  [ 922CBAC7B992B9614CAB7122F4BF9406, CD6FFA2DE518DFD92604F1C6E3D274566410BEE02B6F3D575F2218EA4E165321 ] ManyCam         C:\WINDOWS\system32\DRIVERS\mcvidrv_x64.sys
10:11:21.0967 0x1920  ManyCam - ok
10:11:21.0988 0x1920  [ 88B38A7435DFA9B7E8F94F5D5FE999D2, FF4EBB6CE013D0EA62FEDA5FBBD1205D9A6F684E701F40039A95A4EF4145DC16 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
10:11:22.0026 0x1920  MapsBroker - ok
10:11:22.0049 0x1920  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
10:11:22.0065 0x1920  MBAMProtector - ok
10:11:22.0157 0x1920  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
10:11:22.0215 0x1920  MBAMService - ok
10:11:22.0242 0x1920  [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
10:11:22.0257 0x1920  MBAMWebAccessControl - ok
10:11:22.0289 0x1920  [ 34A42DD7CF525D0D2C5232916496E4B8, FC703E247FB5D88470F57BCC10890F830BDE782BF7D24B12B2EAAB2C5EC23223 ] mcaudrv_simple  C:\WINDOWS\system32\drivers\mcaudrv_x64.sys
10:11:22.0326 0x1920  mcaudrv_simple - ok
10:11:22.0357 0x1920  [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
10:11:22.0404 0x1920  megasas - ok
10:11:22.0446 0x1920  [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
10:11:22.0508 0x1920  megasr - ok
10:11:22.0558 0x1920  [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
10:11:22.0589 0x1920  MessagingService - ok
10:11:22.0673 0x1920  Microsoft SharePoint Workspace Audit Service - ok
10:11:22.0727 0x1920  [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
10:11:22.0774 0x1920  mlx4_bus - ok
10:11:22.0805 0x1920  [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
10:11:22.0858 0x1920  MMCSS - ok
10:11:22.0890 0x1920  [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
10:11:22.0943 0x1920  Modem - ok
10:11:22.0974 0x1920  [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
10:11:23.0028 0x1920  monitor - ok
10:11:23.0059 0x1920  [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
10:11:23.0106 0x1920  mouclass - ok
10:11:23.0132 0x1920  [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
10:11:23.0195 0x1920  mouhid - ok
10:11:23.0210 0x1920  [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
10:11:23.0264 0x1920  mountmgr - ok
10:11:23.0295 0x1920  [ A48479D7010ED54BB6AE3D5937A36C53, AE23673ABAB297DEFFC58A756C0667CA8F335BECCD31BF8E81BF1AEAAB9E86E8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:11:23.0310 0x1920  MozillaMaintenance - ok
10:11:23.0333 0x1920  [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
10:11:23.0395 0x1920  mpsdrv - ok
10:11:23.0464 0x1920  [ 3B3906F069DB567C3D092F195FEA5F87, 1EAD704AD8E81D083FE3D458B529F8ECBE99569EFD20F7B520339F054E2F6515 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
10:11:23.0533 0x1920  MpsSvc - ok
10:11:23.0564 0x1920  [ 37C9EC0398BFC22C616711E41AE157D5, C8DD6B6B47513696CD4BD376C5D9F82C0F52F5A351FFAFE149E3B13C4684D40E ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
10:11:23.0637 0x1920  MRxDAV - ok
10:11:23.0684 0x1920  [ 61F9F27A8C3D7BCD287FE98A440421CE, 773208951BD0B8C0B9510F4C317484D5FCF36D09310D4E20F2BDB85D61088BA5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:11:23.0749 0x1920  mrxsmb - ok
10:11:23.0796 0x1920  [ CCAD845F4D21D0E0E0468205EE865473, 8F93B61F407BCE5910A7A9F01F8A51FDB7A3C4F03E59C144C1D4FD974D10C2D4 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
10:11:23.0865 0x1920  mrxsmb10 - ok
10:11:23.0881 0x1920  [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
10:11:23.0934 0x1920  mrxsmb20 - ok
10:11:23.0965 0x1920  [ A934DF064C503A31683DD7EECDBD327A, 3ED943A2CFE9BB00898A4FCE08D3A5C814FE6E546FC10E9F30E6C2619B1AD162 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
10:11:24.0012 0x1920  MsBridge - ok
10:11:24.0033 0x1920  [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
10:11:24.0081 0x1920  MSDTC - ok
10:11:24.0112 0x1920  [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:11:24.0180 0x1920  Msfs - ok
10:11:24.0211 0x1920  [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
10:11:24.0265 0x1920  msgpiowin32 - ok
10:11:24.0297 0x1920  [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
10:11:24.0349 0x1920  mshidkmdf - ok
10:11:24.0365 0x1920  [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
10:11:24.0412 0x1920  mshidumdf - ok
10:11:24.0434 0x1920  [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
10:11:24.0481 0x1920  msisadrv - ok
10:11:24.0512 0x1920  [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
10:11:24.0565 0x1920  MSiSCSI - ok
10:11:24.0565 0x1920  msiserver - ok
10:11:24.0581 0x1920  [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
10:11:24.0635 0x1920  MSKSSRV - ok
10:11:24.0666 0x1920  [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
10:11:24.0713 0x1920  MsLldp - ok
10:11:24.0751 0x1920  [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
10:11:24.0798 0x1920  MSPCLOCK - ok
10:11:24.0835 0x1920  [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
10:11:24.0866 0x1920  MSPQM - ok
10:11:24.0882 0x1920  [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
10:11:24.0936 0x1920  MsRPC - ok
10:11:24.0951 0x1920  [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
10:11:25.0016 0x1920  mssmbios - ok
10:11:25.0036 0x1920  [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
10:11:25.0083 0x1920  MSTEE - ok
10:11:25.0114 0x1920  [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
10:11:25.0154 0x1920  MTConfig - ok
10:11:25.0185 0x1920  [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
10:11:25.0216 0x1920  Mup - ok
10:11:25.0268 0x1920  [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
10:11:25.0299 0x1920  mvumis - ok
10:11:25.0368 0x1920  [ 536A0806CE2061A2157E65D4D8ABF30C, F9893F66505E3F748365CD4625B34357531804BDFE33E57285C0106C03F7916C ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
10:11:25.0452 0x1920  NativeWifiP - ok
10:11:25.0499 0x1920  [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
10:11:25.0537 0x1920  NcaSvc - ok
10:11:25.0568 0x1920  [ 7467BD76D6ED5981E6C3DBFEB50F0F4D, 237E1C2E15D5F3BAC49B09E1CD0EAE56A6998AE1FF560A4F7A7EFFEB46884798 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
10:11:25.0615 0x1920  NcbService - ok
10:11:25.0637 0x1920  [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
10:11:25.0700 0x1920  NcdAutoSetup - ok
10:11:25.0737 0x1920  [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
10:11:25.0815 0x1920  ndfltr - ok
10:11:25.0884 0x1920  [ AFAECF904F1C343EBD50F91BC8D0DBE8, FABAE70F62895708415B8E176A880D2D20D46D9A14C3D41D371B905CE4D64BA0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
10:11:25.0969 0x1920  NDIS - ok
10:11:26.0000 0x1920  [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
10:11:26.0038 0x1920  NdisCap - ok
10:11:26.0069 0x1920  [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
10:11:26.0116 0x1920  NdisImPlatform - ok
10:11:26.0169 0x1920  [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:11:26.0216 0x1920  NdisTapi - ok
10:11:26.0238 0x1920  [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
10:11:26.0301 0x1920  Ndisuio - ok
10:11:26.0335 0x1920  [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
10:11:26.0370 0x1920  NdisVirtualBus - ok
10:11:26.0385 0x1920  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
10:11:26.0470 0x1920  NdisWan - ok
10:11:26.0470 0x1920  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:11:26.0517 0x1920  ndiswanlegacy - ok
10:11:26.0539 0x1920  [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
10:11:26.0601 0x1920  ndproxy - ok
10:11:26.0639 0x1920  [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
10:11:26.0701 0x1920  Ndu - ok
10:11:26.0734 0x1920  [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
10:11:26.0770 0x1920  NetBIOS - ok
10:11:26.0817 0x1920  [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
10:11:26.0886 0x1920  NetBT - ok
10:11:26.0917 0x1920  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:11:26.0940 0x1920  Netlogon - ok
10:11:26.0971 0x1920  [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman          C:\WINDOWS\System32\netman.dll
10:11:27.0018 0x1920  Netman - ok
10:11:27.0055 0x1920  [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
10:11:27.0118 0x1920  netprofm - ok
10:11:27.0155 0x1920  [ 01C759FD50DFD46E30CC56B2B672B1A7, 88F46C89DCE1869D9932E809A24718B50C3B0161A1DD63DED899C0AFA8C7CFF5 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
10:11:27.0202 0x1920  NetSetupSvc - ok
10:11:27.0256 0x1920  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:11:27.0287 0x1920  NetTcpPortSharing - ok
10:11:27.0340 0x1920  [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
10:11:27.0387 0x1920  NgcCtnrSvc - ok
10:11:27.0439 0x1920  [ 4547118EADA9FDBB054A211CD01866BB, 51656BDAD78B4CC452B2AE06061247BECD07307BB31B9D6AA615917EC97342E0 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
10:11:27.0486 0x1920  NgcSvc - ok
10:11:27.0540 0x1920  [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
10:11:27.0618 0x1920  NlaSvc - ok
10:11:27.0640 0x1920  [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:11:27.0718 0x1920  Npfs - ok
10:11:27.0741 0x1920  [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
10:11:27.0788 0x1920  npsvctrig - ok
10:11:27.0819 0x1920  [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi             C:\WINDOWS\system32\nsisvc.dll
10:11:27.0857 0x1920  nsi - ok
10:11:27.0888 0x1920  [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
10:11:27.0919 0x1920  nsiproxy - ok
10:11:28.0035 0x1920  [ EFEFC245B884B1BE0401931398DCD707, 43A7BDB9BF523791EC41E76F51E7DC56EFC55CCDA0D130ECFCD9990C43D67587 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
10:11:28.0189 0x1920  NTFS - ok
10:11:28.0220 0x1920  [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:11:28.0273 0x1920  Null - ok
10:11:28.0320 0x1920  [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
10:11:28.0358 0x1920  nvraid - ok
10:11:28.0389 0x1920  [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
10:11:28.0442 0x1920  nvstor - ok
10:11:28.0489 0x1920  [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
10:11:28.0543 0x1920  nv_agp - ok
10:11:28.0590 0x1920  [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
10:11:28.0643 0x1920  OneSyncSvc - ok
10:11:28.0721 0x1920  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:11:28.0743 0x1920  ose - ok
10:11:29.0006 0x1920  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:11:29.0250 0x1920  osppsvc - ok
10:11:29.0314 0x1920  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
10:11:29.0371 0x1920  p2pimsvc - ok
10:11:29.0411 0x1920  [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
10:11:29.0449 0x1920  p2psvc - ok
10:11:29.0464 0x1920  [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
10:11:29.0569 0x1920  Parport - ok
10:11:29.0601 0x1920  [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
10:11:29.0656 0x1920  partmgr - ok
10:11:29.0703 0x1920  [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
10:11:29.0756 0x1920  PcaSvc - ok
10:11:29.0772 0x1920  [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci             C:\WINDOWS\system32\drivers\pci.sys
10:11:29.0835 0x1920  pci - ok
10:11:29.0857 0x1920  [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
10:11:29.0920 0x1920  pciide - ok
10:11:29.0958 0x1920  [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
10:11:30.0021 0x1920  pcmcia - ok
10:11:30.0058 0x1920  [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
10:11:30.0105 0x1920  pcw - ok
10:11:30.0121 0x1920  [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
10:11:30.0190 0x1920  pdc - ok
10:11:30.0230 0x1920  [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
10:11:30.0359 0x1920  PEAUTH - ok
10:11:30.0459 0x1920  [ C7D210982B6C8454E52191D0DCF6DC52, D53D575CD9A0AB7EA94E7D1B9730ABE0A582CA3460AEAC4680D01034D69D3949 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
10:11:30.0575 0x1920  PeerDistSvc - ok
10:11:30.0622 0x1920  [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
10:11:30.0664 0x1920  percsas2i - ok
10:11:30.0679 0x1920  [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
10:11:30.0762 0x1920  percsas3i - ok
10:11:30.0841 0x1920  [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
10:11:30.0878 0x1920  PerfHost - ok
10:11:30.0963 0x1920  [ 8C5737B889752EC37B49D730C24FB80B, 0101AEBE3870B59BE69DBF20FDD307BEDB10A6DB21750E57B9BD3B1961386979 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
10:11:31.0026 0x1920  PhoneSvc - ok
10:11:31.0065 0x1920  [ 940BD7A32391F325A1A4285F91FAF7AC, A0FE4B8705B268E1978D9C66EB39B3DBBCB2A70F02F380C7062FE72E92DDF964 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
10:11:31.0112 0x1920  PimIndexMaintenanceSvc - ok
10:11:31.0212 0x1920  [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla             C:\WINDOWS\system32\pla.dll
10:11:31.0327 0x1920  pla - ok
10:11:31.0362 0x1920  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
10:11:31.0397 0x1920  PlugPlay - ok
10:11:31.0428 0x1920  [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
10:11:31.0466 0x1920  PNRPAutoReg - ok
10:11:31.0497 0x1920  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
10:11:31.0544 0x1920  PNRPsvc - ok
10:11:31.0568 0x1920  [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
10:11:31.0615 0x1920  PolicyAgent - ok
10:11:31.0646 0x1920  [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power           C:\WINDOWS\system32\umpo.dll
10:11:31.0684 0x1920  Power - ok
10:11:31.0730 0x1920  [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
10:11:31.0772 0x1920  PptpMiniport - ok
10:11:31.0947 0x1920  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
10:11:32.0148 0x1920  PrintNotify - ok
10:11:32.0187 0x1920  [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor       C:\WINDOWS\System32\drivers\processr.sys
10:11:32.0272 0x1920  Processor - ok
10:11:32.0318 0x1920  [ A08AAC62EF7A1E291B3E895B5864BB86, 340E6648F9A5F4B7543FDEC5BDAFBDA3DE319B8F998FF2EF60D02EE5EF3D56CB ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
10:11:32.0372 0x1920  ProfSvc - ok
10:11:32.0403 0x1920  [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
10:11:32.0450 0x1920  Psched - ok
10:11:32.0488 0x1920  [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE           C:\WINDOWS\system32\qwave.dll
10:11:32.0535 0x1920  QWAVE - ok
10:11:32.0551 0x1920  [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
10:11:32.0605 0x1920  QWAVEdrv - ok
10:11:32.0652 0x1920  [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:11:32.0721 0x1920  RasAcd - ok
10:11:32.0752 0x1920  [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
10:11:32.0820 0x1920  RasAgileVpn - ok
10:11:32.0867 0x1920  [ 2976970887157CBB05747CBCD0793354, 43499D90B6340BD679CA51FDAB4ABCD0CF7E995367876716B7879422D206D677 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
10:11:32.0889 0x1920  RasAuto - ok
10:11:32.0905 0x1920  [ 381B8F2311A0375676B635EA5E7C8AB0, F64697F75894844E72F260E9E88CCFE6B882BC89F6124DCA187771A29C3EF929 ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
10:11:32.0970 0x1920  Rasl2tp - ok
10:11:33.0005 0x1920  [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:11:33.0074 0x1920  RasMan - ok
10:11:33.0090 0x1920  [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:11:33.0152 0x1920  RasPppoe - ok
10:11:33.0175 0x1920  [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
10:11:33.0237 0x1dc4  Object required for P2P: [ A403DAE4B083EB96BC6CEDB47639B4F8 ] HTTP
10:11:33.0237 0x1920  RasSstp - ok
10:11:33.0275 0x1920  [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:11:33.0337 0x1920  rdbss - ok
10:11:33.0373 0x1920  [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
10:11:33.0437 0x1920  rdpbus - ok
10:11:33.0453 0x1920  [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
10:11:33.0475 0x1dc4  Object send P2P result: true
10:11:33.0475 0x1dc4  Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
10:11:33.0538 0x1920  RDPDR - ok
10:11:33.0570 0x1920  [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
10:11:33.0622 0x1920  RdpVideoMiniport - ok
10:11:33.0653 0x1920  [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
10:11:33.0707 0x1dc4  Object send P2P result: true
10:11:33.0707 0x1dc4  Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C
10:11:33.0707 0x1920  rdyboost - ok
10:11:33.0776 0x1920  [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
10:11:33.0892 0x1920  ReFSv1 - ok
10:11:33.0907 0x1dc4  Object send P2P result: true
10:11:33.0923 0x1dc4  Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
10:11:33.0939 0x1920  [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:11:33.0992 0x1920  RemoteAccess - ok
10:11:34.0023 0x1920  [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
10:11:34.0054 0x1920  RemoteRegistry - ok
10:11:34.0124 0x1920  [ AD43141CE6D5074DA1D28B5BCD4E4507, C1A9AA856DD4FEE00BBA329C150E0CBCD1CE13ED0BB7B4AC9B152321CD854212 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
10:11:34.0193 0x1dc4  Object send P2P result: true
10:11:34.0224 0x1920  RetailDemo - ok
10:11:34.0255 0x1920  [ 60BFD9EE962C87747A0EB648634281ED, 3E8610F597405944BFD42EE8C397818850BC7D97ACC14AC43B6E3632A1FB916C ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
10:11:34.0340 0x1920  RFCOMM - ok
10:11:34.0372 0x1920  [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
10:11:34.0393 0x1920  RpcEptMapper - ok
10:11:34.0440 0x1920  [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:11:34.0474 0x1920  RpcLocator - ok
10:11:34.0509 0x1920  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
10:11:34.0577 0x1920  RpcSs - ok
10:11:34.0609 0x1920  [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
10:11:34.0655 0x1920  rspndr - ok
10:11:34.0694 0x1920  [ 91296F0B2653281B2F11E0FCE56AA427, 242B6049480F62673D79E822EC7AD83DBFA1D203F2519E765DD36ECF156A962A ] RTL8167         C:\WINDOWS\system32\DRIVERS\Rt64win7.sys
10:11:34.0773 0x1920  RTL8167 - ok
10:11:34.0794 0x1920  [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
10:11:34.0841 0x1920  s3cap - ok
10:11:34.0882 0x1920  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs           C:\WINDOWS\system32\lsass.exe
10:11:34.0898 0x1920  SamSs - ok
10:11:34.0929 0x1920  [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
10:11:34.0983 0x1920  sbp2port - ok
10:11:35.0014 0x1920  [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
10:11:35.0081 0x1920  SCardSvr - ok
10:11:35.0099 0x1920  [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
10:11:35.0130 0x1920  ScDeviceEnum - ok
10:11:35.0183 0x1920  [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
10:11:35.0215 0x1920  scfilter - ok
10:11:35.0299 0x1920  [ 5A459E0585FF3A980D10604B6D4BA03D, 3DF9CB96258A44458DF98EA4C6D57342D1207B7BFB94174461B347BE3B5CA317 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:11:35.0400 0x1920  Schedule - ok
10:11:35.0431 0x1920  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
10:11:35.0462 0x1920  SCPolicySvc - ok
10:11:35.0499 0x1920  [ E1137E39C3BB3EF9AF2243745D901D60, 0BE86E4E48DA6D25AF0E71F09E55A5C4E525C61831EDC5135DEB240CCD02335D ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
10:11:35.0546 0x1920  sdbus - ok
10:11:35.0589 0x1920  [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
10:11:35.0636 0x1920  SDRSVC - ok
10:11:35.0667 0x1920  [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
10:11:35.0704 0x1920  sdstor - ok
10:11:35.0736 0x1920  [ 286450F698EBD81A8AC1B22CF6BABF11, ED05C2723FCD399FD085AE7AB1178D24F9745A4F31DD711DE896D15412B82BA2 ] seclogon        C:\WINDOWS\system32\seclogon.dll
10:11:35.0767 0x1920  seclogon - ok
         


Alt 04.01.2016, 12:27   #6
Gnuschperli
 
Windows 10: Firefox öffnet automatisch Tab mit Werbeseite - Standard

Windows 10: Firefox öffnet automatisch Tab mit Werbeseite



TDSS Teil 2

Code:
ATTFilter
10:11:35.0808 0x1920  [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS            C:\WINDOWS\System32\sens.dll
10:11:35.0855 0x1920  SENS - ok
10:11:35.0940 0x1920  [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
10:11:36.0040 0x1920  SensorDataService - ok
10:11:36.0092 0x1920  [ A74C62AE99A015CD6275F0D8D8843886, DF08E0BB1160E054C6B000BC5F62DEF77C6D9E4B5679AD013C313BA14207B589 ] SensorService   C:\WINDOWS\system32\SensorService.dll
10:11:36.0155 0x1920  SensorService - ok
10:11:36.0195 0x1920  [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
10:11:36.0237 0x1920  SensrSvc - ok
10:11:36.0269 0x1920  [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
10:11:36.0319 0x1920  SerCx - ok
10:11:36.0363 0x1920  [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
10:11:36.0470 0x1920  SerCx2 - ok
10:11:36.0493 0x1920  [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
10:11:36.0554 0x1920  Serenum - ok
10:11:36.0581 0x1920  [ 88D58E1DAA6C5062DD3A26273106961F, D1E2FF37C888245BD0BABCD7C6B76AD5A87415B68FEFE37B5FA29AE3342AE50B ] Serial          C:\WINDOWS\System32\drivers\serial.sys
10:11:36.0661 0x1920  Serial - ok
10:11:36.0697 0x1920  [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
10:11:36.0774 0x1920  sermouse - ok
10:11:36.0824 0x1920  [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
10:11:36.0871 0x1920  SessionEnv - ok
10:11:36.0913 0x1920  [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
10:11:36.0946 0x1920  sfloppy - ok
10:11:36.0993 0x1920  [ 2C7B006EB0B5479ED389D0CA5DE6AB83, 2E7C6E3E99A2668CB361A31567A4DB81021530E78213B39983D14197DB72E43C ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:11:37.0040 0x1920  SharedAccess - ok
10:11:37.0093 0x1920  [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:11:37.0165 0x1920  ShellHWDetection - ok
10:11:37.0207 0x1920  [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
10:11:37.0258 0x1920  SiSRaid2 - ok
10:11:37.0286 0x1920  [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
10:11:37.0332 0x1920  SiSRaid4 - ok
10:11:37.0370 0x1920  [ 158A62561751F396DDA43EC653963DDC, 70F97D81E6A8AABD2A696E11E8A47B0DA8C3D21AE2C12FFEA85795FFE7518810 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
10:11:37.0415 0x1920  SmbDrvI - ok
10:11:37.0482 0x1920  [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost         C:\WINDOWS\System32\smphost.dll
10:11:37.0515 0x1920  smphost - ok
10:11:37.0546 0x1920  [ 0BA53B01A02848A1545E2A743FF17B2F, ADAD55B9E0172BD7FBA92C5CD4870419FE9EF16F907DA1EEF2A9AE6492DE1909 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
10:11:37.0614 0x1920  SmsRouter - ok
10:11:37.0646 0x1920  [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
10:11:37.0677 0x1920  SNMPTRAP - ok
10:11:37.0724 0x1920  [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
10:11:37.0814 0x1920  spaceport - ok
10:11:37.0841 0x1920  [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
10:11:37.0890 0x1920  SpbCx - ok
10:11:37.0951 0x1920  [ DC520253EC32B515E7792DB05DB43EB2, 8A614286522CA637EF0D58F79143146D5FB40DCD0CA1333752989BCD51DE00C0 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
10:11:38.0041 0x1920  Spooler - ok
10:11:38.0252 0x1920  [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
10:11:38.0531 0x1920  sppsvc - ok
10:11:38.0618 0x1920  [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
10:11:38.0717 0x1920  srv - ok
10:11:38.0766 0x1920  [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
10:11:38.0895 0x1920  srv2 - ok
10:11:38.0926 0x1920  [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
10:11:39.0011 0x1920  srvnet - ok
10:11:39.0042 0x1920  [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
10:11:39.0073 0x1920  SSDPSRV - ok
10:11:39.0111 0x1920  [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
10:11:39.0158 0x1920  SstpSvc - ok
10:11:39.0254 0x1920  [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C, 8EBBFA456D93E63AF9D64CC95A58651E2C1B1398B6052C0E65D3005AD5AC8CB5 ] STacSV          C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_960c1f056a541068\STacSV64.exe
10:11:39.0290 0x1920  STacSV - ok
10:11:39.0395 0x1920  [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
10:11:39.0542 0x1920  StateRepository - ok
10:11:39.0574 0x1920  [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
10:11:39.0627 0x1920  stexstor - ok
10:11:39.0674 0x1920  [ DFFBC024DFC7BB05B2129E05CBC7A201, CA07944B864D7F3DA673040CF6314FECCAF80B8EADAF648392AE79697DAC15B4 ] STHDA           C:\WINDOWS\system32\DRIVERS\stwrt64.sys
10:11:39.0774 0x1920  STHDA - ok
10:11:39.0827 0x1920  [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
10:11:39.0896 0x1920  stisvc - ok
10:11:39.0936 0x1920  [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
10:11:39.0988 0x1920  storahci - ok
10:11:40.0028 0x1920  [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
10:11:40.0072 0x1920  storflt - ok
10:11:40.0101 0x1920  [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
10:11:40.0146 0x1920  stornvme - ok
10:11:40.0187 0x1920  [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
10:11:40.0262 0x1920  storqosflt - ok
10:11:40.0323 0x1920  [ B1305CDD98D5FC49863279D4B51DB510, 4B745E8D14591CA69429CA579467B9528B94C54EBD2FCFD446000C9C1BCB3B07 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
10:11:40.0399 0x1920  StorSvc - ok
10:11:40.0422 0x1920  [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
10:11:40.0474 0x1920  storufs - ok
10:11:40.0503 0x1920  [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
10:11:40.0551 0x1920  storvsc - ok
10:11:40.0597 0x1920  [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc           C:\WINDOWS\system32\svsvc.dll
10:11:40.0628 0x1920  svsvc - ok
10:11:40.0644 0x1920  [ 04CF20310145DEC63D5387BEAFF77D9A, 5017AF8C2DFBFE1F9946FF5AF229D62D141118EA923EEFA994EB4C7B52DEF208 ] SWDUMon         C:\WINDOWS\system32\DRIVERS\SWDUMon.sys
10:11:40.0675 0x1920  SWDUMon - ok
10:11:40.0713 0x1920  [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
10:11:40.0759 0x1920  swenum - ok
10:11:40.0797 0x1920  [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv           C:\WINDOWS\System32\swprv.dll
10:11:40.0860 0x1920  swprv - ok
10:11:40.0896 0x1920  [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
10:11:40.0929 0x1920  Synth3dVsc - ok
10:11:40.0976 0x1920  [ F7E9360AD5252D2E295AB67D46B8FE4B, 40B33FA7A269A8AA7BE3281CBB0D7375382CDAFADFA06FBED12E8C73A450B656 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
10:11:41.0013 0x1920  SynTP - ok
10:11:41.0076 0x1920  [ 3EEDF446E29B6B8F7AD5AFA59B84800B, F79B8A3810C32A0F8B2690270585FBD374C25562AD5DD52D1DD9F0D612D2017C ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
10:11:41.0116 0x1920  SynTPEnhService - ok
10:11:41.0178 0x1920  [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
10:11:41.0260 0x1920  SysMain - ok
10:11:41.0298 0x1920  [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
10:11:41.0345 0x1920  SystemEventsBroker - ok
10:11:41.0398 0x1920  [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
10:11:41.0445 0x1920  TabletInputService - ok
10:11:41.0476 0x1920  [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
10:11:41.0529 0x1920  TapiSrv - ok
10:11:41.0614 0x1920  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
10:11:41.0799 0x1920  Tcpip - ok
10:11:41.0877 0x1920  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
10:11:42.0015 0x1920  Tcpip6 - ok
10:11:42.0062 0x1920  [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
10:11:42.0125 0x1920  tcpipreg - ok
10:11:42.0157 0x1920  [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
10:11:42.0215 0x1920  tdx - ok
10:11:42.0231 0x1920  [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
10:11:42.0300 0x1920  terminpt - ok
10:11:42.0378 0x1920  [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService     C:\WINDOWS\System32\termsrv.dll
10:11:42.0447 0x1920  TermService - ok
10:11:42.0463 0x1920  [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes          C:\WINDOWS\system32\themeservice.dll
10:11:42.0501 0x1920  Themes - ok
10:11:42.0548 0x1920  [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
10:11:42.0601 0x1920  TieringEngineService - ok
10:11:42.0632 0x1920  [ FC971E1D1B5900C231591A7720FCD8B8, DF58C350977019E4A8F381FB35702E9BEA89F6A8C6BF36C56376D36BC8FE630F ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
10:11:42.0701 0x1920  tiledatamodelsvc - ok
10:11:42.0717 0x1920  [ 4BA0AB760971A0109A3442BD8B4F9AA0, 681171ECE155B7B1048525AA9BF14E4FDB437EE6BD91B6C5C9FFE122757D6BEB ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
10:11:42.0748 0x1920  TimeBroker - ok
10:11:42.0779 0x1920  [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
10:11:42.0833 0x1920  TPM - ok
10:11:42.0880 0x1920  [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks          C:\WINDOWS\System32\trkwks.dll
10:11:42.0902 0x1920  TrkWks - ok
10:11:42.0949 0x1920  [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
10:11:43.0002 0x1920  TrustedInstaller - ok
10:11:43.0018 0x1920  [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
10:11:43.0080 0x1920  tsusbflt - ok
10:11:43.0118 0x1920  [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
10:11:43.0165 0x1920  TsUsbGD - ok
10:11:43.0202 0x1920  [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
10:11:43.0233 0x1920  tunnel - ok
10:11:43.0264 0x1920  [ 1A9A77ACDAC29C39F50D2A492FD0DB16, E21F2E2BA6EABE0F6B5A1930DDB2CE5A921389A58C08A2D3F66D245E8698E6B4 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
10:11:43.0302 0x1920  tzautoupdate - ok
10:11:43.0334 0x1920  [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
10:11:43.0381 0x1920  uagp35 - ok
10:11:43.0403 0x1920  [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
10:11:43.0450 0x1920  UASPStor - ok
10:11:43.0466 0x1920  [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
10:11:43.0535 0x1920  UcmCx0101 - ok
10:11:43.0567 0x1920  [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
10:11:43.0608 0x1920  UcmUcsi - ok
10:11:43.0671 0x1920  [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
10:11:43.0721 0x1920  Ucx01000 - ok
10:11:43.0737 0x1920  [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
10:11:43.0805 0x1920  UdeCx - ok
10:11:43.0837 0x1920  [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
10:11:43.0948 0x1920  udfs - ok
10:11:43.0979 0x1920  [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
10:11:44.0006 0x1920  UEFI - ok
10:11:44.0068 0x1920  [ 5F0D997E6FC5A418D7673148CEF72887, 6C142CB8F06E5958045451253C9188CE876A84D08266FFD7F64AAE09964D8431 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
10:11:44.0152 0x1920  Ufx01000 - ok
10:11:44.0184 0x1920  [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
10:11:44.0222 0x1920  UfxChipidea - ok
10:11:44.0238 0x1920  [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
10:11:44.0284 0x1920  ufxsynopsys - ok
10:11:44.0322 0x1920  [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
10:11:44.0369 0x1920  UI0Detect - ok
10:11:44.0385 0x1920  [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
10:11:44.0438 0x1920  uliagpkx - ok
10:11:44.0454 0x1920  [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
10:11:44.0522 0x1920  umbus - ok
10:11:44.0538 0x1920  [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
10:11:44.0585 0x1920  UmPass - ok
10:11:44.0622 0x1920  [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
10:11:44.0669 0x1920  UmRdpService - ok
10:11:44.0728 0x1920  [ 87E291D9CC3ECE9AA56ABFD8063C4050, 781958969DB79454C91156473B4DA363F6D540D99974C2924ED81604CF45C3E0 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
10:11:44.0823 0x1920  UnistoreSvc - ok
10:11:44.0854 0x1920  [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:11:44.0907 0x1920  upnphost - ok
10:11:44.0923 0x1920  [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
10:11:44.0970 0x1920  UrsChipidea - ok
10:11:45.0007 0x1920  [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
10:11:45.0085 0x1920  UrsCx01000 - ok
10:11:45.0107 0x1920  [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
10:11:45.0170 0x1920  UrsSynopsys - ok
10:11:45.0203 0x1920  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
10:11:45.0238 0x1920  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
10:11:45.0338 0x1920  Detect skipped due to KSN trusted
10:11:45.0338 0x1920  USBAAPL64 - ok
10:11:45.0369 0x1920  [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
10:11:45.0439 0x1920  usbccgp - ok
10:11:45.0470 0x1920  [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
10:11:45.0523 0x1920  usbcir - ok
10:11:45.0570 0x1920  [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
10:11:45.0625 0x1920  usbehci - ok
10:11:45.0656 0x1920  [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
10:11:45.0723 0x1920  usbhub - ok
10:11:45.0770 0x1920  [ 12A0B486EA13DF46C27B90CC2CE92FE5, 643D8B906F02FBC0802B3468C24D6C6A0BDB07FEA894B68E0F404AB5287C4409 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
10:11:45.0839 0x1920  USBHUB3 - ok
10:11:45.0870 0x1920  [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
10:11:45.0910 0x1920  usbohci - ok
10:11:45.0926 0x1920  [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
10:11:45.0973 0x1920  usbprint - ok
10:11:46.0011 0x1920  [ CA6369870F91F3D367D26278E0AD0DDF, 651B97E73AFC615C80DE2076872DEB49DCD775B5C9988AB4AC0A0162DAB09F70 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
10:11:46.0058 0x1920  usbser - ok
10:11:46.0089 0x1920  [ 37C2CD8587BF7F785381EB7B26916B52, E8F65BF7BBDEF82BD97629921A1148304CA44DCD03E079E28D75D04244B71C39 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
10:11:46.0143 0x1920  USBSTOR - ok
10:11:46.0174 0x1920  [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
10:11:46.0212 0x1920  usbuhci - ok
10:11:46.0259 0x1920  [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
10:11:46.0343 0x1920  usbvideo - ok
10:11:46.0374 0x1920  [ 325727F01F03C504CF788618A13DC266, 9F685113F714ADBC6DCD423CCD205F71E00D1AA9B5DD045B95E61E53B0F8E9AF ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
10:11:46.0459 0x1920  USBXHCI - ok
10:11:46.0543 0x1920  [ ED06681482E0B9B4D573684CD5FB18F5, 1CCFBD37F8B895900B860AAF107130C5890C01F5327A4AEBB910F6B2BB0BA61D ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
10:11:46.0643 0x1920  UserDataSvc - ok
10:11:46.0712 0x1920  [ CA902510DAF327CCFA59BCBFC00B3BAE, 3282993B28B64E2D7D4C94E5B2643431C96BF1AB30B48C30BED565F457D02B45 ] UserManager     C:\WINDOWS\System32\usermgr.dll
10:11:46.0791 0x1920  UserManager - ok
10:11:46.0833 0x1920  [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc          C:\WINDOWS\system32\usocore.dll
10:11:46.0880 0x1920  UsoSvc - ok
10:11:46.0916 0x1920  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
10:11:46.0934 0x1920  VaultSvc - ok
10:11:46.0972 0x1920  [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
10:11:47.0013 0x1920  vdrvroot - ok
10:11:47.0076 0x1920  [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds             C:\WINDOWS\System32\vds.exe
10:11:47.0134 0x1920  vds - ok
10:11:47.0165 0x1920  [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
10:11:47.0247 0x1920  VerifierExt - ok
10:11:47.0309 0x1920  [ 6305ED64B6B4E96AEC8BECA423498EC0, A39916FC6C15CA5AD8678C042B66944DBCF13215B69CBF6D53430A9BF0EC8CF8 ] vfsFPService    C:\Windows\system32\vfsFPService.exe
10:11:47.0348 0x1920  vfsFPService - ok
10:11:47.0386 0x1920  [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
10:11:47.0465 0x1920  vhdmp - ok
10:11:47.0513 0x1920  [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
10:11:47.0565 0x1920  vhf - ok
10:11:47.0596 0x1920  [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
10:11:47.0634 0x1920  vmbus - ok
10:11:47.0665 0x1920  [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
10:11:47.0715 0x1920  VMBusHID - ok
10:11:47.0753 0x1920  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
10:11:47.0800 0x1920  vmicguestinterface - ok
10:11:47.0818 0x1920  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
10:11:47.0865 0x1920  vmicheartbeat - ok
10:11:47.0897 0x1920  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
10:11:47.0934 0x1920  vmickvpexchange - ok
10:11:47.0950 0x1920  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
10:11:47.0997 0x1920  vmicrdv - ok
10:11:48.0029 0x1920  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
10:11:48.0068 0x1920  vmicshutdown - ok
10:11:48.0083 0x1920  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
10:11:48.0135 0x1920  vmictimesync - ok
10:11:48.0150 0x1920  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
10:11:48.0182 0x1920  vmicvmsession - ok
10:11:48.0214 0x1920  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
10:11:48.0254 0x1920  vmicvss - ok
10:11:48.0270 0x1920  [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
10:11:48.0319 0x1920  volmgr - ok
10:11:48.0351 0x1920  [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
10:11:48.0419 0x1920  volmgrx - ok
10:11:48.0451 0x1920  [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
10:11:48.0520 0x1920  volsnap - ok
10:11:48.0551 0x1920  [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
10:11:48.0617 0x1920  vpci - ok
10:11:48.0635 0x1920  [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
10:11:48.0667 0x1920  vsmraid - ok
10:11:48.0736 0x1920  [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS             C:\WINDOWS\system32\vssvc.exe
10:11:48.0836 0x1920  VSS - ok
10:11:48.0867 0x1920  [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
10:11:48.0940 0x1920  VSTXRAID - ok
10:11:48.0989 0x1920  [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
10:11:49.0056 0x1920  vwifibus - ok
10:11:49.0072 0x1920  [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
10:11:49.0136 0x1920  vwififlt - ok
10:11:49.0152 0x1920  [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
10:11:49.0220 0x1920  vwifimp - ok
10:11:49.0267 0x1920  [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time         C:\WINDOWS\system32\w32time.dll
10:11:49.0336 0x1920  W32Time - ok
10:11:49.0367 0x1920  [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
10:11:49.0421 0x1920  WacomPen - ok
10:11:49.0452 0x1920  [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService   C:\WINDOWS\system32\WalletService.dll
10:11:49.0521 0x1920  WalletService - ok
10:11:49.0552 0x1920  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:11:49.0646 0x1920  wanarp - ok
10:11:49.0653 0x1920  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:11:49.0696 0x1920  wanarpv6 - ok
10:11:49.0781 0x1920  [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine        C:\WINDOWS\system32\wbengine.exe
10:11:49.0907 0x1920  wbengine - ok
10:11:49.0988 0x1920  [ 6950271D0C75A33BD05F7155EF1B2DD4, C6959972D490710CA7539EA8F51B5CC1FA64FF9799242075719C4FD394B6F9C7 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
10:11:50.0053 0x1920  WbioSrvc - ok
10:11:50.0100 0x1920  [ 39E07EE74F50C39C1EB315152F03199C, 053562C2656A76265AE09045952A4C9473BE2B4426D9ECC1A025ED4BC204AC25 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
10:11:50.0168 0x1920  Wcmsvc - ok
10:11:50.0199 0x1920  [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
10:11:50.0252 0x1920  wcncsvc - ok
10:11:50.0268 0x1920  [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
10:11:50.0321 0x1920  WcsPlugInService - ok
10:11:50.0337 0x1920  [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
10:11:50.0384 0x1920  WdBoot - ok
10:11:50.0399 0x1920  [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
10:11:50.0468 0x1920  WDC_SAM - ok
10:11:50.0517 0x1920  [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
10:11:50.0628 0x1920  Wdf01000 - ok
10:11:50.0690 0x1920  [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
10:11:50.0773 0x1920  WdFilter - ok
10:11:50.0807 0x1920  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
10:11:50.0849 0x1920  WdiServiceHost - ok
10:11:50.0860 0x1920  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
10:11:50.0902 0x1920  WdiSystemHost - ok
10:11:50.0949 0x1920  [ E70DDD8E2245CC67547B0861983912D8, 64C73B1496FFF1F6BB3D877CB5BE54DE35C303AE234B11FC90038DC4F73241D9 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
10:11:51.0059 0x1920  wdiwifi - ok
10:11:51.0100 0x1920  [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
10:11:51.0160 0x1920  WdNisDrv - ok
10:11:51.0225 0x1920  WdNisSvc - ok
10:11:51.0254 0x1920  [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient       C:\WINDOWS\System32\webclnt.dll
10:11:51.0314 0x1920  WebClient - ok
10:11:51.0342 0x1920  [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
10:11:51.0385 0x1920  Wecsvc - ok
10:11:51.0417 0x1920  [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
10:11:51.0448 0x1920  WEPHOSTSVC - ok
10:11:51.0474 0x1920  [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
10:11:51.0530 0x1920  wercplsupport - ok
10:11:51.0576 0x1920  [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
10:11:51.0623 0x1920  WerSvc - ok
10:11:51.0643 0x1920  [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
10:11:51.0699 0x1920  WFPLWFS - ok
10:11:51.0744 0x1920  [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
10:11:51.0777 0x1920  WiaRpc - ok
10:11:51.0801 0x1920  [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
10:11:51.0868 0x1920  WIMMount - ok
10:11:51.0873 0x1920  WinDefend - ok
10:11:51.0916 0x1920  [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
10:11:51.0965 0x1920  WindowsTrustedRT - ok
10:11:51.0986 0x1920  [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
10:11:52.0021 0x1920  WindowsTrustedRTProxy - ok
10:11:52.0086 0x1920  [ 1859EEE0BAFDF8F20B7B3C40708B1CD3, C17792B9B41D384751A601A3B2CC3C35089257C6D4B63FC5CC0ABC7A34814688 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
10:11:52.0170 0x1920  WinHttpAutoProxySvc - ok
10:11:52.0186 0x1920  [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
10:11:52.0248 0x1920  WinMad - ok
10:11:52.0291 0x1920  [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
10:11:52.0338 0x1920  Winmgmt - ok
10:11:52.0471 0x1920  [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
10:11:52.0657 0x1920  WinRM - ok
10:11:52.0710 0x1920  [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
10:11:52.0778 0x1920  WINUSB - ok
10:11:52.0819 0x1920  [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
10:11:52.0840 0x1920  WinVerbs - ok
10:11:52.0971 0x1920  [ EF0A5EFFBC78F7677D3591BB58AC5A52, 0860B9D0F1A1FFE14F1A0FDFD3B66C90CED90092D9CF9AA35D6D6D088E2DC4A9 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
10:11:53.0134 0x1920  WlanSvc - ok
10:11:53.0219 0x1920  [ 58A8B8B2A343829602AC105F66988583, 46D142A3A7D74F6383B8D7E642E796535CE15BEDAF82AEFB4BEF46F0355411FD ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
10:11:53.0380 0x1920  wlidsvc - ok
10:11:53.0409 0x1920  [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
10:11:53.0479 0x1920  WmiAcpi - ok
10:11:53.0524 0x1920  [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
10:11:53.0557 0x1920  wmiApSrv - ok
10:11:53.0571 0x1920  WMPNetworkSvc - ok
10:11:53.0657 0x1920  [ 83B6CA03C846FCD47F9883D77D1EB27B, 1616DBBC95085B6618B7F884383507E2A54D561A41288E79FA6DC99218C02802 ] WMZuneComm      C:\Program Files\Zune\WMZuneComm.exe
10:11:53.0686 0x1920  WMZuneComm - ok
10:11:53.0717 0x1920  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
10:11:53.0795 0x1920  Wof - ok
10:11:53.0904 0x1920  [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
10:11:54.0057 0x1920  workfolderssvc - ok
10:11:54.0091 0x1920  [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
10:11:54.0150 0x1920  wpcfltr - ok
10:11:54.0235 0x1920  [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
10:11:54.0293 0x1920  WPDBusEnum - ok
10:11:54.0306 0x1920  [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
10:11:54.0357 0x1920  WpdUpFltr - ok
10:11:54.0384 0x1920  [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService      C:\WINDOWS\system32\WpnService.dll
10:11:54.0435 0x1920  WpnService - ok
10:11:54.0473 0x1920  [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
10:11:54.0530 0x1920  ws2ifsl - ok
10:11:54.0579 0x1920  [ FB45052D7C13963465DFF8D56746B10B, 21B0DC0D383061CEF079586AE8E2FD5E8BBA22B8494666F14D5A8591275943E5 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
10:11:54.0658 0x1920  wscsvc - ok
10:11:54.0666 0x1920  WSearch - ok
10:11:54.0886 0x1920  [ A904D7950ED275273357AA7B1EAE445F, 0E41EA26A923FCE7072CC7DDDDB852E54C95992E01A79C67D1D544B1CB1E18DA ] WSService       C:\WINDOWS\System32\WSService.dll
10:11:55.0085 0x1920  WSService - ok
10:11:55.0209 0x1920  [ C2D78B6667E0341802C4F38E9C02F93D, D2639EF935C5C5BCFECF1BDACC1BA480786A810084EEB62B7C5A0E57618FCCE1 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
10:11:55.0388 0x1920  wuauserv - ok
10:11:55.0422 0x1920  [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
10:11:55.0494 0x1920  WudfPf - ok
10:11:55.0528 0x1920  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
10:11:55.0611 0x1920  WUDFRd - ok
10:11:55.0640 0x1920  [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
10:11:55.0680 0x1920  wudfsvc - ok
10:11:55.0693 0x1920  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
10:11:55.0753 0x1920  WUDFWpdFs - ok
10:11:55.0935 0x1920  [ 2D7E3C2913AAE063774795E6790BCC48, 686CF1CE1CF2553236E0983CBF283D841FB5FBB998C33D97FBB5D7A83EF83867 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
10:11:56.0061 0x1920  WwanSvc - ok
10:11:56.0121 0x1920  [ 7443938BC4B8DCE1D8E6C51BC3F9DBFE, F2D41BFB2303AEAE39A33E6873A9C07DEF9090CA6D5602B2D232C59D1899D620 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
10:11:56.0230 0x1920  XblAuthManager - ok
10:11:56.0307 0x1920  [ FACC53D144952319038FAE7442FCC045, 8BCA4ADC5162FC12AF2A88A8A570DA9DAB80AE9B62C873A2121EBAF8AA9FBA98 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
10:11:56.0416 0x1920  XblGameSave - ok
10:11:56.0465 0x1920  [ 80BC02A73A3949A7AEF34791206C7D7F, 41E547EFC722D3E01CD8E261FA233D8C799FC59A9C5320B7FD65B09831373CDB ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
10:11:56.0551 0x1920  xboxgip - ok
10:11:56.0642 0x1920  [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
10:11:56.0747 0x1920  XboxNetApiSvc - ok
10:11:56.0770 0x1920  [ 1F1EF8E701859581251B52035C1C1CEF, 3A7D3EC619A7F45FBB04EDA6963E3C55DC50358CF2D71ED66EE4BB07ACC0EE3C ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
10:11:56.0822 0x1920  xinputhid - ok
10:11:57.0151 0x1920  [ 67B787C34FB2888D01B130AE007042D8, E44878E53F265C89F271B08B81C129105E42D1C78C14467B2D96E28A9A428B1A ] ZuneNetworkSvc  C:\Program Files\Zune\ZuneNss.exe
10:11:57.0502 0x1920  ZuneNetworkSvc - ok
10:11:57.0590 0x1920  [ 4D89FC1C20CF655739EFAC5DA81A67BC, 788D0A5B9972ED6D80242C0C5E80AB0FAB44A708B896D5F724AC1559A291C8DD ] ZuneWlanCfgSvc  C:\Program Files\Zune\ZuneWlanCfgSvc.exe
10:11:57.0651 0x1920  ZuneWlanCfgSvc - ok
10:11:57.0712 0x1920  [ 74983ADDCA2D9618512C088D856D6615, C4592EFC1206BD813221814FD529AD38ED26E4AE086613EB95D3D5E20448A1F0 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
10:11:57.0793 0x1920  {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
10:11:57.0794 0x1920  ================ Scan global ===============================
10:11:57.0839 0x1920  [ D923EC03E24F7633DED3F2D46AD59A28, C635DB4483E24BE0188583E63B06D0F37BDE7AD944E4D0246A7D19CBC3EA3A6B ] C:\WINDOWS\system32\basesrv.dll
10:11:57.0871 0x1920  [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
10:11:57.0912 0x1920  [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
10:11:57.0946 0x1920  [ 2AB2C72D88CE2BC73E6F708D0B1A9657, 8DF9D8C83BC2078D88FE7B2E9CDD5ABA9A2075F40D30CD344595DA217ECCCB3B ] C:\WINDOWS\system32\services.exe
10:11:57.0964 0x1920  [ Global ] - ok
10:11:57.0965 0x1920  ================ Scan MBR ==================================
10:11:57.0989 0x1920  [ EF476F4B0A5FBF8C094462D4142E5D10 ] \Device\Harddisk0\DR0
10:11:58.0522 0x1920  \Device\Harddisk0\DR0 - ok
10:11:58.0527 0x1920  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
10:11:58.0931 0x1920  \Device\Harddisk1\DR1 - ok
10:11:58.0937 0x1920  ================ Scan VBR ==================================
10:11:58.0970 0x1920  [ 04B41A7D43407F3E9A407935E49803A8 ] \Device\Harddisk0\DR0\Partition1
10:11:58.0988 0x1920  \Device\Harddisk0\DR0\Partition1 - ok
10:11:58.0992 0x1920  [ 1B03D81F8EA3D5442BE8065ECBC2CC2B ] \Device\Harddisk0\DR0\Partition2
10:11:58.0995 0x1920  \Device\Harddisk0\DR0\Partition2 - ok
10:11:59.0002 0x1920  [ 33EAE03D95F0A31E0A2BF136DA409BAC ] \Device\Harddisk0\DR0\Partition3
10:11:59.0004 0x1920  \Device\Harddisk0\DR0\Partition3 - ok
10:11:59.0011 0x1920  [ 3E9ED8BA9371D62F2A83D8D1920F2C49 ] \Device\Harddisk1\DR1\Partition1
10:11:59.0047 0x1920  \Device\Harddisk1\DR1\Partition1 - ok
10:11:59.0047 0x1920  ================ Scan generic autorun ======================
10:11:59.0096 0x1920  [ 2EEED500C1EC095CB3D0DE7A3C7E4278, 06D0DC42A7DE207D675A0DE69001D20941FC0B8D067504CD8B56DD0B952A5ACE ] C:\Program Files\IDT\WDM\sttray64.exe
10:11:59.0171 0x1920  SysTrayApp - ok
10:11:59.0199 0x1920  [ 0FEBED0093D2FD38DA6C6E5DE1ADA24C, 6C6B186A2FC1DFD800041B160A7D71F5F1B3C70D62C7696B8DA89148A8D87D47 ] C:\Program Files\Zune\ZuneLauncher.exe
10:11:59.0220 0x1920  Zune Launcher - ok
10:11:59.0222 0x1920  SynTPEnh - ok
10:11:59.0311 0x1920  [ 07A37CB5C5A01E73FB69F138FAE2DB0E, 9E8B5D78D7EAB8FA35133763EDA91AFE5CDEE275D604F02CDB56FB00A0D5AA0F ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:11:59.0357 0x1920  Adobe ARM - ok
10:11:59.0483 0x1920  [ 7AA219D7AEAA8BADCAC7853AE6AE3BD5, 018F85DCD9EB33DC775CCCB58B999A640B6F8FEF37898EA45600B433E77CF9AE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
10:11:59.0496 0x1920  APSDaemon - ok
10:11:59.0559 0x1920  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
10:11:59.0577 0x1920  BCSSync - ok
10:11:59.0654 0x1920  [ CD1E74BC24CB1D1544406741F46F4D61, 658529854926471AE413D8A365C8E6500AEBDC33A562607DAB185F1571A5524B ] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
10:11:59.0671 0x1920  HPCam_Menu - ok
10:11:59.0720 0x1920  [ 8F89E6CB82E6DB45BC993D423CD0FDBD, 254DD6E7EBCD1BAEE8DB5AD34451B66241DCCE6496D440400DA092C9C867F165 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
10:11:59.0741 0x1920  QlbCtrl.exe - ok
10:11:59.0790 0x1920  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe
10:11:59.0808 0x1920  UpdatePRCShortCut - ok
10:11:59.0853 0x1920  [ DA4ED31DD43ABB0AF99888E236FFDB91, EFB8639A4854A8CB1516639DD032ADFD5AE58082880078115EE1AFB71C9696AF ] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
10:11:59.0878 0x1920  WirelessAssistant - ok
10:11:59.0948 0x1920  [ CE5C9977DA751DDC30952AC4DCBCA788, 295172C4681E9AC27121122CDD2BA6F2A62435917A083CC8490D584CA0164BE6 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
10:11:59.0978 0x1920  HP Software Update - ok
10:12:00.0623 0x1920  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
10:12:01.0050 0x1920  OneDriveSetup - ok
10:12:01.0317 0x1920  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
10:12:01.0627 0x1920  OneDriveSetup - ok
10:12:01.0794 0x1920  [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe
10:12:01.0893 0x1920  HP Photosmart 7520 series (NET) - ok
10:12:01.0937 0x1920  [ 06F6DB72ADABC5E858F38EF69014CE52, B4AEABF3EA6FCABBED879D642BA070DF9C244E28DB5BDC3211205C7B8DB97BFB ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
10:12:01.0983 0x1920  OfficeSyncProcess - ok
10:12:02.0191 0x1920  [ 2E0CF98623181D40BF79558387875F35, BC0E204D36CAF4864FD93A8FE260468320B7F5936ED338DF77DDE9A774C8C964 ] C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
10:12:02.0361 0x1920  FileHippo.com - ok
10:12:02.0511 0x1920  [ 2010CA459E5EC8F9D5FC8B000D130294, 058FF215A3AAD04F2A4CF23B2CC62A5EA28F5A705EFA689DCE9126720CF33229 ] C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\OneDrive.exe
10:12:02.0555 0x1920  OneDrive - ok
10:12:02.0971 0x1920  [ 40335C8877B6B84842AF03A40E1BB206, 33433ED8961B1AEEBD30F8DD53A541C711C403D019F1074406FF9C9D1E9F4113 ] C:\Program Files\CCleaner\CCleaner64.exe
10:12:03.0446 0x1920  CCleaner Monitoring - ok
10:12:04.0298 0x1920  [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
10:12:04.0393 0x1920  Uninstall C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64 - ok
10:12:04.0421 0x1920  [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
10:12:04.0463 0x1920  Uninstall C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1 - ok
10:12:04.0495 0x1920  [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
10:12:04.0537 0x1920  Uninstall C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64 - ok
10:12:04.0840 0x1920  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
10:12:05.0224 0x1920  OneDriveSetup - ok
10:12:05.0685 0x1920  [ 83617B22205AE74AA31FF3CC145E2132, 5684D6523922A662799B408D8BC26FFC7D2212F633B82045919562F30C224F1E ] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
10:12:05.0864 0x1920  msnmsgr - ok
10:12:05.0965 0x1920  [ CB396B37F21C205F00ACE39CF999295A, FD8CB2426D4B9F13480DD823F0479E75316F6486262E88E420398A2C7AB91F57 ] C:\Program Files (x86)\Windows Mail\wab.exe
10:12:06.0050 0x1920  WAB Migrate - ok
10:12:06.0054 0x1920  Waiting for KSN requests completion. In queue: 242
10:12:06.0188 0x0a98  Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc
10:12:06.0454 0x0a98  Object send P2P result: true
10:12:06.0459 0x0a98  Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain
10:12:06.0665 0x0a98  Object send P2P result: true
10:12:06.0677 0x0a98  Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS
10:12:06.0880 0x0a98  Object send P2P result: true
10:12:06.0895 0x0a98  Object required for P2P: [ 2010CA459E5EC8F9D5FC8B000D130294 ] C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\OneDrive.exe
10:12:07.0054 0x1920  Waiting for KSN requests completion. In queue: 7
10:12:07.0097 0x0a98  Object send P2P result: true
10:12:07.0097 0x0a98  Object required for P2P: [ 41E25E514D90E9C8BC570484DBAFF62B ] C:\WINDOWS\system32\cmd.exe
10:12:07.0289 0x0a98  Object send P2P result: true
10:12:07.0289 0x0a98  Object required for P2P: [ 41E25E514D90E9C8BC570484DBAFF62B ] C:\WINDOWS\system32\cmd.exe
10:12:07.0525 0x0a98  Object send P2P result: true
10:12:07.0525 0x0a98  Object required for P2P: [ 41E25E514D90E9C8BC570484DBAFF62B ] C:\WINDOWS\system32\cmd.exe
10:12:07.0755 0x0a98  Object send P2P result: true
10:12:08.0141 0x1920  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
10:12:08.0162 0x1920  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.1.2245.1540 ), 0x41000 ( enabled : updated )
10:12:08.0171 0x1920  Win FW state via NFP2: enabled ( trusted )
10:12:08.0383 0x1920  ============================================================
10:12:08.0383 0x1920  Scan finished
10:12:08.0383 0x1920  ============================================================
10:12:08.0407 0x1818  Detected object count: 0
10:12:08.0407 0x1818  Actual detected object count: 0
         
Mbam

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 04.01.2016
Suchlaufzeit: 09:01
Protokolldatei: Suchlauf_mbam_040116_930.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.01.04.01
Rootkit-Datenbank: v2015.12.26.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Nutzername

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 439533
Abgelaufene Zeit: 43 Min., 50 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         

Alt 04.01.2016, 12:34   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10: Firefox öffnet automatisch Tab mit Werbeseite - Standard

Windows 10: Firefox öffnet automatisch Tab mit Werbeseite



Avast schon deinstalliert?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.01.2016, 12:46   #8
Gnuschperli
 
Windows 10: Firefox öffnet automatisch Tab mit Werbeseite - Standard

Windows 10: Firefox öffnet automatisch Tab mit Werbeseite



Zitat:
Zitat von cosinus Beitrag anzeigen
Avast schon deinstalliert?
Noch nicht. Sollte ich?

Alt 04.01.2016, 15:16   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10: Firefox öffnet automatisch Tab mit Werbeseite - Standard

Windows 10: Firefox öffnet automatisch Tab mit Werbeseite



Sollte man schlussfolgern wenn man meine Posting richtig liest
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.01.2016, 15:28   #10
Gnuschperli
 
Windows 10: Firefox öffnet automatisch Tab mit Werbeseite - Standard

Windows 10: Firefox öffnet automatisch Tab mit Werbeseite



Zitat:
Zitat von cosinus Beitrag anzeigen
Sollte man schlussfolgern wenn man meine Posting richtig liest
Whoops...vollkommen überlesen . Sorry.
Danke für den Tipp. Wegen dem Virenscanner bin ich nicht ganz schlüssig. Man liest irgendwie mal dies mal das. Ich war früher auf Avira, war damit aber überhaupt nicht mehr zufrieden und hab daher auf Avast gewechselt.

Werde mich aber vermutlich an die Empfehlung halten. Was sollte ich weiterhin tun? Bedrohung scheint ja keine vorhanden zu sein. Einfach mal Cookies etc. bei Firefox löschen? Muss ja fast von da kommen, meiner Laien-Meinung nach...

Alt 04.01.2016, 15:29   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10: Firefox öffnet automatisch Tab mit Werbeseite - Standard

Windows 10: Firefox öffnet automatisch Tab mit Werbeseite



Da kümmerst du dich drum wenn wir hier fertig sind

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.01.2016, 18:25   #12
Gnuschperli
 
Windows 10: Firefox öffnet automatisch Tab mit Werbeseite - Standard

Windows 10: Firefox öffnet automatisch Tab mit Werbeseite



AdwCleaner

Code:
ATTFilter
# AdwCleaner v5.027 - Bericht erstellt am 04/01/2016 um 17:45:47
# Aktualisiert am 30/12/2015 von Xplode
# Datenbank : 2015-12-30.1 [Server]
# Betriebssystem : Windows 10 Pro  (x64)
# Benutzername : Nutzername
# Gestartet von : C:\Users\Nutzername\Desktop\AdwCleaner_5.027.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****

[-] Dienst Gelöscht : swdumon

***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Users\Nutzername\AppData\Local\apn
[-] Ordner Gelöscht : C:\Users\Nutzername\AppData\Local\slimware utilities inc

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Nutzername\AppData\Roaming\Mozilla\Firefox\Profiles\g09m4yg0.default\searchplugins\yahoo-lavasoft.xml
[-] Datei Gelöscht : C:\WINDOWS\SysNative\drivers\swdumon.sys
[-] Datei Gelöscht : C:\WINDOWS\SysWOW64\lavasofttcpservice.dll

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\SlimWare Utilities Inc
[-] Schlüssel Gelöscht : HKCU\Software\WEBAPP
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1C42C71A-D478-4F5C-BFBC-27A7A486FFCF}
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1C42C71A-D478-4F5C-BFBC-27A7A486FFCF}

***** [ Internetbrowser ] *****

[-] [C:\Users\Nutzername\AppData\Roaming\Mozilla\Firefox\Profiles\g09m4yg0.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.param.yahoo-fr", "chr-greentree_ff&type=827316&ilc=12");

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2924 Bytes] ##########
         
JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 10 Pro x64 
Ran by Nutzername (Administrator) on 04.01.2016 at 18:01:49.45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 7 

Successfully deleted: C:\ProgramData\pc drivers headquarters (Folder) 
Successfully deleted: C:\Users\Nutzername\AppData\Roaming\Mozilla\Firefox\Profiles\g09m4yg0.default\gm_scripts\DS_-_Arrival_Date_CH_+_DE-1\53207.user.js (File) 
Successfully deleted: C:\users\Public\Documents\downloaded installers (Folder) 
Successfully deleted: C:\WINDOWS\SysWOW64\FAP20A4.tmp (File) 
Successfully deleted: C:\WINDOWS\SysWOW64\FAP2400.tmp (File) 
Successfully deleted: C:\WINDOWS\SysWOW64\FAP253A.tmp (File) 
Successfully deleted: C:\WINDOWS\SysWOW64\FAP2684.tmp (File) 



Registry: 3 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\First Home Page (Registry Value) 
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.01.2016 at 18:09:28.72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Neuer FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
durchgeführt von Nutzername (Administrator) auf Nutzername-PC (04-01-2016 18:18:27)
Gestartet von C:\Users\Nutzername\Desktop
Geladene Profile: Nutzername (Verfügbare Profile: Nutzername & Gast)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_960c1f056a541068\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_960c1f056a541068\AESTSr64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Validity Sensors, Inc.) C:\Windows\System32\vfsFPService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-11-20] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HPCam_Menu] => c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2009-11-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-11] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157456 2015-12-09] (Apple Inc.)
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [2926800 2015-01-27] ()
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\RunOnce: [Uninstall C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\RunOnce: [Uninstall C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\RunOnce: [Uninstall C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\Policies\system: [WallpaperStyle] 2
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\MountPoints2: {e3c2411f-460a-11df-a569-00247ef24dba} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [149504 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-11] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\w98Eject.lnk [2012-05-18]
ShortcutTarget: w98Eject.lnk -> C:\Windows\System\w98eject.exe (Sigmatel)
Startup: C:\Users\Nutzername\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2013-10-05]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a071c040-9ce7-4a7a-bf97-3ce0d539368f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c4aeb9d4-3ba0-4ad5-b4cf-635840139274}: [DhcpNameServer] 192.168.137.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_CH&c=94&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_CH&c=94&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
SearchScopes: HKLM -> DefaultScope {1C42C71A-D478-4F5C-BFBC-27A7A486FFCF} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKLM -> {1C42C71A-D478-4F5C-BFBC-27A7A486FFCF} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Kein Name -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> Keine Datei
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-09] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-09] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-09] (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: Kein Name -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> Keine Datei
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-09] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-4260271641-664959227-3636034554-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Nutzername\AppData\Roaming\Mozilla\Firefox\Profiles\g09m4yg0.default
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxp://www.google.ch/
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-09] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-01-24] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4260271641-664959227-3636034554-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nutzername\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-31] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-12-29] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-12-29] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-03-01] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-03-01] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-11]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-11]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2015-11-19]
FF HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext => nicht gefunden

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\pdf.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll => Keine Datei
CHR Plugin: (Skype Toolbars) - C:\Users\Nutzername\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll => Keine Datei
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\Nutzername\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Nutzername\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Nutzername\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-06]
CHR Extension: (Google-Suche) - C:\Users\Nutzername\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (DivX HiQ) - C:\Users\Nutzername\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-03-01]
CHR Extension: (Avast Online Security) - C:\Users\Nutzername\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Nutzername\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-01]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Nutzername\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-03-01]
CHR Extension: (Google Mail) - C:\Users\Nutzername\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-09]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AESTFilters; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-11] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 STacSV; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated)
R2 vfsFPService; C:\Windows\system32\vfsFPService.exe [721712 2009-06-03] (Validity Sensors, Inc.)
R2 vfsFPService; C:\Windows\SysWOW64\vfsFPService.exe [599344 2009-06-03] (Validity Sensors, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-19] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-11] (AVAST Software)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\System32\drivers\bcmwl63al.sys [5170176 2015-10-30] (Broadcom Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R3 i8042HDR; C:\Windows\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows (R) Codename Longhorn DDK provider)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [34304 2012-01-11] (ManyCam LLC)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2012-02-22] (ManyCam LLC)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2009-07-23] (CyberLink Corp.)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-04 18:09 - 2016-01-04 18:09 - 00001437 _____ C:\Users\Nutzername\Desktop\JRT.txt
2016-01-04 18:00 - 2016-01-04 18:01 - 01599336 _____ (Malwarebytes) C:\Users\Nutzername\Desktop\JRT.exe
2016-01-04 17:58 - 2016-01-04 17:58 - 00003007 _____ C:\Users\Nutzername\Desktop\AdwCleaner[C3].txt
2016-01-04 17:52 - 2016-01-04 17:53 - 00361392 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-04 16:09 - 2016-01-04 17:35 - 01745920 _____ C:\Users\Nutzername\Desktop\AdwCleaner_5.027.exe
2016-01-04 10:25 - 2016-01-04 10:26 - 00135479 _____ C:\Users\Nutzername\Desktop\TDSS_log040116_1025.txt
2016-01-04 10:09 - 2016-01-04 10:48 - 00271056 _____ C:\TDSSKiller.3.1.0.9_04.01.2016_10.09.58_log.txt
2016-01-04 10:08 - 2016-01-04 10:09 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Nutzername\Desktop\tdsskiller.exe
2016-01-04 09:48 - 2016-01-04 09:48 - 00001217 _____ C:\Users\Nutzername\Desktop\Suchlauf_mbam_040116_930.txt
2016-01-04 09:34 - 2016-01-04 18:18 - 00030570 _____ C:\Users\Nutzername\Desktop\FRST.txt
2016-01-04 09:34 - 2016-01-04 18:18 - 00000000 ____D C:\FRST
2016-01-04 09:31 - 2016-01-04 09:34 - 02370560 _____ (Farbar) C:\Users\Nutzername\Desktop\FRST64.exe
2015-12-29 08:32 - 2016-01-04 17:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-21 17:00 - 2015-12-21 17:00 - 00709605 _____ C:\Users\Nutzername\Downloads\Merkblatt_Wohin_mit_den_Wertstoffen.pdf
2015-12-21 16:57 - 2015-12-21 16:57 - 00550487 _____ C:\Users\Nutzername\Downloads\Guesel_2015.pdf
2015-12-21 11:16 - 2015-12-21 11:16 - 00002880 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-12-21 11:16 - 2015-12-21 11:16 - 00000000 ____D C:\Program Files\CCleaner
2015-12-21 11:08 - 2015-12-21 11:08 - 00001852 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-12-21 11:08 - 2015-12-21 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-21 11:08 - 2015-12-21 11:08 - 00000000 ____D C:\Program Files\iTunes
2015-12-21 11:08 - 2015-12-21 11:08 - 00000000 ____D C:\Program Files\iPod
2015-12-21 11:08 - 2015-12-21 11:08 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-12-18 20:20 - 2015-12-07 05:48 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-18 20:20 - 2015-12-07 05:48 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2015-12-18 20:20 - 2015-12-07 05:07 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-18 20:20 - 2015-12-07 04:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-18 20:20 - 2015-12-07 04:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-18 20:19 - 2015-12-07 05:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-18 20:19 - 2015-12-07 05:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-18 20:19 - 2015-12-07 05:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-18 20:19 - 2015-12-07 05:48 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-18 20:19 - 2015-12-07 05:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-18 20:19 - 2015-12-07 05:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-18 20:19 - 2015-12-07 05:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-18 20:19 - 2015-12-07 05:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-18 20:19 - 2015-12-07 05:47 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-18 20:19 - 2015-12-07 05:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-18 20:19 - 2015-12-07 05:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-18 20:19 - 2015-12-07 05:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-18 20:19 - 2015-12-07 05:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-18 20:19 - 2015-12-07 05:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-18 20:19 - 2015-12-07 05:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-18 20:19 - 2015-12-07 05:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-18 20:19 - 2015-12-07 05:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-18 20:19 - 2015-12-07 05:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-18 20:19 - 2015-12-07 05:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-18 20:19 - 2015-12-07 05:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-18 20:19 - 2015-12-07 05:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-18 20:19 - 2015-12-07 05:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-18 20:19 - 2015-12-07 05:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-18 20:19 - 2015-12-07 05:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-18 20:19 - 2015-12-07 05:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-18 20:19 - 2015-12-07 05:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-18 20:19 - 2015-12-07 05:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-18 20:19 - 2015-12-07 05:03 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-18 20:19 - 2015-12-07 05:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-18 20:19 - 2015-12-07 05:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-18 20:19 - 2015-12-07 05:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-18 20:19 - 2015-12-07 05:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-18 20:19 - 2015-12-07 05:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-18 20:19 - 2015-12-07 05:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-18 20:19 - 2015-12-07 05:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-18 20:19 - 2015-12-07 05:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-18 20:19 - 2015-12-07 04:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-18 20:19 - 2015-12-07 04:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-18 20:19 - 2015-12-07 04:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-18 20:19 - 2015-12-07 04:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-18 20:19 - 2015-12-07 04:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-18 20:19 - 2015-12-07 04:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-18 20:19 - 2015-12-07 04:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2015-12-18 20:19 - 2015-12-07 04:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-18 20:19 - 2015-12-07 04:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-18 20:19 - 2015-12-07 04:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-18 20:19 - 2015-12-07 04:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-18 20:19 - 2015-12-07 04:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-18 20:19 - 2015-12-07 04:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-18 20:19 - 2015-12-07 04:54 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2015-12-18 20:19 - 2015-12-07 04:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-18 20:19 - 2015-12-07 04:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-18 20:19 - 2015-12-07 04:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-18 20:19 - 2015-12-07 04:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-18 20:19 - 2015-12-07 04:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-18 20:19 - 2015-12-07 04:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-18 20:19 - 2015-12-07 04:47 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-18 20:19 - 2015-12-07 04:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-18 20:19 - 2015-12-07 04:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-18 20:19 - 2015-12-07 04:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-18 20:19 - 2015-12-07 04:44 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-18 20:19 - 2015-12-07 04:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-18 20:19 - 2015-12-07 04:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-18 20:19 - 2015-12-07 04:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-18 20:19 - 2015-12-07 04:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-18 20:19 - 2015-12-07 04:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-18 20:19 - 2015-12-07 04:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-18 20:19 - 2015-12-07 04:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-18 20:19 - 2015-12-07 04:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-18 20:19 - 2015-12-07 04:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-18 20:19 - 2015-12-07 04:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-17 08:36 - 2015-12-17 08:36 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-12 10:26 - 2015-12-12 10:26 - 00000000 ____D C:\Users\Nutzername\AppData\Local\ActiveSync
2015-12-12 10:24 - 2015-12-12 10:24 - 00000020 ___SH C:\Users\Nutzername\ntuser.ini
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-12-12 04:56 - 2015-12-12 04:56 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-12-12 04:43 - 2016-01-04 17:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-12 04:28 - 2015-12-12 04:28 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recovery Manager
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Apple Computer
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default\AppData\Local\Apple Computer
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default\AppData\Local\Apple
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recovery Manager
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Apple Computer
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple Computer
2015-12-12 04:28 - 2015-12-12 04:28 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple
2015-12-12 04:19 - 2015-12-12 04:19 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-12-12 04:18 - 2015-12-12 04:32 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-12-12 04:15 - 2015-12-23 18:13 - 00000000 ____D C:\Users\Nutzername
2015-12-12 04:15 - 2015-12-12 04:38 - 00000000 ____D C:\Users\Gast
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Startmenü
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Videos
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Vorlagen
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Startmenü
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Netzwerkumgebung
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Lokale Einstellungen
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Eigene Dateien
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Druckumgebung
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Documents\Eigene Videos
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Documents\Eigene Musik
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Documents\Eigene Bilder
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\AppData\Local\Verlauf
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\AppData\Local\Anwendungsdaten
2015-12-12 04:15 - 2015-12-12 04:15 - 00000000 _SHDL C:\Users\Nutzername\Anwendungsdaten
2015-12-12 04:11 - 2015-12-12 04:11 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2015-12-12 04:10 - 2015-12-12 04:10 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-12-12 04:10 - 2015-12-12 04:10 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-12-12 04:10 - 2015-12-12 04:10 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-12-12 04:10 - 2015-12-12 04:10 - 00000000 ____D C:\Program Files\IDT
2015-12-12 04:10 - 2015-12-12 04:10 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2015-12-12 04:10 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-12-12 04:10 - 2010-03-23 14:53 - 12772352 _____ (IDT, Inc.) C:\WINDOWS\system32\idtcpl64.cpl
2015-12-12 04:10 - 2010-03-23 14:53 - 03348480 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2015-12-12 04:10 - 2010-03-23 14:53 - 00564224 _____ (IDT, Inc.) C:\WINDOWS\system32\idt64mp1.exe
2015-12-12 04:10 - 2010-03-23 14:53 - 00487424 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2015-12-12 04:10 - 2010-01-26 18:30 - 00162816 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTAC64.dll
2015-12-12 04:10 - 2009-10-09 16:45 - 00442368 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTEC64.dll
2015-12-12 04:10 - 2009-03-02 17:58 - 00068608 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTAR64.dll
2015-12-12 04:10 - 2009-03-02 17:47 - 00090624 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTCo64.dll
2015-12-12 04:09 - 2015-12-12 04:09 - 00000000 ____D C:\Program Files\Synaptics
2015-12-12 03:59 - 2015-12-21 12:01 - 00000000 ____D C:\Windows.old
2015-12-12 03:58 - 2015-12-12 03:58 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-12 03:58 - 2015-12-12 03:58 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-12 03:58 - 2015-12-12 03:58 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-12 03:58 - 2015-12-12 03:58 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-12 03:58 - 2015-12-12 03:58 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-12-12 03:58 - 2015-12-12 03:58 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-12-12 03:58 - 2015-12-12 03:58 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-12-12 03:58 - 2015-12-12 03:58 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-12-12 03:58 - 2015-12-12 03:58 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-12-12 03:56 - 2015-10-29 19:43 - 06238720 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons000c.dll
2015-12-12 03:56 - 2015-10-29 19:41 - 06238720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons000c.dll
2015-12-12 03:56 - 2015-10-29 19:30 - 02354176 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData000c.dll
2015-12-12 03:56 - 2015-10-29 19:27 - 02268672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData000c.dll
2015-12-12 03:55 - 2015-12-12 03:55 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-12 03:52 - 2015-12-12 04:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-12 03:52 - 2015-12-12 03:52 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-12-12 03:52 - 2015-12-12 03:52 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-12 03:52 - 2015-12-12 03:52 - 00000000 ____D C:\Program Files\MSBuild
2015-12-12 03:52 - 2015-12-12 03:52 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-12 03:51 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-12 03:51 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-12 03:51 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-12-12 03:51 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-12 03:51 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-12 03:51 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-11 12:47 - 2015-12-12 04:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-11 00:34 - 2015-12-11 00:34 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-12-11 00:34 - 2015-12-11 00:34 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-04 18:15 - 2014-09-09 19:05 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-04 18:10 - 2015-06-17 07:59 - 00001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-01-04 18:00 - 2015-10-30 19:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-04 18:00 - 2015-10-30 19:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-04 18:00 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-04 18:00 - 2015-08-02 17:51 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-04 17:58 - 2013-11-09 13:33 - 00000000 ___RD C:\Users\Nutzername\Dropbox
2016-01-04 17:57 - 2013-11-09 13:21 - 00000000 ____D C:\Users\Nutzername\AppData\Roaming\Dropbox
2016-01-04 17:55 - 2015-06-17 07:59 - 00001250 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-01-04 17:55 - 2010-05-02 12:08 - 00001144 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-04 17:54 - 2010-04-12 16:20 - 00000441 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2016-01-04 17:52 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2016-01-04 17:52 - 2012-05-07 22:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-04 17:46 - 2015-10-30 07:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-01-04 17:45 - 2014-04-14 23:15 - 00000000 ____D C:\AdwCleaner
2016-01-04 17:29 - 2010-05-02 12:08 - 00001148 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-04 15:47 - 2012-10-03 19:44 - 00000000 ____D C:\Users\Nutzername\Documents\Outlook-Dateien
2016-01-04 15:18 - 2015-10-29 13:30 - 00004180 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5056D5AE-D540-4282-A3D9-3CE81CA5EE48}
2016-01-04 10:52 - 2014-05-07 00:44 - 00002956 _____ C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-4260271641-664959227-3636034554-1000
2016-01-04 09:01 - 2014-07-04 12:56 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-01 18:25 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-31 08:10 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-30 09:09 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-29 08:15 - 2014-09-09 19:05 - 00003858 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-27 22:10 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-27 22:10 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-23 07:58 - 2012-10-03 18:45 - 00000000 ____D C:\Users\Nutzername\Nutzername
2015-12-21 12:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-21 11:08 - 2010-04-12 08:46 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-12-21 02:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-21 02:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-21 02:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-19 12:35 - 2014-09-24 13:35 - 00451040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-12-19 12:35 - 2014-09-24 13:35 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2015-12-15 00:01 - 2013-10-29 09:37 - 00000000 __RDO C:\Users\Nutzername\SkyDrive
2015-12-14 10:42 - 2015-08-02 18:32 - 00002445 _____ C:\Users\Nutzername\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-13 09:36 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-12 10:53 - 2015-08-07 19:16 - 00000000 ____D C:\Users\Nutzername\AppData\Local\PackageStaging
2015-12-12 10:53 - 2012-11-19 14:02 - 00000000 ____D C:\Users\Nutzername\AppData\Local\Packages
2015-12-12 10:47 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-12 10:26 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-12-12 10:26 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-12 10:25 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-12 10:24 - 2012-11-19 14:03 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-12 04:57 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-12 04:56 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2015-12-12 04:56 - 2013-10-29 03:30 - 00064773 _____ C:\WINDOWS\diagwrn.xml
2015-12-12 04:56 - 2013-10-29 03:30 - 00064773 _____ C:\WINDOWS\diagerr.xml
2015-12-12 04:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-12 04:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-12 04:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2015-12-12 04:43 - 2015-06-17 07:59 - 00003790 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2015-12-12 04:43 - 2015-06-17 07:59 - 00003562 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2015-12-12 04:43 - 2014-09-24 13:35 - 00002954 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-12-12 04:43 - 2014-03-05 15:02 - 00002304 _____ C:\WINDOWS\System32\Tasks\{6807955D-95F5-4432-972F-8A436B89A6AE}
2015-12-12 04:43 - 2012-11-19 14:12 - 00002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4260271641-664959227-3636034554-1000
2015-12-12 04:43 - 2012-11-19 13:12 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-12 04:43 - 2011-02-08 17:14 - 00002362 _____ C:\WINDOWS\System32\Tasks\{348F62FF-81FD-4927-A6C2-B88232295883}
2015-12-12 04:43 - 2011-01-12 18:49 - 00002026 _____ C:\WINDOWS\System32\Tasks\{0291DAD5-E7B8-40D2-9C0E-801870BB6F82}
2015-12-12 04:43 - 2010-05-02 12:08 - 00003660 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-12 04:43 - 2010-05-02 12:08 - 00003436 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-12 04:43 - 2010-04-12 09:22 - 00002180 _____ C:\WINDOWS\System32\Tasks\{0045FFD3-A467-4D80-9AF5-66B75135CC26}
2015-12-12 04:42 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2015-12-12 04:42 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-12 04:32 - 2015-11-19 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 5
2015-12-12 04:32 - 2015-10-30 19:47 - 00000000 ____D C:\WINDOWS\ShellNew
2015-12-12 04:32 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2015-12-12 04:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-12-12 04:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-12-12 04:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-12-12 04:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-12-12 04:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help
2015-12-12 04:32 - 2015-09-23 15:22 - 00000000 ____D C:\Users\Nutzername\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stata 14
2015-12-12 04:32 - 2015-04-01 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTax.schwyz 2014 nP
2015-12-12 04:32 - 2014-04-24 10:00 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-12-12 04:32 - 2014-04-24 10:00 - 00000000 ____D C:\WINDOWS\en
2015-12-12 04:32 - 2014-04-24 10:00 - 00000000 ____D C:\WINDOWS\de
2015-12-12 04:32 - 2014-04-05 11:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTax.schwyz 2013 nP
2015-12-12 04:32 - 2013-10-23 08:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-12 04:32 - 2013-03-27 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTax.schwyz 2012 nP
2015-12-12 04:32 - 2011-11-20 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-12-12 04:32 - 2011-03-01 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
2015-12-12 04:32 - 2011-01-12 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-12 04:32 - 2010-04-27 12:53 - 00000000 ____D C:\Users\Nutzername\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-12-12 04:32 - 2010-01-23 12:20 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recovery Manager
2015-12-12 04:32 - 2009-12-01 21:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-12-12 04:32 - 2009-12-01 21:30 - 00000000 ____D C:\Users\Nutzername\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recovery Manager
2015-12-12 04:32 - 2009-09-04 13:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-12-12 04:32 - 2009-09-04 13:00 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard
2015-12-12 04:32 - 2009-08-25 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
2015-12-12 04:28 - 2015-07-10 10:05 - 00000000 ____D C:\Users\Default.migrated
2015-12-12 04:23 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-12-12 04:23 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-12-12 04:23 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-12-12 04:23 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-12-12 04:23 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-12 04:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-12-12 04:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-12-12 04:23 - 2012-02-02 11:04 - 00000000 ____D C:\WINDOWS\system32\SPReview
2015-12-12 04:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-12 04:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-12 04:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-12-12 04:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\IME
2015-12-12 04:22 - 2011-10-13 20:51 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2015-12-12 04:20 - 2015-10-30 19:36 - 00000000 ____D C:\WINDOWS\OCR
2015-12-12 04:20 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-12-12 04:20 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-12 04:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\System
2015-12-12 04:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\schemas
2015-12-12 04:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-12-12 04:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod
2015-12-12 04:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\IME
2015-12-12 04:20 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-12-12 04:20 - 2012-11-19 17:41 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-12-12 04:20 - 2009-08-25 10:31 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-12-12 04:19 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-12-12 04:19 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-12 04:19 - 2015-06-13 07:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxis
2015-12-12 04:19 - 2012-10-25 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2015-12-12 04:19 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-12-12 04:17 - 2009-12-01 21:30 - 00000000 ____D C:\Users\Nutzername\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2015-12-12 04:16 - 2012-11-19 15:53 - 00000000 ____D C:\Users\Gast\AppData\Local\Packages
2015-12-12 04:16 - 2010-01-23 12:20 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2015-12-12 04:14 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-12 04:07 - 2015-10-30 19:58 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-12-12 04:05 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-12 03:59 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-12 03:59 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-12 03:59 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-12 03:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-12 03:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-12 03:52 - 2015-10-30 08:17 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-12-12 03:52 - 2015-10-30 08:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-12-12 03:52 - 2015-10-30 08:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-12-12 03:52 - 2015-10-30 08:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2015-12-12 03:52 - 2015-10-30 08:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2015-12-11 12:47 - 2015-06-17 07:59 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-12-11 00:34 - 2014-09-24 13:35 - 01055560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-12-11 00:34 - 2014-09-24 13:35 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-12-11 00:34 - 2014-09-24 13:35 - 00155304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-12-11 00:34 - 2014-09-24 13:35 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-12-11 00:34 - 2014-09-24 13:35 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-12-11 00:34 - 2014-09-24 13:35 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-12-10 17:35 - 2013-07-17 10:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-10 17:25 - 2010-04-12 15:51 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-09 08:43 - 2009-12-01 21:33 - 00000000 ____D C:\ProgramData\Microsoft Help

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-08-20 09:51 - 2015-08-17 11:12 - 0011241 _____ () C:\Users\Nutzername\AppData\Roaming\Microsoft Excel 97-2003.CAL
2012-06-26 13:47 - 2012-06-26 13:47 - 0000000 _____ () C:\Users\Nutzername\AppData\Roaming\wklnhst.dat
2009-12-19 14:06 - 2009-12-19 14:06 - 0000024 _____ () C:\Users\Nutzername\AppData\Local\73648-88365-27475-00IP7-22847
2009-12-01 21:58 - 2009-12-01 21:58 - 0000000 _____ () C:\Users\Nutzername\AppData\Local\AtStart.txt
2009-12-01 21:58 - 2009-12-01 21:58 - 0000000 _____ () C:\Users\Nutzername\AppData\Local\DSwitch.txt
2009-12-01 21:58 - 2009-12-01 21:58 - 0000000 _____ () C:\Users\Nutzername\AppData\Local\QSwitch.txt
2009-12-01 20:15 - 2014-11-12 09:42 - 0007597 _____ () C:\Users\Nutzername\AppData\Local\resmon.resmoncfg
2013-06-07 08:42 - 2013-06-07 08:42 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-10-03 21:44 - 2015-08-17 08:21 - 0000185 _____ () C:\ProgramData\HPWALog.txt
2010-04-12 14:32 - 2010-04-12 14:32 - 0004940 _____ () C:\ProgramData\mtbjfghn.xbe
2009-08-25 01:30 - 2009-08-25 01:30 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2009-09-04 12:23 - 2009-09-04 12:23 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-08-25 01:29 - 2009-08-25 01:29 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-09-04 12:16 - 2009-09-04 12:18 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-08-25 01:29 - 2009-08-25 01:29 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2009-08-25 01:30 - 2009-08-25 01:30 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2009-09-04 12:16 - 2009-09-04 12:16 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-09-04 12:18 - 2009-09-04 12:23 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2009-08-25 01:30 - 2009-08-25 01:30 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Einige Dateien in TEMP:
====================
C:\Users\Nutzername\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-04 10:52

==================== Ende von FRST.txt ============================
         

Alt 04.01.2016, 18:26   #13
Gnuschperli
 
Windows 10: Firefox öffnet automatisch Tab mit Werbeseite - Standard

Windows 10: Firefox öffnet automatisch Tab mit Werbeseite



Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-12-2015
durchgeführt von Nutzername (2016-01-04 18:19:37)
Gestartet von C:\Users\Nutzername\Desktop
Windows 10 Pro (X64) (2015-12-12 03:57:09)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4260271641-664959227-3636034554-500 - Administrator - Disabled)
Nutzername (S-1-5-21-4260271641-664959227-3636034554-1000 - Administrator - Enabled) => C:\Users\Nutzername
DefaultAccount (S-1-5-21-4260271641-664959227-3636034554-503 - Limited - Disabled)
Gast (S-1-5-21-4260271641-664959227-3636034554-501 - Limited - Disabled) => C:\Users\Gast

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 8.2.1 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.204 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B93CD779-D1C1-4B4D-A9E5-564A542C6DFD}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{F11053A9-C5E1-0218-918E-8B97A8DCF3EA}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.2.0.8 - Swiss Academic Software)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
eTax.schwyz 2012 nP 11.0.4 (HKLM-x32\...\4623-6347-5575-7867) (Version: 11.0.4 - Information Factory AG)
eTax.schwyz 2013 nP 12.0.5 (HKLM-x32\...\0444-9509-4988-5221) (Version: 12.0.5 - Information Factory AG)
eTax.schwyz 2014 nP 1.6.0 (HKLM-x32\...\1036-5372-1441-3171) (Version: 1.6.0 - Information Factory AG)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{7FD7F421-39B2-4CAC-BC41-7D83DDBAB329}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Integrated Module with Bluetooth wireless technology (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9602 - Broadcom Corporation)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3123 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.0.30.1 - Hewlett-Packard)
HP Photosmart 7520 series - Grundlegende Software für das Gerät (HKLM\...\{62883BA5-32F6-44D0-AF9D-9CBED778F36F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 7520 series Hilfe (HKLM-x32\...\{2230C40A-ADE0-4231-98EC-7AAFC14BC7F3}) (Version: 28.0.0 - Hewlett Packard)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.12.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{348A1F5B-07B3-4436-9A47-FFE44EFE856E}) (Version: 11.51.0004 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
iTunes (HKLM\...\{8A4D15F4-2148-48DF-AC31-9513E5B734ED}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.17 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Facebook 32-bit (HKLM-x32\...\{95140000-007C-0409-0000-0000000FF1CE}) (Version: 14.0.6114.5003 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 en-US)) (Version: 43.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.3.5835 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.0 - pdfforge)
PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Stata 14 (HKLM-x32\...\{BB31D61A-AFF4-4E2F-B9CD-611C2E51402A}) (Version: 14.0 - StataCorp LP)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Validity Sensors software (HKLM\...\{F65B8208-5221-43D9-AA12-DDEA64EC4AF6}) (Version: 2.8.120 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4260271641-664959227-3636034554-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Nutzername\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03CA8F5A-3649-4F2E-B26C-8DAD6A01311B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {07243F2D-D6AC-4AE2-B315-0D83628CEFCA} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {119785F1-27BC-4DF4-B2D3-3A3E6948D1FB} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {1269B979-F74B-4F25-9BE4-B3D8FCB5F900} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {1380805F-C0EF-41BC-B758-0A50F7E4CA31} - System32\Tasks\{6807955D-95F5-4432-972F-8A436B89A6AE} => Firefox.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1618
Task: {141EA52B-83CA-49ED-956F-27902DDCF191} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {18124BA4-E7E8-4F68-A917-AA0648ECE488} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {24353665-E677-4B44-A4AF-8B43E9AFA27B} - System32\Tasks\{348F62FF-81FD-4927-A6C2-B88232295883} => pcalua.exe -a C:\Users\Nutzername\Sonstiges\Desktop\upd-PCL6-X64-5.2.5.9108.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {24BDB1F1-5DF8-47A8-9898-033718EAE188} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-07-23] (CyberLink Corp.)
Task: {24CE9859-9E31-4F14-AB7D-31BEA8FC4B73} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {24FACA36-542F-4ACC-AF76-5D9F6827F321} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-10] (Microsoft Corporation)
Task: {2DE22C3F-D851-43FB-B607-17FD9473FBAE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {33B7F09B-9609-4B56-91F5-49DB63646213} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {363FC26D-9BE6-4E59-8E7E-91B0F98C058A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {393DE3B3-7A10-4267-A734-AB843C647496} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {3D5898BF-D365-4D1E-9F9E-2E961AD95A8A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {3ED8AC47-53E0-4EF8-8098-32A341946282} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {470AE303-9ADC-42D4-97C7-08B11D8FA125} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {485AD369-0888-4F7E-831E-F230C9F86BA6} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {51B04E1E-12A5-4E26-A3F4-323AA0897BC1} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {523881B2-E01F-4F78-90EE-40371A936CBF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {5A286A29-191E-41B8-827A-4E3A9053A1DA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {5B2D1129-24A7-4E2C-ABF7-2817F0A57815} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {5F3CABBC-1CF5-4A35-84B6-8E2DA0CD18E6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {63FFFC44-24F0-4CF0-B966-AFAD97999D11} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {784A2529-2D4F-4F7C-89BA-A16490D2592A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {784DF3E2-0271-4249-B593-CC124440DCB6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {7E92F694-84EE-4862-ADCF-34825814C406} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2014-08-19] (Microsoft)
Task: {8CF59252-E2D5-404D-928C-8DAB3AEAE1A1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-11] (AVAST Software)
Task: {950473DE-7D6A-4CC4-82DA-CCC8C490C8CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-08-19] (Microsoft)
Task: {A5635BCB-B3B9-4BB3-B1B1-91804573F1BB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A73CA112-7AB0-4977-A61E-B85E6DF07A0C} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {A7F173AE-0806-423B-B924-77736D5889FC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {AA7B4FEA-CFB4-412E-B91E-5E8CDC07E40B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {AD1CC11A-E89E-4939-897C-D3F6BB572143} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {AF78A064-FED2-4883-84F0-B14D2C241899} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B7850CF2-89E9-443B-8935-C084015F6D35} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {BD58FF06-FD2B-494B-991A-69BEFD6DFD96} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {BE370D5D-65D9-4F0E-B683-873F09DE03EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {C0B811C3-5631-4DC4-9B49-0C4172A74DC4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {C4EDF36A-AE55-4994-BEAB-D040FC332D7A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {D02CD671-903E-4352-AD86-2690A01D3328} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-4260271641-664959227-3636034554-1000
Task: {D8686914-D19C-44C2-98A4-B434C58B4242} - System32\Tasks\{0291DAD5-E7B8-40D2-9C0E-801870BB6F82} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {E395392D-551C-45DE-A777-CE4956116B6C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {E51DD0B3-6D31-4D87-9DF9-7E0EF495608F} - System32\Tasks\{0045FFD3-A467-4D80-9AF5-66B75135CC26} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {E6C59F4D-183D-40A5-B861-651EA1DAEA0A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {EA75D5B8-8509-401B-B377-BABB77D39E55} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {EB8B0B8D-A5C5-44F8-B13B-F5C177B642BF} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {ECD172F6-5E76-451C-BE64-33B77D1585E2} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29] (Adobe Systems Incorporated)
Task: {F41A09EB-6007-4680-A529-31A5D3905EE5} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {F95F4C9D-5A93-4C60-ABE4-FED84F1CCC56} - System32\Tasks\Hewlett-Packard\HP Support Assistant\GetAssistance Maintenance Events => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil.exe [2014-08-19] (Hewlett-Packard)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Nutzername\Desktop\age2.bat - Verknüpfung.lnk -> C:\Program Files (x86)\Microsoft Games\Age of Empires II\age2_x1\age2.bat.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-12 03:58 - 2015-12-12 03:58 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-17 07:55 - 2015-12-18 20:22 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-18 20:19 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 20:19 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-18 20:20 - 2015-12-07 04:37 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-18 20:19 - 2015-12-07 04:33 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-18 20:20 - 2015-12-07 04:34 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-18 20:20 - 2015-12-07 04:36 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-11 00:34 - 2015-12-11 00:34 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-11 00:34 - 2015-12-11 00:34 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-01-04 13:57 - 2016-01-04 13:57 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\16010400\algo.dll
2015-12-11 00:34 - 2015-12-11 00:34 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-01-04 17:55 - 2016-01-04 17:55 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\16010401\algo.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-12-11 00:34 - 2015-12-11 00:34 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-12-17 07:55 - 2015-12-18 20:22 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-12-17 07:55 - 2015-12-18 20:22 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-12-17 08:29 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-17 08:29 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4260271641-664959227-3636034554-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Nutzername\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: HPADVISOR => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Java\jre6\bin\jusched.exe"
HKLM\...\StartupApproved\Run: => "Zune Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "WirelessAssistant"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\StartupApproved\StartupFolder: => "OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\StartupApproved\Run: => "HP Photosmart 7520 series (NET)"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\...\StartupApproved\Run: => "OneDrive"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5BEC662C-4B51-40CC-9656-AC191EA35BC4}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{FC31921F-1262-46F2-9DE9-62B33658EF36}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{34A2B52C-3F8B-482E-B73A-FB5601DFCCF9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{21FDCCDA-F728-4393-B96B-CE49B0CA12E9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{19954ABB-FF97-43F2-822B-6A7D7C4B0803}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{882178B3-237F-4B29-9956-1EB688A946BC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E161262F-1A93-46F1-BCC5-C3BA75209B84}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9C271B71-546C-4A40-BAB9-9C6676727CA2}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{59726D15-235B-4895-A9ED-ABC87A53DB40}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{A25EBB2A-FFE9-4575-8AF6-6E28C881F1E4}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\DeviceSetup.exe
FirewallRules: [{15322E5B-8DDB-4B4B-B6B3-EA39A27BE34C}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\SendAFax.exe
FirewallRules: [{DE3560A6-0A15-4197-A25B-D491D70D2C19}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\DigitalWizards.exe
FirewallRules: [{4D3F0424-40DD-4FA2-8261-A5B161896B6F}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\FaxApplications.exe
FirewallRules: [{771CE044-51C7-42E8-AE49-4E7600AFB1E6}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{E193D1C3-A53F-433F-8699-540BD59DD352}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{F447CE99-386B-4D17-B876-1F0EA7DD755B}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{4DF9E9FA-5E7E-4385-97DC-4A596373AEAF}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{A0CA4456-4F74-483D-8FD5-E19FF88C2F1B}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{62757205-C62A-42A5-A00D-87345EE3707B}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{5BF8CB5E-8C90-4BFC-A62B-55A5CA634A32}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{4C4F8715-E4DD-4520-9B90-2D6CD5203BC7}] => (Allow) svchost.exe
FirewallRules: [TCP Query User{ACF4F0EE-BB24-40D3-A14E-6DB19A2023CB}C:\program files (x86)\microsoft games\age of empires iii\age3y.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires iii\age3y.exe
FirewallRules: [UDP Query User{855555CC-D66A-4261-9AF5-1BBD0DCB6575}C:\program files (x86)\microsoft games\age of empires iii\age3y.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires iii\age3y.exe
FirewallRules: [{8CFBC067-BE73-4873-A62B-5B5DFE372067}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{F53F9400-1E23-401B-861E-30827951328F}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{2DFF6612-94E2-4760-9E8A-7E4243256643}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{6F21A671-E94E-4D45-9C86-3B8001DDF5B4}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{15114B0A-9EAC-4061-BD64-7420DAD53C40}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{ABBD55D8-979C-4A93-B197-AD85174FD6BC}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{4E9D2DBB-6117-47A1-A538-F731B31FAF23}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{9FE0A0E7-B094-43C9-B883-04283D4936A6}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{4008FEEF-A69E-45F5-9015-B5F71998ABEF}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{B66878B1-EBBA-4414-B103-37520989CF43}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{86FBB7F7-9CD8-4D08-92BF-5E46802020C5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6CCFBC0B-FD08-45E7-821F-1CDDF36FB0B3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D621832C-F058-4A06-9A0C-4968365A1885}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{D1C5D875-CD90-48DE-A0C1-27E1E55AA39E}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [UDP Query User{B3D92DC9-5AB0-4B71-846C-1F2A5D7C0707}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [TCP Query User{EF1F6B11-96F3-42EE-9769-5C7D8BE658E1}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Block) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [UDP Query User{B875AF11-FCF8-4333-831C-1DD00DACF79C}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Block) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [TCP Query User{1388A0EB-DA55-46A1-8CA4-9AC003461955}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{FF853FEF-B28F-4324-A129-148B2D633DAE}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{7E97AAAA-74DD-43F3-BF77-67ACEE88AFE0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8088293F-C0D4-4766-A31F-6EA3D2513FEF}] => (Allow) LPort=2869
FirewallRules: [{A1382CC5-F399-422C-8664-30D2C2EBD636}] => (Allow) LPort=1900
FirewallRules: [{0E6D1ECA-9575-44E6-80DA-E5F7AD9F4273}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{C97BFC02-898C-4D59-9FF1-37D010CA27CB}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{CC81A614-D3C4-44C8-83C6-D12C55899667}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [{FDC2F744-B084-4675-844C-FD95B53F045F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D0568165-4EBF-42CA-8F63-7EF40FF74FB9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{FAD7DBEE-2A04-4FBF-A860-819E6AFB2904}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E606FCB2-83EC-455A-965B-24EC5B4E1559}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{8CD4BE3E-D8BE-496D-A180-52A2D8D6881B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E8F6067D-9EB4-4B5E-B37F-F46D97140A9E}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe

==================== Wiederherstellungspunkte =========================

22-12-2015 10:20:56 Windows Update
25-12-2015 13:04:29 Windows Update
27-12-2015 19:03:21 Windows-Sicherung
31-12-2015 09:45:07 Windows Update
03-01-2016 19:00:48 Windows-Sicherung
04-01-2016 18:01:51 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/04/2016 06:02:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/04/2016 09:30:34 AM) (Source: Outlook) (EventID: 27) (User: )
Description: OAB (Offline Address Book) files are invalid. Replaced with stub. (Last errors in event data).

Error: (01/03/2016 08:15:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/03/2016 07:21:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/03/2016 07:21:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/03/2016 07:21:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/03/2016 07:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/03/2016 07:00:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/03/2016 08:08:14 AM) (Source: Outlook) (EventID: 27) (User: )
Description: OAB (Offline Address Book) files are invalid. Replaced with stub. (Last errors in event data).

Error: (01/01/2016 06:41:49 PM) (Source: Outlook) (EventID: 27) (User: )
Description: OAB (Offline Address Book) files are invalid. Replaced with stub. (Last errors in event data).


Systemfehler:
=============
Error: (01/04/2016 06:00:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070490 fehlgeschlagen: Hewlett-Packard  - Imaging, Other hardware - Null Fax - HP Photosmart 7520 series

Error: (01/04/2016 05:58:19 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (01/04/2016 05:54:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HPSupportSolutionsFrameworkService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/04/2016 05:54:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst HPSupportSolutionsFrameworkService erreicht.

Error: (01/04/2016 05:52:49 PM) (Source: hpdskflt) (EventID: 1001) (User: )
Description: 

Error: (01/04/2016 05:46:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (01/04/2016 05:46:28 PM) (Source: DCOM) (EventID: 10010) (User: Nutzername-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (01/04/2016 05:46:27 PM) (Source: DCOM) (EventID: 10010) (User: Nutzername-PC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/04/2016 05:46:27 PM) (Source: DCOM) (EventID: 10010) (User: Nutzername-PC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/04/2016 05:46:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_133367f9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2015-12-30 13:24:38.660
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-21 09:37:10.552
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-19 10:36:19.339
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-17 07:50:21.908
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-12 04:43:03.963
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-12 04:39:11.950
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-12 04:08:19.510
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 4063.18 MB
Verfügbarer physikalischer RAM: 2508.19 MB
Summe virtueller Speicher: 8159.18 MB
Verfügbarer virtueller Speicher: 6602.77 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:675.96 GB) (Free:483.6 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (RECOVERY) (Fixed) (Total:21.4 GB) (Free:9.44 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (WD SmartWare) (CDROM) (Total:0.63 GB) (Free:0 GB) UDF
Drive g: (My Passport) (Fixed) (Total:465.11 GB) (Free:39.48 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 9CB79060)
Partition 1: (Active) - (Size=455 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=676 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=849 MB) - (Type=27)
Partition 4: (Not Active) - (Size=21.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.1 GB) (Disk ID: 00021968)
Partition 1: (Not Active) - (Size=465.1 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 05.01.2016, 08:35   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10: Firefox öffnet automatisch Tab mit Werbeseite - Standard

Windows 10: Firefox öffnet automatisch Tab mit Werbeseite



FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_CH&c=94&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_CH&c=94&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
SearchScopes: HKLM -> DefaultScope {1C42C71A-D478-4F5C-BFBC-27A7A486FFCF} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKLM -> {1C42C71A-D478-4F5C-BFBC-27A7A486FFCF} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Kein Name -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> Keine Datei
BHO-x32: Kein Name -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> Keine Datei
Toolbar: HKU\S-1-5-21-4260271641-664959227-3636034554-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  Keine Datei
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn => nicht gefunden
C:\ProgramData\Norton
C:\Windows.old
C:\ProgramData\mtbjfghn.xbe
C:\Users\Nutzername\AppData\Local\73648-88365-27475-00IP7-22847
Task: {03CA8F5A-3649-4F2E-B26C-8DAD6A01311B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {141EA52B-83CA-49ED-956F-27902DDCF191} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {18124BA4-E7E8-4F68-A917-AA0648ECE488} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {2DE22C3F-D851-43FB-B607-17FD9473FBAE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {363FC26D-9BE6-4E59-8E7E-91B0F98C058A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {3ED8AC47-53E0-4EF8-8098-32A341946282} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {784DF3E2-0271-4249-B593-CC124440DCB6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {A5635BCB-B3B9-4BB3-B1B1-91804573F1BB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {AA7B4FEA-CFB4-412E-B91E-5E8CDC07E40B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {C0B811C3-5631-4DC4-9B49-0C4172A74DC4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {C4EDF36A-AE55-4994-BEAB-D040FC332D7A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 05.01.2016, 18:55   #15
Gnuschperli
 
Windows 10: Firefox öffnet automatisch Tab mit Werbeseite - Standard

Windows 10: Firefox öffnet automatisch Tab mit Werbeseite



Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-12-2015
durchgeführt von Nutzername (2016-01-05 17:35:52) Run:1
Gestartet von C:\Users\Nutzername\Desktop
Geladene Profile: Nutzername (Verfügbare Profile: Nutzername & Gast)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_CH&c=94&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_CH&c=94&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
SearchScopes: HKLM -> DefaultScope {1C42C71A-D478-4F5C-BFBC-27A7A486FFCF} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKLM -> {1C42C71A-D478-4F5C-BFBC-27A7A486FFCF} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Kein Name -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> Keine Datei
BHO-x32: Kein Name -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> Keine Datei
Toolbar: HKU\S-1-5-21-4260271641-664959227-3636034554-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  Keine Datei
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn => nicht gefunden
C:\ProgramData\Norton
C:\Windows.old
C:\ProgramData\mtbjfghn.xbe
C:\Users\Nutzername\AppData\Local\73648-88365-27475-00IP7-22847
Task: {03CA8F5A-3649-4F2E-B26C-8DAD6A01311B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {141EA52B-83CA-49ED-956F-27902DDCF191} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {18124BA4-E7E8-4F68-A917-AA0648ECE488} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {2DE22C3F-D851-43FB-B607-17FD9473FBAE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {363FC26D-9BE6-4E59-8E7E-91B0F98C058A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {3ED8AC47-53E0-4EF8-8098-32A341946282} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {784DF3E2-0271-4249-B593-CC124440DCB6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {A5635BCB-B3B9-4BB3-B1B1-91804573F1BB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {AA7B4FEA-CFB4-412E-B91E-5E8CDC07E40B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {C0B811C3-5631-4DC4-9B49-0C4172A74DC4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {C4EDF36A-AE55-4994-BEAB-D040FC332D7A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
emptytemp:
         
*****************

HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wert erfolgreich wiederhergestellt
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wert erfolgreich wiederhergestellt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wert erfolgreich wiederhergestellt
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich wiederhergestellt
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1C42C71A-D478-4F5C-BFBC-27A7A486FFCF}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{1C42C71A-D478-4F5C-BFBC-27A7A486FFCF} => Schlüssel nicht gefunden. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich wiederhergestellt
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{609D670F-B735-4da7-AC6D-F3BD358E325E}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{609D670F-B735-4da7-AC6D-F3BD358E325E} => Schlüssel nicht gefunden. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{609D670F-B735-4da7-AC6D-F3BD358E325E}" => Schlüssel erfolgreich entfernt
HKCR\Wow6432Node\CLSID\{609D670F-B735-4da7-AC6D-F3BD358E325E} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-4260271641-664959227-3636034554-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Wert erfolgreich entfernt
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Schlüssel nicht gefunden. 
"HKCR\PROTOCOLS\Handler\skype4com" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => Schlüssel nicht gefunden. 
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC} => Wert erfolgreich entfernt
C:\ProgramData\Norton => erfolgreich verschoben
C:\Windows.old => erfolgreich verschoben
C:\ProgramData\mtbjfghn.xbe => erfolgreich verschoben
C:\Users\Nutzername\AppData\Local\73648-88365-27475-00IP7-22847 => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03CA8F5A-3649-4F2E-B26C-8DAD6A01311B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03CA8F5A-3649-4F2E-B26C-8DAD6A01311B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{141EA52B-83CA-49ED-956F-27902DDCF191}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{141EA52B-83CA-49ED-956F-27902DDCF191}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18124BA4-E7E8-4F68-A917-AA0648ECE488}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18124BA4-E7E8-4F68-A917-AA0648ECE488}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2DE22C3F-D851-43FB-B607-17FD9473FBAE}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DE22C3F-D851-43FB-B607-17FD9473FBAE}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{363FC26D-9BE6-4E59-8E7E-91B0F98C058A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{363FC26D-9BE6-4E59-8E7E-91B0F98C058A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3ED8AC47-53E0-4EF8-8098-32A341946282}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3ED8AC47-53E0-4EF8-8098-32A341946282}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{784DF3E2-0271-4249-B593-CC124440DCB6}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{784DF3E2-0271-4249-B593-CC124440DCB6}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A5635BCB-B3B9-4BB3-B1B1-91804573F1BB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5635BCB-B3B9-4BB3-B1B1-91804573F1BB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA7B4FEA-CFB4-412E-B91E-5E8CDC07E40B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA7B4FEA-CFB4-412E-B91E-5E8CDC07E40B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0B811C3-5631-4DC4-9B49-0C4172A74DC4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0B811C3-5631-4DC4-9B49-0C4172A74DC4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C4EDF36A-AE55-4994-BEAB-D040FC332D7A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4EDF36A-AE55-4994-BEAB-D040FC332D7A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
EmptyTemp: => 1.3 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 17:36:32 ====
         

Antwort

Themen zu Windows 10: Firefox öffnet automatisch Tab mit Werbeseite
.dll, adobe, antivirus, avast, bonjour, browser, computer, defender, dnsapi.dll, excel, explorer, firefox, flash player, google, homepage, launch, lavasofttcpservice64.dll, mozilla, onedrive, problem, prozesse, registry, security, software, svchost.exe, system, windows, windows 10 pro, winlogon.exe, öffnet



Ähnliche Themen: Windows 10: Firefox öffnet automatisch Tab mit Werbeseite


  1. Firefox öffnet sich automatisch mit MSN Startseite beim Windows 10 Start
    Plagegeister aller Art und deren Bekämpfung - 09.01.2016 (7)
  2. Firefox öffnet sich automatisch mit MSN Startseite beim Windows 10 Start
    Plagegeister aller Art und deren Bekämpfung - 16.12.2015 (3)
  3. Firefox 38.0.5 öffnet sich automatisch bei Windows-8.1-Start mit MSN-Deutschland-Website mit sonderbarer URL
    Plagegeister aller Art und deren Bekämpfung - 24.06.2015 (20)
  4. IE öffnet automatisch Fenster im Firefox
    Plagegeister aller Art und deren Bekämpfung - 28.12.2014 (23)
  5. Windows 7, Firefox öffnet automatisch neuen Tab mit Werbung
    Log-Analyse und Auswertung - 02.09.2014 (9)
  6. Mozilla Firefox öffnet automatisch Tabs
    Netzwerk und Hardware - 20.07.2014 (2)
  7. Firefox öffnet Werbeseite auf 123srv und zeigt Werbung von onlinebrowseradvertising
    Log-Analyse und Auswertung - 22.04.2014 (14)
  8. Windows 7: Firefox öffnet automatisch neue Tabs mit Werbung
    Log-Analyse und Auswertung - 05.02.2014 (7)
  9. Werbeseite öffnet sich wiederholt beim Start von Firefox automatisch
    Log-Analyse und Auswertung - 03.02.2012 (16)
  10. Firefox Tab öffnet sich automatisch
    Log-Analyse und Auswertung - 25.10.2011 (17)
  11. Firefox öffnet automatisch Werbetabs
    Plagegeister aller Art und deren Bekämpfung - 28.05.2010 (3)
  12. Werbeseite öffnet sich automatisch
    Log-Analyse und Auswertung - 27.08.2009 (2)
  13. Firefox öffnet automatisch Werbung
    Log-Analyse und Auswertung - 20.10.2008 (11)
  14. IE startet automatisch mit Werbeseite
    Log-Analyse und Auswertung - 29.05.2007 (1)
  15. Firefox öffnet automatisch unsichtbare ( nur im Taskmanager zu sehen Firefox.exe )
    Plagegeister aller Art und deren Bekämpfung - 27.01.2007 (1)
  16. Firefox öffnet automatisch Seiten
    Log-Analyse und Auswertung - 30.11.2006 (3)

Zum Thema Windows 10: Firefox öffnet automatisch Tab mit Werbeseite - Hallo zusammen Ich habe heute meinen Computer ganz normal aufgestartet und Firefox geöffnet, worauf meine letzte Session wie üblich gekommen ist, aber in einem neuen Tab eine Werbeanzeige aufgegangen ist - Windows 10: Firefox öffnet automatisch Tab mit Werbeseite...
Archiv
Du betrachtest: Windows 10: Firefox öffnet automatisch Tab mit Werbeseite auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.