Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win7SP1: svchost braucht 50% CPU Teil1

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 16.01.2016, 15:15   #1
thor42
 
Win7SP1: svchost braucht 50% CPU Teil1 - Standard

Win7SP1: svchost braucht 50% CPU Teil1



Hallo,

habe auf meinem WIN7SP1 Rechner den svchost Prozess für netsvcs mit 50% CPU am laufen.
Habe zuletzt elixir/erlang/phoenix installiert. Evt. Bestand das Problem aber schon vorher und wurde nicht bemerkt. Habe AdwCleaner, JRT laufen lassen.
Hoffe man kann mir hier helfen. Die vorhandenen logfiles folgen:


Code:
ATTFilter
# AdwCleaner v5.029 - Bericht erstellt am 16/01/2016 um 10:58:16
# Aktualisiert am 11/01/2016 von Xplode
# Datenbank : 2016-01-15.2 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : volker - VOLKER-PC
# Gestartet von : C:\Users\volker\Downloads\SPECIAL\AdwCleaner_5.029.exe
# Option : L?schen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gel?scht : C:\Program Files\Hola
[-] Ordner Gel?scht : C:\ProgramData\Tarma Installer
[-] Ordner Gel?scht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
[-] Ordner Gel?scht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
[-] Ordner Gel?scht : C:\Users\volker\AppData\Local\PackageAware
[-] Ordner Gel?scht : C:\Users\volker\AppData\Roaming\eIntaller
[-] Ordner Gel?scht : C:\Users\volker\AppData\Roaming\GrabPro
[-] Ordner Gel?scht : C:\Users\volker\AppData\Roaming\Media Finder
[-] Ordner Gel?scht : C:\Users\volker\AppData\Roaming\ProgSense
[#] Ordner Gel?scht : C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[-] Ordner Gel?scht : C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[-] Ordner Gel?scht : C:\Windows\SysWOW64\C2MP

***** [ Dateien ] *****

[-] Datei Gel?scht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk
[-] Datei Gel?scht : C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\bb9k5o8x.devdev\user.js
[-] Datei Gel?scht : C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\ds9rm53g.dev\user.js
[-] Datei Gel?scht : C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\user.js

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****

[-] Verknüpfung Desinfiziert : C:\Users\volker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[-] Verknüpfung Desinfiziert : C:\Users\volker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe Gel?scht : Desk 365 RunAsStdUser

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gel?scht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook.1
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Classes\MF
[-] Schlüssel Gel?scht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
[-] Schlüssel Gel?scht : HKCU\Software\Classes\MF
[-] Wert Gel?scht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Codec Settings UAC Manager]
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PPStream.exe
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61}
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Classes\CLSID\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Schlüssel Gel?scht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
[-] Schlüssel Gel?scht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
[-] Schlüssel Gel?scht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAC94FEE-45B4-4FD4-9EEA-D8978EC96C6E}
[-] Schlüssel Gel?scht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
[-] Schlüssel Gel?scht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Schlüssel Gel?scht : [x64] HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
[-] Schlüssel Gel?scht : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
[-] Schlüssel Gel?scht : [x64] HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
[-] Schlüssel Gel?scht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Schlüssel Gel?scht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
[-] Schlüssel Gel?scht : HKCU\Software\APN PIP
[-] Schlüssel Gel?scht : HKCU\Software\Conduit
[-] Schlüssel Gel?scht : HKCU\Software\eSupport.com
[-] Schlüssel Gel?scht : HKCU\Software\Headlight
[-] Schlüssel Gel?scht : HKCU\Software\MediaFinder
[-] Schlüssel Gel?scht : HKCU\Software\YahooPartnerToolbar
[-] Schlüssel Gel?scht : HKCU\Software\ProgSense
[-] Schlüssel Gel?scht : HKCU\Software\PPStream
[-] Schlüssel Gel?scht : HKCU\Software\Hola
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Conduit
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\BetterSurf
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Conduit
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Desksvc
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\hdcode
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\PIP
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\V9
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Better-Surf
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\PPStream
[-] Schlüssel Gel?scht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PPStream
[-] Schlüssel Gel?scht : [x64] HKLM\SOFTWARE\Tarma Installer
[-] Schlüssel Gel?scht : [x64] HKLM\SOFTWARE\Hola
[-] Schlüssel Gel?scht : HKU\.DEFAULT\Software\Hola
[-] Schlüssel Gel?scht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
[-] Schlüssel Gel?scht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
[-] Schlüssel Gel?scht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Schlüssel Gel?scht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{343566E2-ABF6-4E67-B1EE-B55A940C202F}
[-] Schlüssel Gel?scht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]

***** [ Internetbrowser ] *****

[-] [C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\ds9rm53g.dev\prefs.js] [Preference] Gel?scht : user_pref("browser.startup.homepage", "hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=MAXTORXSTM380215A_9QZA378TXXXX9QZA378T&ts=1372356030");
[-] [C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\ds9rm53g.dev\prefs.js] [Preference] Gel?scht : user_pref("browser.search.defaultenginename", "qvo6");
[-] [C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\ds9rm53g.dev\prefs.js] [Preference] Gel?scht : user_pref("browser.search.order.1", "qvo6");
[-] [C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\ds9rm53g.dev\prefs.js] [Preference] Gel?scht : user_pref("browser.search.selectedEngine", "qvo6");
[-] [C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\prefs.js] [Preference] Gel?scht : user_pref("browser.search.order.1", "qvo6");
[-] [C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\prefs.js] [Preference] Gel?scht : user_pref("extensions.foxlingo.addit.defaultAddons", "{ \"software\": {\"7\": {\"id\": \"7\",\"title\": \"Billeo\",\"type\": \"XPI\",\"url\": \"hxxps://addons.mozilla.org/firefox/downloads/file/103313[...]
[-] [C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\prefs.js] [Preference] Gel?scht : user_pref("extensions.gencrawler@some.com.install-event-fired", true);
[-] [C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\prefs.js] [Preference] Gel?scht : user_pref("extensions.plugin@getwebcake.com.install-event-fired", true);
[-] [C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\lefxos71.default-1400349538589\prefs.js] [Preference] Gel?scht : user_pref("extensions.fvd_single.surfcanyon.ramp.start_time", "1400387151113");

*************************

:: "Tracing" Schlüssel gel?scht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gel?scht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9569 Bytes] ##########
         

Code:
ATTFilter
# AdwCleaner v5.029 - Bericht erstellt am 16/01/2016 um 10:53:29
# Aktualisiert am 11/01/2016 von Xplode
# Datenbank : 2016-01-15.2 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : volker - VOLKER-PC
# Gestartet von : C:\Users\volker\Downloads\SPECIAL\AdwCleaner_5.029.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

Ordner Gefunden : C:\Program Files\Hola
Ordner Gefunden : C:\ProgramData\Tarma Installer
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Ordner Gefunden : C:\Users\volker\AppData\Local\PackageAware
Ordner Gefunden : C:\Users\volker\AppData\Roaming\eIntaller
Ordner Gefunden : C:\Users\volker\AppData\Roaming\GrabPro
Ordner Gefunden : C:\Users\volker\AppData\Roaming\Media Finder
Ordner Gefunden : C:\Users\volker\AppData\Roaming\ProgSense
Ordner Gefunden : C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
Ordner Gefunden : C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
Ordner Gefunden : C:\Windows\SysWOW64\C2MP

***** [ Dateien ] *****

Datei Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk
Datei Gefunden : C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\bb9k5o8x.devdev\user.js
Datei Gefunden : C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\ds9rm53g.dev\user.js
Datei Gefunden : C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\user.js

***** [ DLL ] *****


***** [ Verknüpfungen ] *****

Verknüpfung Infiziert : C:\Users\volker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=MAXTORXSTM380215A_9QZA378TXXXX9QZA378T&ts=1372356030 )
Verknüpfung Infiziert : C:\Users\volker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=MAXTORXSTM380215A_9QZA378TXXXX9QZA378T&ts=1372356030 )

***** [ Aufgabenplanung ] *****

Geplante Aufgabe Gefunden : Desk 365 RunAsStdUser

***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\MF
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Schlüssel Gefunden : HKCU\Software\Classes\MF
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Codec Settings UAC Manager]
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PPStream.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAC94FEE-45B4-4FD4-9EEA-D8978EC96C6E}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Schlüssel Gefunden : HKCU\Software\APN PIP
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\eSupport.com
Schlüssel Gefunden : HKCU\Software\Headlight
Schlüssel Gefunden : HKCU\Software\MediaFinder
Schlüssel Gefunden : HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : HKCU\Software\ProgSense
Schlüssel Gefunden : HKCU\Software\PPStream
Schlüssel Gefunden : HKCU\Software\Hola
Schlüssel Gefunden : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\BetterSurf
Schlüssel Gefunden : HKLM\SOFTWARE\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Desksvc
Schlüssel Gefunden : HKLM\SOFTWARE\hdcode
Schlüssel Gefunden : HKLM\SOFTWARE\PIP
Schlüssel Gefunden : HKLM\SOFTWARE\V9
Schlüssel Gefunden : HKLM\SOFTWARE\Better-Surf
Schlüssel Gefunden : HKLM\SOFTWARE\PPStream
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PPStream
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Tarma Installer
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Hola
Schlüssel Gefunden : HKU\.DEFAULT\Software\Hola
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=MAXTORXSTM380215A_9QZA378TXXXX9QZA378T&ts=1372356030
Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=MAXTORXSTM380215A_9QZA378TXXXX9QZA378T&ts=1372356030
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{343566E2-ABF6-4E67-B1EE-B55A940C202F}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {33BB0A4E-99AF-4226-BDF6-49120163DE86}

***** [ Internetbrowser ] *****

[C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\ds9rm53g.dev\prefs.js] [Preference] Gefunden : user_pref("browser.startup.homepage", "hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=MAXTORXSTM380215A_9QZA378TXXXX9QZA378T&ts=1372356030");
[C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\ds9rm53g.dev\prefs.js] [Preference] Gefunden : user_pref("browser.search.defaultenginename", "qvo6");
[C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\ds9rm53g.dev\prefs.js] [Preference] Gefunden : user_pref("browser.search.order.1", "qvo6");
[C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\ds9rm53g.dev\prefs.js] [Preference] Gefunden : user_pref("browser.search.selectedEngine", "qvo6");
[C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\prefs.js] [Preference] Gefunden : user_pref("browser.search.order.1", "qvo6");
[C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\prefs.js] [Preference] Gefunden : user_pref("extensions.foxlingo.addit.defaultAddons", "{ \"software\": {\"7\": {\"id\": \"7\",\"title\": \"Billeo\",\"type\": \"XPI\",\"url\": \"hxxps://addons.mozilla.org/firefox/downloads/file/103313[...]
[C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\prefs.js] [Preference] Gefunden : user_pref("extensions.gencrawler@some.com.install-event-fired", true);
[C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\prefs.js] [Preference] Gefunden : user_pref("extensions.plugin@getwebcake.com.install-event-fired", true);
[C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\lefxos71.default-1400349538589\prefs.js] [Preference] Gefunden : user_pref("extensions.fvd_single.surfcanyon.ramp.start_time", "1400387151113");

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [9434 Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 7 Ultimate x64 
Ran by volker (Administrator) on 16.01.2016 at 11:13:23,78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 36 

Successfully deleted: C:\ProgramData\alawarentertainment (Folder) 
Successfully deleted: C:\ProgramData\Start Menu\Programs\clipgrab (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\alawar (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\alawarentertainment (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\getrighttogo (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\REC-html32-19970114 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\REC-html40-19980424 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\REC-html401-19991224 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\REC-rdfa-syntax-20081014 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\REC-smil-19980615 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\REC-SMIL2-20051213 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\REC-smil20-20050107 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\REC-SMIL3-20081201 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\REC-SVG-20010904 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\REC-SVG11-20030114 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\REC-xhtml-basic-20001219 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\REC-xhtml-basic-20080729 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\REC-xhtml-modularization-20081008 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\REC-xhtml-print-20060920 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\REC-xhtml1-20020801 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\REC-xml-entity-names-20100401 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\WD-MathML3-20100610 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\WD-XHTMLplusMathMLplusSVG-20020809 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\XX-MathML2-20031104 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\XX-MathML2-20031104\iso8879 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\sgml-lib\XX-xhtml11-20090630 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\foxmarks@kei.com\chrome\content\newuser.js (File) 
Successfully deleted: C:\Users\volker\AppData\Roaming\pdfforge (Folder) 
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Users\volker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2KQKO0J4 (Folder) 
Successfully deleted: C:\Users\volker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\578U2N8U (Folder) 
Successfully deleted: C:\Users\volker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8VNH0EQ (Folder) 
Successfully deleted: C:\Users\volker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TSV8SYCQ (Folder) 
Successfully deleted: C:\Windows\SysWOW64\RENBA3.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\RENBA4.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\RENBA5.tmp (File) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.01.2016 at 11:19:49,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Die weiteren logfiles frst.txt und addtion.txt sind zu groß und wurden daher angehängt. Ich hoffe das richtig verstanden zu haben.

Alt 17.01.2016, 01:20   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7SP1: svchost braucht 50% CPU Teil1 - Standard

Win7SP1: svchost braucht 50% CPU Teil1



Hi und

Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 17.01.2016, 11:04   #3
thor42
 
Win7SP1: svchost braucht 50% CPU Teil1 - Standard

Gesplittete Logfiles



Hier die Logs gesplittet anstatt attached zip. Hatte ich wohl misverstanden.

Frst.txt Teil1/3
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
durchgeführt von volker (Administrator) auf VOLKER-PC (16-01-2016 14:29:41)
Gestartet von C:\Users\volker\Downloads\SPECIAL
Geladene Profile: volker & cyg_server (Verfügbare Profile: volker & UbuntuTest & cyg_server & Apache)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: German (Germany)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Creative Labs) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
() C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
() C:\Games\cygwin\bin\cygrunsrv.exe
() C:\Games\cygwin\usr\sbin\sshd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(Sysinternals - www.sysinternals.com) C:\Program Files (x86)\ProcessExplorer\procexp.exe
(Sysinternals - www.sysinternals.com) C:\Program Files (x86)\ProcessExplorer\procexp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [UnlockerAssistant] => "C:\Games\Unlocker\UnlockerAssistant.exe"
HKLM-x32\...\Run: [ClamWin] => C:\Program Files (x86)\ClamWin\bin\ClamTray.exe [86016 2015-05-05] (alch)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1917832 2015-06-04] (TomTom)
HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\Run: [Codec Pack Update Checker] => "C:\Windows\system32\C2MP\UpdateChecker.exe"
HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\Run: [Dropbox Update] => C:\Users\volker\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\Policies\Explorer: [NoDrives] 32
HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\MountPoints2: {6db1154d-654f-11e1-8b0d-001fc65c95fc} - I:\LaunchU3.exe -a
HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\MountPoints2: {83b4546c-3fa4-11df-ae07-001fc65c95fc} - E:\LaunchU3.exe -a
HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-2245305492-3031918622-1259896419-1006\...\RunOnce: [SX Virtual Link] => C:\Program Files\silex technology\SX Virtual Link\Connect.exe [451968 2012-07-12] (silex technology, Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-01-12] (Microsoft Corporation)
IFEO\taskmgr.exe: [Debugger] "C:\PROGRAM FILES (X86)\PROCESSEXPLORER\PROCEXP.EXE"
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\volker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\volker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\volker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\volker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [MountOverlayIcon] -> {0F49CF41-FD97-4942-9F2A-35E8B489E7FB} => C:\Games\WinMount\WinMTExt.dll [2010-10-21] (WinMount International Inc.)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\volker\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\volker\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\volker\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dyn Updater Tray Icon.lnk [2013-03-29]
ShortcutTarget: Dyn Updater Tray Icon.lnk -> C:\Games\DynUpdater\DynTray.exe (Dyn, Inc.)
Startup: C:\Users\volker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SX Virtual Link.lnk [2014-07-28]
ShortcutTarget: SX Virtual Link.lnk -> C:\Program Files\silex technology\SX Virtual Link\Connect.exe (silex technology, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9A6840BC-0A9C-40C1-9CD3-C0E164DED69D}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Java\jre7\bin\ssv.dll => Keine Datei
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Java\jre7\bin\jp2ssv.dll => Keine Datei
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-30] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> E:\Games\PerfectWorldEntertainment\Arc\Plugins\ArcPluginIE.dll => Keine Datei
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-30] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
DPF: HKLM-x32 {B1953AD6-C50E-11D3-B020-00A0C9251384} hxxp://www.o2c.de/download/o2cplayer.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15110/CTPID.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default
FF SelectedSearchEngine: Google
FF Homepage:  
FF NetworkProxy: "http", "192.168.178.24"
FF NetworkProxy: "http_port", 8888
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-10] ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> E:\Java\jre7\bin\dtplugin\npDeployJava1.dll [Keine Datei]
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> E:\Java\jre7\bin\plugin2\npjp2.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Keine Datei]
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-01-24] (DivX, LLC.)
FF Plugin-x32: @eleco.com/o2cplayer -> C:\Program Files (x86)\o2c Player\npO2CPlayer.DLL [2011-03-30] (Eleco plc)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-30] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> E:\Games\PerfectWorldEntertainment\Arc\Plugins\npArcPluginFF.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Games\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Games\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Games\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-2245305492-3031918622-1259896419-1001: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\volker\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1002010-0-npoctoshape.dll [2010-02-01] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-2245305492-3031918622-1259896419-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-12-27] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npcosmop211.dll [2007-09-23] (PLATINUM technology, inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2010-03-23] (Foxit Software Company)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\volker\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2010-02-06] (Octoshape ApS)
FF SearchPlugin: C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\searchplugins\fang-fang-schmuck.xml [2015-03-15]
FF Extension: Add to Amazon Wish List Button - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\amznUWL2@amazon.com.xpi [2015-10-07]
FF Extension: SQLite Manager - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2015-10-07]
FF Extension: TinEye Reverse Image Search - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\tineye@ideeinc.com.xpi [2015-10-07]
FF Extension: FireDiff - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\firediff@johnjbarton.com.xpi [2015-10-07]
FF Extension: Web Developer - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2015-10-07]
FF Extension: LinkChecker - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{49f3fc85-dcfe-4e42-9301-226ebe658509}.xpi [2015-10-07]
FF Extension: YSlow - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\yslow@yahoo-inc.com.xpi [2015-10-07]
FF Extension: Selenium Expert (Selenium IDE) - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\selenium-expert_selenium-ide@Samit.Badle.xpi [2015-10-07]
FF Extension: FxIF - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi [2015-10-07]
FF Extension: DOM Inspector - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\inspector@mozilla.org [2015-10-07]
FF Extension: IE NetRenderer - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\ienetrenderer-nico@nc.xpi [2015-10-07]
FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2015-10-07]
FF Extension: Bulk Image Downloader - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{524B8EF8-C312-11DB-8039-536F56D89593}.xpi [2015-12-19]
FF Extension: BetterPrivacy - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-12-19]
FF Extension: NoScript - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-01-10]
FF Extension: Personas Plus - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\personas@christopher.beard.xpi [2016-01-10]
FF Extension: Greasemonkey - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-01-10]
FF Extension: CipherFox - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\cipherfox@mkfly.xpi [2016-01-10]
FF Extension: Mozilla Archive Format - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{7f57cf46-4467-4c2d-adfa-0cba7c507e54}.xpi [2016-01-10]
FF Extension: Flash and Video Download - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-01-10]
FF Extension: Classic Theme Restorer - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2016-01-10]
FF Extension: Flash Video Downloader - Full HD Download - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\artur.dubovoy@gmail.com [2014-07-30] [ist nicht signiert]
FF Extension: Selenium IDE: C# Formatters - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\csharpformatters@seleniumhq.org.xpi [2015-10-07] [ist nicht signiert]
FF Extension: EventBug - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\eventbug@getfirebug.com.xpi [2012-01-01] [ist nicht signiert]
FF Extension: Video Downloader Professional - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\ffext_basicvideoext@startpage24.xpi [2015-09-19]
FF Extension: Firebug - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\firebug@software.joehewitt.com.xpi [2016-01-10]
FF Extension: Ghostery - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\firefox@ghostery.com.xpi [2015-10-07]
FF Extension: FireSSH - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\firessh@nightlight.ws [2015-10-07]
FF Extension: Xmarks - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\foxmarks@kei.com [2014-07-30] [ist nicht signiert]
FF Extension: Toggle animated GIFs - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\giftoggle@simonsoftware.se.xpi [2015-10-07]
FF Extension: Selenium IDE: Java Formatters - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\javaformatters@seleniumhq.org.xpi [2015-10-07] [ist nicht signiert]
FF Extension: Trusted Shops Add-On für Firefox - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\jid1-PBNne26X1Kn6hQ@jetpack.xpi [2014-08-09] [ist nicht signiert]
FF Extension: Pin It Button - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2014-12-19] [ist nicht signiert]
FF Extension: Multiple Tab Handler - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\multipletab@piro.sakura.ne.jp.xpi [2014-07-30] [ist nicht signiert]
FF Extension: Print pages to PDF - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\printPages2Pdf@reinhold.ripper [2014-08-01] [ist nicht signiert]
FF Extension: Selenium IDE: Python Formatters - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\pythonformatters@seleniumhq.org.xpi [2015-10-07] [ist nicht signiert]
FF Extension: Selenium IDE: Ruby Formatters - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\rubyformatters@seleniumhq.org.xpi [2015-10-07] [ist nicht signiert]
FF Extension: SortPlaces - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\sortplaces@andyhalford.com.xpi [2012-04-21] [ist nicht signiert]
FF Extension: TabGroups Menu - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\tabgroupsmenu@char.cc.xpi [2016-01-10]
FF Extension: translator - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\translator@dontfollowme.net.xpi [2014-07-30] [ist nicht signiert]
FF Extension: Fission - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe41} [2010-07-09] [ist nicht signiert]
FF Extension: Full Fullscreen - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{18A7E0E6-96EB-11E0-A3F7-77C94724019B} [2015-10-07]
FF Extension: FlashGot - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2014-07-30] [ist nicht signiert]
FF Extension: SeoQuake - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}.xpi [2015-10-07] [ist nicht signiert]
FF Extension: X-notifier - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2014-08-08] [ist nicht signiert]
FF Extension: Html Validator - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} [2015-10-07]
FF Extension: TagSifter - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{3b71bd20-ee7e-11d9-8cd6-0800200c9a66}.xpi [2011-09-20] [ist nicht signiert]
FF Extension: Stylish - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-07-30] [ist nicht signiert]
FF Extension: S3 Firefox Organizer(S3Fox) - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{7CEA821D-3DAB-4238-B424-BF7324531750} [2011-02-19] [ist nicht signiert]
FF Extension: Selenium IDE - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}.xpi [2015-10-07] [ist nicht signiert]
FF Extension: FireFTP - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-10-07]
FF Extension: Search by Image for Google - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi [2015-10-07]
FF Extension: gtranslate - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi [2016-01-10]
FF Extension: Abduction! - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255}.xpi [2015-12-19]
FF Extension: Video DownloadHelper - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-12-19]
FF Extension: Full Fullscreen - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{bfe3406c-6f31-4789-86d5-efa50e12c9eb} [2010-06-27] [ist nicht signiert]
FF Extension: RightToClick - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2015-10-07]
FF Extension: Adblock Plus - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-10]
FF Extension: SearchStatus - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a}.xpi [2015-03-13] [ist nicht signiert]
FF Extension: DownThemAll! - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-19]
FF Extension: Menu Editor - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi [2011-10-15] [ist nicht signiert]
FF Extension: QuickRestart - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\Extensions\{F645A8C9-E969-42D9-B3F3-F325537222FD} [2011-01-05] [ist nicht signiert]
FF Extension: about:addons Button - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\ds9rm53g.dev\Extensions\aboutaddons@firefox.xpi [2013-04-28] [ist nicht signiert]
FF Extension: Firebug - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\ds9rm53g.dev\Extensions\firebug@software.joehewitt.com.xpi [2013-04-27] [ist nicht signiert]
FF Extension: Error Console - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\ds9rm53g.dev\Extensions\{8402fbcb-0d43-49d7-8c1b-285a61a7b0a2} [2013-04-28] [ist nicht signiert]
FF Extension: Firebug - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\bb9k5o8x.devdev\Extensions\firebug@software.joehewitt.com.xpi [2013-04-28] [ist nicht signiert]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\lefxos71.default-1400349538589\Extensions\artur.dubovoy@gmail.com [2015-12-20]
FF Extension: ChromeBug - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\lefxos71.default-1400349538589\Extensions\chromebug@johnjbarton.com.xpi [2014-10-05] [ist nicht signiert]
FF Extension: Classic Theme Restorer - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\lefxos71.default-1400349538589\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2015-12-20]
FF Extension: DevPrefs - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\lefxos71.default-1400349538589\Extensions\DevPrefs@jetpack.xpi [2015-11-06]
FF Extension: Firebug - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\lefxos71.default-1400349538589\Extensions\firebug@software.joehewitt.com.xpi [2015-11-06]
FF Extension: Ghostery - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\lefxos71.default-1400349538589\Extensions\firefox@ghostery.com.xpi [2015-11-06]
FF Extension: Toggle animated GIFs - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\lefxos71.default-1400349538589\Extensions\giftoggle@simonsoftware.se.xpi [2015-11-06]
FF Extension: Image Blocker - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\lefxos71.default-1400349538589\Extensions\image-blocker@erikvold.com.xpi [2015-11-06]
FF Extension: TabGroups Menu - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\lefxos71.default-1400349538589\Extensions\tabgroupsmenu@char.cc.xpi [2015-12-20]
FF Extension: tabTooltip - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\lefxos71.default-1400349538589\Extensions\tabTooltip@onemen.com.xpi [2015-12-20]
FF Extension: Tagmarks - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\lefxos71.default-1400349538589\Extensions\tagmarks@felipc.com.xpi [2015-12-20]
FF Extension: Session Manager - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\lefxos71.default-1400349538589\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2015-12-21]
FF Extension: Bulk Image Downloader - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\lefxos71.default-1400349538589\Extensions\{524B8EF8-C312-11DB-8039-536F56D89593}.xpi [2015-11-07]
FF Extension: Mozilla Archive Format - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\lefxos71.default-1400349538589\Extensions\{7f57cf46-4467-4c2d-adfa-0cba7c507e54}.xpi [2015-11-06]
FF Extension: Adblock Plus - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\lefxos71.default-1400349538589\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-20]
FF Extension: Tab Mix Plus - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\lefxos71.default-1400349538589\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-11-06]
FF Extension: Menu Editor - C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\lefxos71.default-1400349538589\Extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi [2014-06-21] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-03-05] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-03-05] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Games\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Games\Fiddler2\FiddlerHook [2013-04-21] [ist nicht signiert]

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=888596&p={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo.com search
CHR DefaultSuggestURL: Default -> hxxps://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Profile: C:\Users\volker\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Pr?sentationen) - C:\Users\volker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-07]
CHR Extension: (Google Docs) - C:\Users\volker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-07]
CHR Extension: (Google Drive) - C:\Users\volker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-27]
CHR Extension: (YouTube) - C:\Users\volker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-27]
CHR Extension: (Google-Suche) - C:\Users\volker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-27]
CHR Extension: (Google Tabellen) - C:\Users\volker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-07]
CHR Extension: (Page Analytics (by Google)) - C:\Users\volker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2015-11-27]
CHR Extension: (DivX HiQ) - C:\Users\volker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2015-02-01]
CHR Extension: (Google Docs Offline) - C:\Users\volker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-27]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\volker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-27]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\volker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2015-02-01]
CHR Extension: (Google Mail) - C:\Users\volker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-19]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
S2 Apache2.2; C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [24645 2010-03-04] (Apache Software Foundation) [Datei ist nicht signiert]
S4 BidCoS-Service; C:\Program Files (x86)\BidCoS Service\rfd.exe [598016 2013-10-18] () [Datei ist nicht signiert]
S3 BroadWaveService; C:\Program Files (x86)\NCH Software\BroadWave\broadwave.exe [947936 2012-12-21] (NCH Software)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-10-08] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-10-08] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855672 2015-10-08] (BlueStack Systems, Inc.)
R2 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2009-12-11] (Creative Labs) [Datei ist nicht signiert]
S4 DAZContentManagementService; C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [22528 2011-05-05] () [Datei ist nicht signiert]
S3 Dyn Updater; C:\Games\DynUpdater\DynUpSvc.exe [95608 2011-11-15] (Dyn, Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [528096 2014-06-08] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
S3 HTCMonitorService; C:\Games\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-10] (Nero AG)
R2 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
R2 MySQL56; C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe [13067264 2015-09-18] () [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
S3 OpenVPNService; C:\Games\OpenVPN\bin\openvpnserv.exe [34528 2013-03-28] (The OpenVPN Project) [Datei ist nicht signiert]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3446224 2015-02-23] (Paramount Software UK Ltd)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 SandraAgentSrv; C:\Games\SiSoftware Sandra Lite 2012.SP4c\RpcAgentSrv.exe [68760 2009-06-13] (SiSoftware) [Datei ist nicht signiert]
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1326176 2012-06-27] (Secunia)
S3 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [681056 2012-06-27] (Secunia)
S3 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [183264 2013-01-27] (Soluto)
S3 SolutoRemoteService; C:\Program Files\Soluto\SolutoRemoteService.exe [1239552 2013-01-27] (Soluto) [Datei ist nicht signiert]
R2 sshd; C:\Games\cygwin\bin\cygrunsrv.exe [129550 2012-04-25] () [Datei ist nicht signiert]
S3 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [Datei ist nicht signiert]
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1633296 2012-04-26] (GlavSoft LLC.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S3 ArcService; E:\Games\PerfectWorldEntertainment\Arc\ArcService.exe [X]
S3 wampapache; "E:\wamp\bin\apache\apache2.4.9\bin\httpd.exe" -k runservice [X]
S3 wampmysqld; E:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe wampmysqld [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2009-08-21] (Google Inc)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-03-05] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-10-08] (BlueStack Systems)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-03-05] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-10-03] (NVIDIA Corporation)
S3 OSFMount; C:\Games\OSFMount\OSFMount.sys [540224 2012-05-09] (PassMark Software)
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [120960 2009-08-14] (QUALCOMM Incorporated)
S3 SANDRA; C:\Games\SiSoftware Sandra Lite 2012.SP4c\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [130960 2012-12-14] (Ray Hinchliffe)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2010-11-13] () [Datei ist nicht signiert]
R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [303928 2011-11-01] (silex technology, Inc.)
R1 truecrypt; C:\Windows\SysWow64\drivers\truecrypt.sys [222160 2009-12-11] (TrueCrypt Foundation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2012-04-12] (Oracle Corporation)
R1 WMDrive; C:\Windows\SysWOW64\drivers\WMDrive.sys [92536 2013-08-07] (WinMount International Inc)
U3 a1tahua4; C:\Windows\System32\Drivers\a1tahua4.sys [0 ] (Microsoft Corporation) <==== ACHTUNG (Null Byte Datei/Ordner)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 gwiopm; \??\C:\Program Files (x86)\My Drivers\gwiopm.sys [X]
S3 slb; \??\E:\Games\ScarletBlade\avital\scarlb64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S2 vstor2; \??\C:\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys [X]
S3 X6va002; \??\C:\Users\volker\AppData\Local\Temp\0029206.tmp [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
         
__________________

Alt 17.01.2016, 11:06   #4
thor42
 
Win7SP1: svchost braucht 50% CPU Teil1 - Standard

Gesplittete Logfiles



Frst.txt Teil 2/3

Code:
ATTFilter
==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-16 14:29 - 2016-01-16 14:29 - 00000000 ____D C:\FRST
2016-01-16 11:19 - 2016-01-16 11:19 - 00005879 _____ C:\Users\volker\Desktop\JRT.txt
2016-01-16 10:53 - 2016-01-16 10:58 - 00000000 ____D C:\AdwCleaner
2016-01-16 09:51 - 2016-01-16 09:52 - 04240148 _____ C:\Users\volker\phoenix.7z
2016-01-15 23:04 - 2016-01-15 23:04 - 00000000 ____D C:\Users\volker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js
2016-01-15 23:01 - 2016-01-15 23:59 - 00000000 ____D C:\Users\volker\AppData\Roaming\npm-cache
2016-01-15 23:00 - 2016-01-16 00:04 - 00000000 ____D C:\Users\volker\phoenix
2016-01-15 23:00 - 2016-01-15 23:00 - 00000000 ____D C:\Users\volker\.hex
2016-01-15 22:52 - 2016-01-15 23:17 - 00000000 ____D C:\Users\volker\.mix
2016-01-15 22:28 - 2016-01-15 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elixir
2016-01-15 22:27 - 2016-01-15 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Erlang OTP 18 (x64)
2016-01-13 20:25 - 2016-01-13 20:25 - 00073210 _____ C:\Users\volker\Desktop\AnhangCrashWebCore.zip
2016-01-13 20:24 - 2016-01-13 20:24 - 00028762 _____ C:\Users\volker\Desktop\DxDiag.txt
2016-01-13 20:14 - 2016-01-13 20:14 - 00001617 _____ C:\Users\volker\Desktop\DxDiag.txt - Tutorial.mp4.lnk
2016-01-13 19:46 - 2016-01-13 19:46 - 00718060 _____ C:\Users\volker\Desktop\msinfo32.txt
2016-01-13 09:24 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-01-13 09:24 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-01-13 09:24 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-01-13 09:24 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-01-13 09:24 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-01-13 09:24 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-01-13 09:24 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-01-13 09:24 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-01-13 09:24 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-01-13 09:24 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-01-13 09:24 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-01-13 09:24 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-01-13 09:24 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-01-13 09:24 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-01-12 21:06 - 2016-01-12 21:06 - 00000000 ____D C:\Windows\system32\SPReview
2016-01-12 21:05 - 2016-01-12 21:05 - 00000000 ____D C:\Windows\system32\EventProviders
2016-01-12 21:04 - 2010-11-05 02:57 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-01-12 21:04 - 2010-11-05 02:57 - 00048976 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2016-01-12 21:03 - 2010-11-20 14:44 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2016-01-12 21:03 - 2010-11-20 14:39 - 05066752 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2016-01-12 21:03 - 2010-11-20 14:34 - 00295808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-01-12 21:03 - 2010-11-20 14:34 - 00215936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-01-12 21:03 - 2010-11-20 14:34 - 00199552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2016-01-12 21:03 - 2010-11-20 14:34 - 00071552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2016-01-12 21:03 - 2010-11-20 14:33 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-01-12 21:03 - 2010-11-20 14:33 - 00951680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-01-12 21:03 - 2010-11-20 14:33 - 00366976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2016-01-12 21:03 - 2010-11-20 14:33 - 00299392 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2016-01-12 21:03 - 2010-11-20 14:33 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2016-01-12 21:03 - 2010-11-20 14:33 - 00273792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2016-01-12 21:03 - 2010-11-20 14:33 - 00263040 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2016-01-12 21:03 - 2010-11-20 14:33 - 00184704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-01-12 21:03 - 2010-11-20 14:33 - 00140672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys
2016-01-12 21:03 - 2010-11-20 14:33 - 00103808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys
2016-01-12 21:03 - 2010-11-20 14:33 - 00078720 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys
2016-01-12 21:03 - 2010-11-20 14:33 - 00063360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2016-01-12 21:03 - 2010-11-20 14:33 - 00031104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
2016-01-12 21:03 - 2010-11-20 14:32 - 00334208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2016-01-12 21:03 - 2010-11-20 14:32 - 00179072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-01-12 21:03 - 2010-11-20 14:32 - 00112000 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-01-12 21:03 - 2010-11-20 14:29 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-01-12 21:03 - 2010-11-20 14:28 - 00780008 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2016-01-12 21:03 - 2010-11-20 14:28 - 00298104 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-01-12 21:03 - 2010-11-20 14:28 - 00166784 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 14633472 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 03860992 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 03650560 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 03027968 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2016-01-12 21:03 - 2010-11-20 14:27 - 03008000 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 02652160 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 02543616 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 02262528 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 02250752 _____ (Microsoft Corporation) C:\Windows\system32\SensorsCpl.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 02193920 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 02086912 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 02072576 _____ (Microsoft Corporation) C:\Windows\system32\WMPEncEn.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 02018304 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01900544 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-12 21:03 - 2010-11-20 14:27 - 01808384 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01753088 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01646080 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01556992 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01509888 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01363968 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01326080 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01281024 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01243136 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01219584 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01212416 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01197056 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-12 21:03 - 2010-11-20 14:27 - 01158656 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01098240 _____ (Microsoft Corporation) C:\Windows\system32\Vault.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01082880 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01050624 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 01008128 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00867840 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00849920 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00799744 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00633344 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00605696 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00582656 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00577536 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\mspbda.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00568832 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00481280 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2016-01-12 21:03 - 2010-11-20 14:27 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wiadefui.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00418816 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00326144 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\netdiagfx.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\QAGENT.DLL
2016-01-12 21:03 - 2010-11-20 14:27 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2016-01-12 21:03 - 2010-11-20 14:27 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\umrdp.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\netjoin.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\prncache.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\tspubwmi.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\QUTIL.DLL
2016-01-12 21:03 - 2010-11-20 14:27 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\nci.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\samcli.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\RpcRtRemote.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\vpnikeapi.dll
2016-01-12 21:03 - 2010-11-20 14:27 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 04120064 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 03391488 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 03205120 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 01866240 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 01457664 _____ (Microsoft Corporation) C:\Windows\system32\DxpTaskSync.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 01340416 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 01244160 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00934912 _____ (Microsoft Corporation) C:\Windows\system32\FirewallControlPanel.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-01-12 21:03 - 2010-11-20 14:26 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00784896 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00658944 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\localsec.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-01-12 21:03 - 2010-11-20 14:26 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00317952 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00281600 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dskquoui.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\hgprint.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\fde.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2016-01-12 21:03 - 2010-11-20 14:26 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\dnscmmc.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\lsmproxy.dll
2016-01-12 21:03 - 2010-11-20 14:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 03957760 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 01927680 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 01600512 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 01504256 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00958464 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 00897536 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 00705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-01-12 21:03 - 2010-11-20 14:25 - 00692224 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 00577024 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\biocpl.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00390656 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\cscobj.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2016-01-12 21:03 - 2010-11-20 14:25 - 00128000 _____ (Microsoft) C:\Windows\system32\Robocopy.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00095744 _____ C:\Windows\system32\RDVGHelper.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2016-01-12 21:03 - 2010-11-20 14:25 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\PushPrinterConnections.exe
2016-01-12 21:03 - 2010-11-20 14:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2016-01-12 21:03 - 2010-11-20 14:24 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2016-01-12 21:03 - 2010-11-20 14:24 - 00763904 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2016-01-12 21:03 - 2010-11-20 14:24 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2016-01-12 21:03 - 2010-11-20 14:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\FXSSVC.exe
2016-01-12 21:03 - 2010-11-20 14:24 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl
2016-01-12 21:03 - 2010-11-20 14:24 - 00653312 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2016-01-12 21:03 - 2010-11-20 14:24 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2016-01-12 21:03 - 2010-11-20 14:24 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2016-01-12 21:03 - 2010-11-20 14:24 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2016-01-12 21:03 - 2010-11-20 14:24 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
2016-01-12 21:03 - 2010-11-20 14:24 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
2016-01-12 21:03 - 2010-11-20 14:24 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\lsm.exe
2016-01-12 21:03 - 2010-11-20 14:24 - 00300032 _____ (Microsoft Corporation) C:\Windows\system32\msconfig.exe
2016-01-12 21:03 - 2010-11-20 14:24 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2016-01-12 21:03 - 2010-11-20 14:24 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2016-01-12 21:03 - 2010-11-20 14:24 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe
2016-01-12 21:03 - 2010-11-20 13:55 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-01-12 21:03 - 2010-11-20 13:51 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-12 21:03 - 2010-11-20 13:32 - 05066752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll
2016-01-12 21:03 - 2010-11-20 13:30 - 00079232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgumd32.dll
2016-01-12 21:03 - 2010-11-20 13:23 - 00144768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 02983424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 02755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 02146304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 01712640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 01624064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPEncEn.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 01619456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-12 21:03 - 2010-11-20 13:21 - 01363456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 01175040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 01128448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 01115136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 01010688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00782336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00778240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlsrv32.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00464896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrptadm.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00352256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00335872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSATAPI.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00246272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scansetting.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\regapi.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2016-01-12 21:03 - 2010-11-20 13:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samcli.dll
2016-01-12 21:03 - 2010-11-20 13:20 - 02504192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2016-01-12 21:03 - 2010-11-20 13:20 - 02494464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2016-01-12 21:03 - 2010-11-20 13:20 - 01750528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pnidui.dll
2016-01-12 21:03 - 2010-11-20 13:20 - 01508864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2016-01-12 21:03 - 2010-11-20 13:20 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-01-12 21:03 - 2010-11-20 13:20 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2016-01-12 21:03 - 2010-11-20 13:20 - 00932352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2016-01-12 21:03 - 2010-11-20 13:20 - 00801280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2016-01-12 21:03 - 2010-11-20 13:20 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2016-01-12 21:03 - 2010-11-20 13:20 - 00563712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-01-12 21:03 - 2010-11-20 13:20 - 00547840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
2016-01-12 21:03 - 2010-11-20 13:20 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2016-01-12 21:03 - 2010-11-20 13:20 - 00406528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2016-01-12 21:03 - 2010-11-20 13:20 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netdiagfx.dll
2016-01-12 21:03 - 2010-11-20 13:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\onex.dll
2016-01-12 21:03 - 2010-11-20 13:20 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2016-01-12 21:03 - 2010-11-20 13:20 - 00166400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll
2016-01-12 21:03 - 2010-11-20 13:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2016-01-12 21:03 - 2010-11-20 13:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prncache.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 03207680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 02151936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 01493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 00830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-12 21:03 - 2010-11-20 13:19 - 00732160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2fs.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 00257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 00232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 00213504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msutb.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fde.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2016-01-12 21:03 - 2010-11-20 13:19 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hbaapi.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mimefilt.dll
2016-01-12 21:03 - 2010-11-20 13:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 02522624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 01828352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 01792000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 01555456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certmgr.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 01371136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 01334272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 01171456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 00854016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 00762880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroles.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 00630784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 00522752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 00508416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 00339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 00252928 _____ (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscobj.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
2016-01-12 21:03 - 2010-11-20 13:18 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-01-12 21:03 - 2010-11-20 13:17 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-01-12 21:03 - 2010-11-20 13:17 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2016-01-12 21:03 - 2010-11-20 13:17 - 00322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2016-01-12 21:03 - 2010-11-20 13:17 - 00303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2016-01-12 21:03 - 2010-11-20 13:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
2016-01-12 21:03 - 2010-11-20 13:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2016-01-12 21:03 - 2010-11-20 13:17 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2016-01-12 21:03 - 2010-11-20 13:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\net1.exe
2016-01-12 21:03 - 2010-11-20 13:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PushPrinterConnections.exe
2016-01-12 21:03 - 2010-11-20 13:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\proquota.exe
2016-01-12 21:03 - 2010-11-20 13:16 - 00776192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2016-01-12 21:03 - 2010-11-20 13:16 - 00679424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2016-01-12 21:03 - 2010-11-20 13:16 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2016-01-12 21:03 - 2010-11-20 13:16 - 00658944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2016-01-12 21:03 - 2010-11-20 13:16 - 00320000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2016-01-12 21:03 - 2010-11-20 13:08 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-01-12 21:03 - 2010-11-20 13:08 - 00311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-12 21:03 - 2010-11-20 12:07 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2016-01-12 21:03 - 2010-11-20 12:05 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\rdpdd.dll
2016-01-12 21:03 - 2010-11-20 12:04 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2016-01-12 21:03 - 2010-11-20 11:52 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2016-01-12 21:03 - 2010-11-20 11:52 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-01-12 21:03 - 2010-11-20 11:52 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys
2016-01-12 21:03 - 2010-11-20 11:52 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys
2016-01-12 21:03 - 2010-11-20 11:44 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys
2016-01-12 21:03 - 2010-11-20 11:33 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2016-01-12 21:03 - 2010-11-20 10:58 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
2016-01-12 21:03 - 2010-11-20 10:27 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2016-01-12 21:03 - 2010-11-20 10:27 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-01-12 21:03 - 2010-11-20 10:26 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2016-01-12 21:03 - 2010-11-20 10:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-01-12 21:03 - 2010-11-20 10:25 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-01-12 21:03 - 2010-11-20 10:23 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-01-12 21:03 - 2010-11-20 10:21 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-01-12 21:03 - 2010-11-05 03:20 - 00347904 _____ C:\Windows\system32\systemsf.ebd
2016-01-12 21:03 - 2010-11-05 02:58 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-01-12 21:03 - 2010-11-05 02:58 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2016-01-12 21:03 - 2010-11-05 02:58 - 00049488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2016-01-12 21:03 - 2010-11-05 02:57 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2016-01-12 21:03 - 2010-11-05 02:53 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2016-01-12 21:03 - 2010-11-05 02:53 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2016-01-12 21:03 - 2010-11-05 02:53 - 00109928 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2016-01-12 21:03 - 2010-11-05 02:53 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2016-01-12 21:03 - 2009-07-14 02:16 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pmcsnap.dll
2016-01-12 21:03 - 2009-07-14 02:16 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ppcsnap.dll
2016-01-12 21:03 - 2009-07-14 02:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpmonui.dll
2016-01-12 21:03 - 2009-06-10 22:40 - 00146389 _____ C:\Windows\SysWOW64\printmanagement.msc
2016-01-12 21:02 - 2010-11-20 14:44 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\NAPHLPR.DLL
2016-01-12 21:02 - 2010-11-20 14:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL
2016-01-12 21:02 - 2010-11-20 14:34 - 00363392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2016-01-12 21:02 - 2010-11-20 14:34 - 00046464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys
2016-01-12 21:02 - 2010-11-20 14:34 - 00034688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys
2016-01-12 21:02 - 2010-11-20 14:33 - 00213888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2016-01-12 21:02 - 2010-11-20 14:33 - 00171392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys
2016-01-12 21:02 - 2010-11-20 14:33 - 00155008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys
2016-01-12 21:02 - 2010-11-20 14:33 - 00094592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-01-12 21:02 - 2010-11-20 14:33 - 00052096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys
2016-01-12 21:02 - 2010-11-20 14:33 - 00014720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
2016-01-12 21:02 - 2010-11-20 14:32 - 02217856 _____ (Microsoft Corporation) C:\Windows\system32\bootres.dll
2016-01-12 21:02 - 2010-11-20 14:32 - 00155520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2016-01-12 21:02 - 2010-11-20 14:27 - 02146816 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 01911808 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 01672704 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-12 21:02 - 2010-11-20 14:27 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\onexui.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-12 21:02 - 2010-11-20 14:27 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00898560 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00812032 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00781312 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\sdcpl.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-12 21:02 - 2010-11-20 14:27 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00529408 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00527872 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\nshipsec.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese30.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00435712 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceStatus.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00431104 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\prnfldr.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00300032 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\lzhfldr2.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL
2016-01-12 21:02 - 2010-11-20 14:27 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\qdv.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\taskbarcpl.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\mstask.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceSyncProvider.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\wmpsrcwp.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\OnLineIDCpl.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\qcap.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\twext.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\remotepg.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\recovery.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\mydocs.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\wiavideo.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2016-01-12 21:02 - 2010-11-20 14:27 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountControlSettings.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\QCLIPROV.DLL
2016-01-12 21:02 - 2010-11-20 14:27 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\unimdmat.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\napdsnap.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\vfwwdm32.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\rdpd3d.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\umb.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\PrintIsolationProxy.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\shimgvw.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\wdiasqmmodule.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\msdmo.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\netutils.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\shgina.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\sisbkup.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\schedcli.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\rdprefdrvapi.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TRAPI.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\syssetup.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wshirda.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\shunimpl.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\rdpcfgex.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-01-12 21:02 - 2010-11-20 14:27 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-01-12 21:02 - 2010-11-20 14:27 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\DiagCpl.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 01066496 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\dsuiext.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00495104 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\iTVData.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\defaultlocationcpl.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingFolder.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\fphc.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00116224 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\fms.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\KMSVC.DLL
2016-01-12 21:02 - 2010-11-20 14:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Mcx2Svc.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\inetmib1.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\luainstall.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\FXSMON.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\mciqtz32.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dsauth.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\HotStartUserAgent.dll
2016-01-12 21:02 - 2010-11-20 14:26 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\elsTrans.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 03745792 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 03524608 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 01264640 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 01065984 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00749568 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\azroleui.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00349696 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\cca.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\cabinet.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\amstream.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\CertPolEng.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\rdpsign.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\takeown.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\tzutil.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\runonce.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\repair-bde.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\MultiDigiMon.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\proquota.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\AzSqlExt.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\userinit.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\qprocess.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\bitsperf.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\tskill.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\qappsrv.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\tscon.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\tsdiscon.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\shadow.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\rwinsta.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\reset.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\query.exe
2016-01-12 21:02 - 2010-11-20 14:25 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\BWUnpairElevated.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
2016-01-12 21:02 - 2010-11-20 14:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\C_ISCII.DLL
2016-01-12 21:02 - 2010-11-20 14:25 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00899584 _____ (Microsoft Corporation) C:\Windows\system32\Bubbles.scr
2016-01-12 21:02 - 2010-11-20 14:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2016-01-12 21:02 - 2010-11-20 14:24 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\main.cpl
2016-01-12 21:02 - 2010-11-20 14:24 - 00474112 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2016-01-12 21:02 - 2010-11-20 14:24 - 00373248 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2016-01-12 21:02 - 2010-11-20 14:24 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\sysdm.cpl
2016-01-12 21:02 - 2010-11-20 14:24 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\ssText3d.scr
2016-01-12 21:02 - 2010-11-20 14:24 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2016-01-12 21:02 - 2010-11-20 14:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-12 21:02 - 2010-11-20 14:24 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\Mystify.scr
2016-01-12 21:02 - 2010-11-20 14:24 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\Ribbons.scr
2016-01-12 21:02 - 2010-11-20 14:24 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\bitsadmin.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
2016-01-12 21:02 - 2010-11-20 14:24 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2016-01-12 21:02 - 2010-11-20 14:24 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\iscsicli.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\MdSched.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2016-01-12 21:02 - 2010-11-20 14:24 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\desk.cpl
2016-01-12 21:02 - 2010-11-20 14:24 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\kstvtune.ax
2016-01-12 21:02 - 2010-11-20 14:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\mobsync.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\WSTPager.ax
2016-01-12 21:02 - 2010-11-20 14:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\cmstp.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\isoburn.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00071168 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\ksxbar.ax
2016-01-12 21:02 - 2010-11-20 14:24 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\djoin.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\g711codc.ax
2016-01-12 21:02 - 2010-11-20 14:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\vbisurf.ax
2016-01-12 21:02 - 2010-11-20 14:24 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\choice.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\LogonUI.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\chgport.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\chglogon.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\logoff.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\chgusr.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\FXSUNATD.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-12 21:02 - 2010-11-20 14:24 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\change.exe
2016-01-12 21:02 - 2010-11-20 14:16 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-01-12 21:02 - 2010-11-20 14:15 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2016-01-12 21:02 - 2010-11-20 14:14 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll
2016-01-12 21:02 - 2010-11-20 14:13 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\RDPENCDD.dll
2016-01-12 21:02 - 2010-11-20 14:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-01-12 21:02 - 2010-11-20 14:12 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\pifmgr.dll
2016-01-12 21:02 - 2010-11-20 14:09 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
2016-01-12 21:02 - 2010-11-20 14:09 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\vmbusres.dll
2016-01-12 21:02 - 2010-11-20 14:09 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\vmstorfltres.dll
2016-01-12 21:02 - 2010-11-20 14:02 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-01-12 21:02 - 2010-11-20 14:02 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-01-12 21:02 - 2010-11-20 14:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUQ.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUF.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDSG.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\kbdlk41a.dll
2016-01-12 21:02 - 2010-11-20 14:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDGKL.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDCZ1.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDSF.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDPO.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDNEPR.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTAM.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDINBEN.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDGR1.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDUS.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDUGHR1.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTURME.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAJIK.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDMON.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDMAORI.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDLT1.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTEL.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINORI.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINMAR.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINKAN.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINHIN.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBULG.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBLR.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2016-01-12 21:02 - 2010-11-20 14:02 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGEO.DLL
2016-01-12 21:02 - 2010-11-20 13:54 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\BlbEvents.dll
2016-01-12 21:02 - 2010-11-20 13:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-ums-l1-1-0.dll
2016-01-12 21:02 - 2010-11-20 13:36 - 00107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPHLPR.DLL
2016-01-12 21:02 - 2010-11-20 13:36 - 00046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPCRYPT.DLL
2016-01-12 21:02 - 2010-11-20 13:21 - 02202624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsCpl.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 02157568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 01326592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanpref.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 01227776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 01003008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00933376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vault.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00902656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-12 21:02 - 2010-11-20 13:21 - 00755200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-12 21:02 - 2010-11-20 13:21 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00638976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00616960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00600064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-12 21:02 - 2010-11-20 13:21 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmdev.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00473600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmnet.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00428544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shwebsvc.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00416768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadefui.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00410112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanui.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00406528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00372224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wbemcomn.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\termmgr.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlcese30.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpdxm.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapisrv.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00222208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wavemsp.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdwcn.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdscore.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpsrcwp.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasppp.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vdsbas.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\syncui.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remotepg.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twext.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpps.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxlib.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiavideo.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpshell.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppinst.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QUTIL.DLL
2016-01-12 21:02 - 2010-11-20 13:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountControlSettings.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdmat.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vfwwdm32.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpd3d.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00051200 _____ (Twain Working Group) C:\Windows\twain_32.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RpcRtRemote.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wtsapi32.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimgvw.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\utildll.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vpnikeapi.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsdchngr.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TRAPI.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdprefdrvapi.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shgina.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spopk.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sisbkup.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schedcli.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\syssetup.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshirda.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shunimpl.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched32.dll
2016-01-12 21:02 - 2010-11-20 13:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-01-12 21:02 - 2010-11-20 13:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 02130944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\networkmap.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 01661440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\networkexplorer.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 01644032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 01111552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\onexui.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00859648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OobeFldr.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00656384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00600576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PerfCenterCPL.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercpl.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceStatus.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnfldr.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshipsec.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdv.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00266240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lzhfldr2.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OnLineIDCpl.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00190976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qcap.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00183296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceSyncProvider.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetapi.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QAGENT.DLL
2016-01-12 21:02 - 2010-11-20 13:20 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provsvc.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netjoin.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mydocs.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00121344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prntvpt.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netid.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2016-01-12 21:02 - 2010-11-20 13:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nci.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olethk32.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QCLIPROV.DLL
2016-01-12 21:02 - 2010-11-20 13:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntlanman.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\napdsnap.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptui.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netutils.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfts.dll
2016-01-12 21:02 - 2010-11-20 13:20 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallControlPanel.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontext.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00592384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\localsec.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsmsnap.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxclu.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MediaMetadataHandler.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAC3ENC.DLL
2016-01-12 21:02 - 2010-11-20 13:19 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iTVData.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-01-12 21:02 - 2010-11-20 13:19 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstask.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprapi.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ifsutil.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrecst.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvfw32.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fphc.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00093696 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\SysWOW64\fms.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciavi32.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00082944 _____ (Radius Inc.) C:\Windows\SysWOW64\iccvid.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdeploy.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetmib1.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iyuv_32.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\luainstall.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciqtz32.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\httpapi.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvidc32.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdmo.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsium.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lsmproxy.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2016-01-12 21:02 - 2010-11-20 13:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrle32.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 03727872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\accessibilitycpl.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DxpTaskSync.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 01040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 01003520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00744448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00743424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00685056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsuiext.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuxiliaryDisplayCpl.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00537600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenterCPL.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00484864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll
         

Alt 17.01.2016, 11:08   #5
thor42
 
Win7SP1: svchost braucht 50% CPU Teil1 - Standard

Gesplittete Logfiles



Frst.txt Teil 3/3
Code:
ATTFilter
2016-01-12 21:02 - 2010-11-20 13:18 - 00438272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AdmTmpl.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00333824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3ui.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroleui.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpx.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodev.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00222208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\defaultlocationcpl.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00211456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairingFolder.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efscore.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\activeds.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dskquoui.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsldp.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoplay.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EhStorAPI.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscmmc.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\avifil32.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3cfg.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabinet.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\amstream.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cca.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertPolEng.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acppage.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsauth.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzSqlExt.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elsTrans.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bitsperf.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-12 21:02 - 2010-11-20 13:18 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\C_ISCII.DLL
2016-01-12 21:02 - 2010-11-20 13:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browseui.dll
2016-01-12 21:02 - 2010-11-20 13:17 - 00586752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimserv.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eudcedit.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00280064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00276480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskraid.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sethc.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskmgr.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetup.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsicli.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskpart.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mobsync.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00098816 _____ (Microsoft) C:\Windows\SysWOW64\Robocopy.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nslookup.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logagent.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\isoburn.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmstp.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MuiUnattend.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findstr.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\takeown.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzutil.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unlodctr.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userinit.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiougc.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-01-12 21:02 - 2010-11-20 13:17 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2016-01-12 21:02 - 2010-11-20 13:16 - 00905216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2016-01-12 21:02 - 2010-11-20 13:16 - 00878592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Bubbles.scr
2016-01-12 21:02 - 2010-11-20 13:16 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2016-01-12 21:02 - 2010-11-20 13:16 - 00649216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2016-01-12 21:02 - 2010-11-20 13:16 - 00516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\main.cpl
2016-01-12 21:02 - 2010-11-20 13:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2016-01-12 21:02 - 2010-11-20 13:16 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2016-01-12 21:02 - 2010-11-20 13:16 - 00345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2016-01-12 21:02 - 2010-11-20 13:16 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysdm.cpl
2016-01-12 21:02 - 2010-11-20 13:16 - 00293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ssText3d.scr
2016-01-12 21:02 - 2010-11-20 13:16 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2016-01-12 21:02 - 2010-11-20 13:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mystify.scr
2016-01-12 21:02 - 2010-11-20 13:16 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Ribbons.scr
2016-01-12 21:02 - 2010-11-20 13:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-12 21:02 - 2010-11-20 13:16 - 00186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bitsadmin.exe
2016-01-12 21:02 - 2010-11-20 13:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdmaud.drv
2016-01-12 21:02 - 2010-11-20 13:16 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax
2016-01-12 21:02 - 2010-11-20 13:16 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2016-01-12 21:02 - 2010-11-20 13:16 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\desk.cpl
2016-01-12 21:02 - 2010-11-20 13:16 - 00107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Kswdmcap.ax
2016-01-12 21:02 - 2010-11-20 13:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kstvtune.ax
2016-01-12 21:02 - 2010-11-20 13:16 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSTPager.ax
2016-01-12 21:02 - 2010-11-20 13:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksxbar.ax
2016-01-12 21:02 - 2010-11-20 13:16 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\g711codc.ax
2016-01-12 21:02 - 2010-11-20 13:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbisurf.ax
2016-01-12 21:02 - 2010-11-20 13:08 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-01-12 21:02 - 2010-11-20 13:08 - 00119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll
2016-01-12 21:02 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUQ.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUF.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDSG.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdlk41a.dll
2016-01-12 21:02 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGR1.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGKL.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDCZ1.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDSF.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDPO.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDNEPR.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTAM.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINORI.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINMAR.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINKAN.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINHIN.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINBEN.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDUS.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDUGHR1.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTURME.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAJIK.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDMON.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDMAORI.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDLT1.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTEL.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGEO.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBULG.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBLR.DLL
2016-01-12 21:02 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2016-01-12 21:02 - 2010-11-20 13:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2016-01-12 21:02 - 2010-11-20 13:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizres.dll
2016-01-12 21:02 - 2010-11-20 13:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-01-12 21:02 - 2010-11-20 13:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pifmgr.dll
2016-01-12 21:02 - 2010-11-20 13:00 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-01-12 21:02 - 2010-11-20 13:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-01-12 21:02 - 2010-11-20 12:37 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys
2016-01-12 21:02 - 2010-11-20 12:06 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2016-01-12 21:02 - 2010-11-20 12:04 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-01-12 21:02 - 2010-11-20 11:52 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2016-01-12 21:02 - 2010-11-20 11:52 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2016-01-12 21:02 - 2010-11-20 11:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2016-01-12 21:02 - 2010-11-20 11:51 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2016-01-12 21:02 - 2010-11-20 11:51 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2016-01-12 21:02 - 2010-11-20 11:50 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
2016-01-12 21:02 - 2010-11-20 11:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-01-12 21:02 - 2010-11-20 11:44 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2016-01-12 21:02 - 2010-11-20 11:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys
2016-01-12 21:02 - 2010-11-20 11:44 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2016-01-12 21:02 - 2010-11-20 11:43 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2016-01-12 21:02 - 2010-11-20 11:43 - 00109696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2016-01-12 21:02 - 2010-11-20 11:43 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-01-12 21:02 - 2010-11-20 11:43 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys
2016-01-12 21:02 - 2010-11-20 11:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2016-01-12 21:02 - 2010-11-20 11:34 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2016-01-12 21:02 - 2010-11-20 11:33 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys
2016-01-12 21:02 - 2010-11-20 11:33 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2016-01-12 21:02 - 2010-11-20 11:14 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-01-12 21:02 - 2010-11-20 11:09 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2016-01-12 21:02 - 2010-11-20 11:04 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2016-01-12 21:02 - 2010-11-20 10:57 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\VmbusCoinstaller.dll
2016-01-12 21:02 - 2010-11-20 10:57 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\VmdCoinstall.dll
2016-01-12 21:02 - 2010-11-20 10:57 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
2016-01-12 21:02 - 2010-11-20 10:57 - 00021760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys
2016-01-12 21:02 - 2010-11-20 10:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
2016-01-12 21:02 - 2010-11-20 10:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys
2016-01-12 21:02 - 2010-11-20 10:49 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-01-12 21:02 - 2010-11-20 10:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys
2016-01-12 21:02 - 2010-11-20 10:26 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-01-12 21:02 - 2010-11-20 10:22 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys
2016-01-12 21:02 - 2010-11-20 10:19 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2016-01-12 21:02 - 2010-11-10 02:48 - 00010429 _____ C:\Windows\system32\ScavengeSpace.xml
2016-01-12 21:02 - 2010-11-05 03:20 - 00105559 _____ C:\Windows\SysWOW64\RacRules.xml
2016-01-12 21:02 - 2010-11-05 03:20 - 00105559 _____ C:\Windows\system32\RacRules.xml
2016-01-12 21:02 - 2010-11-05 03:11 - 00433512 _____ (Microsoft Corporation) C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2016-01-12 21:02 - 2010-11-05 03:11 - 00312168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCEWMDRMNDBootstrap.dll
2016-01-12 21:02 - 2010-11-05 02:58 - 00155472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2016-01-12 21:02 - 2010-11-05 02:58 - 00080720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2016-01-12 21:02 - 2010-11-05 02:57 - 00154960 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2016-01-12 21:02 - 2009-06-10 22:39 - 00001041 _____ C:\Windows\SysWOW64\tcpbidi.xml
2016-01-12 20:12 - 2015-12-16 15:53 - 00523384 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-01-12 20:12 - 2015-12-16 15:53 - 00075056 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-01-12 20:12 - 2015-12-16 15:39 - 00103032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-01-12 20:09 - 2015-12-16 18:34 - 42977072 _____ C:\Windows\system32\nvcompiler.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 37609080 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 31061624 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 24895792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 21122456 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 20663816 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 17561432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 17156968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 16981976 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 16286888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 12334200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-01-12 20:09 - 2015-12-16 18:34 - 03168376 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 02755704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 01915696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436143.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436143.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 00938104 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 00872056 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 00734512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 00681592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 00502080 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 00469144 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 00423264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 00416376 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 00388560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 00370808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-01-12 20:09 - 2015-12-16 18:34 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 00151184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-01-12 20:09 - 2015-12-16 18:34 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-01-12 19:26 - 2015-12-09 02:51 - 00111520 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-01-09 22:42 - 2016-01-12 20:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-09 20:02 - 2016-01-16 11:20 - 00000000 ____D C:\MaerkteBewerbungen
2016-01-02 19:20 - 2016-01-02 19:20 - 00000434 _____ C:\Users\volker\Desktop\Frauen Kleid Rundhals Langarm Zurück Rei?verschluss hohe Schlitz an der Seite Split allm?hliche Ver?nderung Maxi Kleid Abend.URL
2016-01-01 10:27 - 2016-01-01 10:27 - 00001359 _____ C:\Users\volker\Desktop\Anno2205 Manual.pdf.lnk
2016-01-01 10:26 - 2016-01-01 10:26 - 00028750 _____ C:\Users\volker\sysinfo.txt
2015-12-31 16:38 - 2015-12-31 16:38 - 00023660 _____ C:\Users\volker\Documents\Onion Store - Thank you Volker!.pdf
2015-12-27 11:21 - 2015-12-27 11:21 - 00000220 _____ C:\Users\volker\Desktop\Fashion Jewelry Wholesale Store - Onlineshop für kleine Bestellungen, popul?re chain pen,chain link wire mesh,chain link fenc.URL
2015-12-25 10:20 - 2015-12-25 10:20 - 00001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2015-12-24 14:07 - 2015-12-24 14:07 - 00109261 _____ C:\Users\volker\Documents\20151225_Spectre_www.uci-kinowelt.pdf
2015-12-23 09:22 - 2015-12-23 09:22 - 02585353 _____ C:\Users\volker\Documents\Onion_relay_Data_ENG_SS_108-98001_V_IM_0614_v1.pdf
2015-12-23 09:12 - 2015-12-23 09:12 - 00000289 _____ C:\Users\volker\Desktop\Gro?handel 925 Sterling Silber Ohrringe Gallery - Billig kaufen 925 Sterling Silber Ohrringe Partien bei Aliexpress.com.URL

==================== Ein Monat: Ge?nderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-16 14:29 - 2015-07-11 12:49 - 00000000 ____D C:\Users\volker\Downloads\SPECIAL
2016-01-16 14:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-16 14:02 - 2013-02-24 20:32 - 00000000 ____D C:\Windows\rescache
2016-01-16 13:59 - 2015-02-01 14:20 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-16 13:34 - 2015-06-17 06:23 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2245305492-3031918622-1259896419-1001UA.job
2016-01-16 13:34 - 2015-06-17 06:23 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2245305492-3031918622-1259896419-1001Core.job
2016-01-16 11:10 - 2015-06-26 16:58 - 00000422 _____ C:\Windows\Tasks\Macrium-Backup-{E55A40A9-5BB6-4F15-B40E-46AAECC47709}.job
2016-01-16 11:06 - 2011-02-27 07:26 - 00392940 _____ C:\Windows\system32\prfh0404.dat
2016-01-16 11:06 - 2011-02-27 07:26 - 00115072 _____ C:\Windows\system32\prfc0404.dat
2016-01-16 11:06 - 2009-12-12 00:24 - 00420342 _____ C:\Windows\system32\perfh012.dat
2016-01-16 11:06 - 2009-12-12 00:24 - 00408696 _____ C:\Windows\system32\perfh011.dat
2016-01-16 11:06 - 2009-12-12 00:24 - 00375868 _____ C:\Windows\system32\prfh0804.dat
2016-01-16 11:06 - 2009-12-12 00:24 - 00122082 _____ C:\Windows\system32\perfc011.dat
2016-01-16 11:06 - 2009-12-12 00:24 - 00120366 _____ C:\Windows\system32\perfc012.dat
2016-01-16 11:06 - 2009-12-12 00:24 - 00119574 _____ C:\Windows\system32\prfc0804.dat
2016-01-16 11:06 - 2009-07-14 18:58 - 00689126 _____ C:\Windows\system32\perfh007.dat
2016-01-16 11:06 - 2009-07-14 18:58 - 00149098 _____ C:\Windows\system32\perfc007.dat
2016-01-16 11:06 - 2009-07-14 06:13 - 03694660 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-16 11:06 - 2009-07-14 05:45 - 00014800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-16 11:06 - 2009-07-14 05:45 - 00014800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-16 11:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-16 11:01 - 2014-07-21 17:30 - 00000000 ____D C:\Users\Apache
2016-01-16 10:59 - 2015-02-01 14:20 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-16 10:59 - 2013-04-20 20:34 - 00000000 ____D C:\Users\cyg_server
2016-01-16 10:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-16 10:58 - 2011-08-06 07:24 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-01-16 09:52 - 2009-12-11 18:55 - 00000000 ____D C:\Users\volker
2016-01-16 08:14 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-01-15 23:59 - 2015-06-08 12:22 - 00000000 ____D C:\Users\volker\AppData\Roaming\npm
2016-01-15 23:07 - 2013-05-26 06:49 - 00000000 ____D C:\Users\volker\AppData\Roaming\vlc
2016-01-15 23:04 - 2010-01-22 17:13 - 00000000 ____D C:\Games
2016-01-15 22:15 - 2014-11-15 13:35 - 00000000 ____D C:\Temp
2016-01-12 23:09 - 2009-07-14 05:45 - 00344200 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-12 23:03 - 2011-02-27 07:24 - 00000000 ____D C:\Windows\system32\zh-CHT
2016-01-12 23:03 - 2009-12-12 00:18 - 00000000 ____D C:\Windows\SysWOW64\ko
2016-01-12 23:03 - 2009-12-12 00:17 - 00000000 ____D C:\Windows\SysWOW64\zh-CHS
2016-01-12 23:03 - 2009-12-12 00:17 - 00000000 ____D C:\Windows\system32\zh-CHS
2016-01-12 23:03 - 2009-12-12 00:16 - 00000000 ____D C:\Windows\SysWOW64\ja
2016-01-12 23:03 - 2009-07-14 19:18 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2016-01-12 23:03 - 2009-07-14 19:18 - 00000000 ____D C:\Program Files\Windows Journal
2016-01-12 23:03 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-01-12 23:03 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-01-12 23:03 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-01-12 23:03 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender
2016-01-12 23:03 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2016-01-12 23:03 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-01-12 23:03 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-01-12 23:03 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-01-12 23:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2016-01-12 23:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-01-12 23:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2016-01-12 23:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\manifeststore
2016-01-12 23:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2016-01-12 23:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-01-12 23:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2016-01-12 23:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Setup
2016-01-12 23:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\oobe
2016-01-12 23:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\migwiz
2016-01-12 23:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\manifeststore
2016-01-12 23:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-01-12 23:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2016-01-12 23:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-01-12 23:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\servicing
2016-01-12 23:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-01-12 23:03 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-01-12 21:44 - 2009-07-14 03:36 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2016-01-12 21:44 - 2009-07-14 03:36 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2016-01-12 20:12 - 2014-07-10 08:56 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-12 20:10 - 2013-06-18 17:48 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-01-12 20:10 - 2009-12-12 22:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-01-12 20:06 - 2012-04-26 17:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-12 19:26 - 2015-10-08 12:58 - 00001341 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-01-11 01:37 - 2015-06-26 16:58 - 00000424 _____ C:\Windows\Tasks\Macrium-Backup-{2FA4F3E8-ED06-4C68-BAAE-30F88E43ED56}.job
2016-01-10 11:47 - 2014-09-15 06:27 - 00000000 ____D C:\Users\volker\AppData\Local\Adobe
2016-01-10 11:47 - 2012-04-16 07:00 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-10 11:47 - 2011-05-15 13:20 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-10 09:08 - 2010-03-13 08:31 - 00000600 _____ C:\Users\volker\AppData\Local\PUTTY.RND
2016-01-10 07:40 - 2010-01-22 18:06 - 00000000 ____D C:\tmp
2016-01-10 01:00 - 2009-12-11 18:26 - 00000000 ____D C:\Users\volker\AppData\Local\ElevatedDiagnostics
2016-01-02 22:46 - 2015-11-06 21:39 - 00000000 ____D C:\Users\volker\Desktop\more
2016-01-02 08:15 - 2014-10-12 07:13 - 00000000 ____D C:\Users\volker\Desktop\info
2015-12-29 16:41 - 2014-11-29 09:20 - 00000000 ____D C:\Users\volker\AppData\Roaming\MySQL
2015-12-29 08:43 - 2010-07-24 21:41 - 00000000 ____D C:\Users\volker\Downloads\HK_saved
2015-12-27 09:39 - 2013-12-31 10:31 - 00000000 ____D C:\Users\volker\AppData\Local\HTC MediaHub
2015-12-27 09:39 - 2013-12-30 11:00 - 00000000 ____D C:\Users\volker\AppData\Roaming\Dropbox
2015-12-27 09:39 - 2009-12-11 18:13 - 00075960 _____ C:\Users\volker\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-25 10:20 - 2014-04-13 10:21 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-17 08:22 - 2013-08-03 13:40 - 00000000 ____D C:\Users\volker\AppData\Roaming\Media Player Classic

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2011-04-24 11:48 - 2013-04-23 11:45 - 0007614 _____ () C:\Users\volker\AppData\Roaming\.freeciv-client-rc-2.3
2015-12-11 07:42 - 2015-12-11 07:42 - 0000384 _____ () C:\Users\volker\AppData\Roaming\CompatAdmin.log
2011-12-22 14:48 - 2011-12-22 14:48 - 0001025 _____ () C:\Users\volker\AppData\Roaming\DVDSubEdit.ini
2013-06-02 12:59 - 2013-11-24 07:39 - 0000045 _____ () C:\Users\volker\AppData\Roaming\jdm.conf
2014-11-07 15:14 - 2014-09-27 18:04 - 0409494 _____ () C:\Users\volker\AppData\Roaming\PowerManagerSQLProfilingLog.txt
2012-08-04 13:00 - 2012-06-13 00:57 - 11632640 _____ () C:\Users\volker\AppData\Roaming\Sandra.mdb
2012-06-09 22:00 - 2015-11-01 08:23 - 0000600 _____ () C:\Users\volker\AppData\Roaming\winscp.rnd
2015-04-04 10:38 - 2015-12-11 15:40 - 0008192 _____ () C:\Users\volker\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-11 19:53 - 2014-07-11 19:53 - 1065984 _____ () C:\Users\volker\AppData\Local\file__0.localstorage
2010-03-13 08:31 - 2016-01-10 09:08 - 0000600 _____ () C:\Users\volker\AppData\Local\PUTTY.RND
2009-12-19 09:12 - 2015-08-16 12:35 - 0007605 _____ () C:\Users\volker\AppData\Local\Resmon.ResmonCfg
2012-05-19 09:17 - 2014-11-16 07:10 - 0004952 _____ () C:\ProgramData\ipqjxxho.fyn
2010-08-14 20:54 - 2012-12-26 13:33 - 0000299 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Dateien, die verschoben oder gel?scht werden sollten:
====================
C:\Users\volker\unshare.bat


Einige Dateien in TEMP:
====================
C:\Users\volker\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\volker\AppData\Local\Temp\nvStInst.exe
C:\Users\volker\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-09 00:12

==================== Ende von FRST.txt ============================
         


Alt 17.01.2016, 11:10   #6
thor42
 
Win7SP1: svchost braucht 50% CPU Teil1 - Standard

Gesplittete Logfiles



Additonal.txt
Code:
ATTFilter
Zus?tzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
durchgeführt von volker (2016-01-16 14:30:50)
Gestartet von C:\Users\volker\Downloads\SPECIAL
Windows 7 Ultimate Service Pack 1 (X64) (2009-12-11 17:55:15)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2245305492-3031918622-1259896419-500 - Administrator - Disabled)
Apache (S-1-5-21-2245305492-3031918622-1259896419-1010 - Limited - Enabled) => C:\Users\Apache
cyg_server (S-1-5-21-2245305492-3031918622-1259896419-1006 - Administrator - Enabled) => C:\Users\cyg_server
Gast (S-1-5-21-2245305492-3031918622-1259896419-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2245305492-3031918622-1259896419-1003 - Limited - Enabled)
sshd (S-1-5-21-2245305492-3031918622-1259896419-1005 - Limited - Disabled)
UbuntuTest (S-1-5-21-2245305492-3031918622-1259896419-1004 - Limited - Enabled) => C:\Users\UbuntuTest
volker (S-1-5-21-2245305492-3031918622-1259896419-1001 - Administrator - Enabled) => C:\Users\volker

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" k?nnen in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

μTorrent (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\uTorrent) (Version: 3.4.2.37594 - BitTorrent Inc.)
3DMark (HKLM-x32\...\{4198fd8f-98bd-4240-9b3a-ab2643e532f6}) (Version: 1.3.708.0 - Futuremark)
3DMark (Version: 1.3.708.0 - Futuremark) Hidden
7 Wonders 4: Magical Mystery Tour (HKLM-x32\...\7 Wonders 4: Magical Mystery Tour) (Version: 1.0.0.0 - INTENIUM GmbH)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A Farewell to Dragons (Remove Only) (HKLM-x32\...\{3D25AA91-4560-48C1-96B5-DE22D6707A16}_is1) (Version: 1.0.0.0 - 1C Publishing)
A Vampyre Story (HKLM-x32\...\A Vampyre Story) (Version:  - )
Accent ZIP Password Recovery (HKLM\...\{91A81C84-05EC-4362-950D-077A69C8C660}) (Version: 4.80.48.3363 - Passcovery Co. Ltd.)
ACE Online (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\{A84EF2EA-FA7E-495C-9581-933496C9B9E9}}_is1) (Version:  - Suba Games)
ActivePerl 5.16.3 Build 1603 (HKLM-x32\...\{F13F89CB-448B-49B0-BC63-4746499167C6}) (Version: 5.16.1603 - ActiveState)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.4.402.265 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 2 64-bit (HKLM\...\{9B9162E8-4274-4323-A31B-444ECA641B8A}) (Version: 2 - Adobe)
Aerie: Seele des Waldes (HKLM-x32\...\Aerie: Seele des Waldes) (Version: 1.0.0.0 - INTENIUM GmbH)
AI War - Ancient Shadows (HKLM-x32\...\AI War - Ancient Shadows 6.000) (Version: 6.000 - Arcen Games, LLC)
AI War - Children of Neinzul (HKLM-x32\...\AI War - Children of Neinzul 4.000) (Version: 4.000 - Arcen Games, LLC)
AI War - Light of the Spire (HKLM-x32\...\AI War - Light of the Spire 5.000) (Version: 5.000 - Arcen Games, LLC)
AI War - The Zenith Remnant (HKLM-x32\...\AI War - The Zenith Remnant 4.000) (Version: 4.000 - Arcen Games, LLC)
AI War (HKLM-x32\...\AI War 7.000) (Version: 7.000 - Arcen Games, LLC)
AI War Auto-Updater (HKLM-x32\...\AI War - Vengeance Of The Machine 7.000) (Version: 0 - Arcen Games, LLC)
Aladins Wunderlampe (HKLM-x32\...\Aladins Wunderlampe) (Version: 1.0.0.0 - INTENIUM GmbH)
Alamandi (HKLM-x32\...\Alamandi) (Version: 0.0.0.0 - INTENIUM GmbH)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.03.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version:  - Ubisoft)
Anno2070 (HKLM\...\{6fbf219c-9925-4b77-b9b5-a3909590bfd3}.sdb) (Version:  - )
Apache HTTP Server 2.2.15 (HKLM-x32\...\{85262A06-2D8C-4BC1-B6ED-5A705D09CFFC}) (Version: 2.2.15 - Apache Software Foundation)
Apache Logs Viewer 3 (HKLM-x32\...\{1FE54A29-9516-443E-8F05-A0A8D75C2CF8}) (Version: 3.0.59 - iannet)
AppInventor Setup (HKLM-x32\...\AppInventor Setup) (Version: 1.1 - Google Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
ArcaniA - Fall of Setarrif (HKLM-x32\...\{BA1F2D65-B22F-47C7-A3D0-A7827DF20272}_is1) (Version:  - JoWooD Entertainment AG)
ArcaniA - Gothic 4 (HKLM-x32\...\ArcaniA) (Version:  - JoWooD Entertainment AG)
ArcaniA - Gothic 4 Patch (HKLM-x32\...\{EE74D039-45D7-44E9-BF95-B9CFB015964F_P1Sec}_is1) (Version:  - JoWooD Entertainment AG)
Architekt Pro (HKLM-x32\...\{94E827D5-5861-4B97-B8F8-CDB59777493D}) (Version: 1.00.0000 - Creative Works)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
Aura 2 - The Sacred Rings (HKLM-x32\...\Aura 2 - The Sacred Rings_is1) (Version:  - GamersGate)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
AutoIt v3.3.6.1 (HKLM-x32\...\AutoItv3) (Version:  - AutoIt Team)
AutoRunnerU (HKLM-x32\...\AutoRunnerU) (Version: 1.2.6 - Bernhard Fomm, München)
AutoRunnerX (HKLM-x32\...\AutoRunnerX) (Version: 1.4.1 - Bernhard Fomm, Munich)
Avalon Legends Solitaire (HKLM-x32\...\Avalon Legends Solitaire) (Version: 1.0.0.0 - INTENIUM GmbH)
AVM FRITZ!fax f黵 FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
Azteca (HKLM-x32\...\Azteca) (Version: 1.0.0.0 - INTENIUM GmbH)
Ballville: Der Anfang (HKLM-x32\...\Ballville: Der Anfang) (Version: 1.0.0.0 - INTENIUM GmbH)
Banished v1.0.0 64-bit (HKLM\...\{72C32B02-0B78-45F8-8528-2C93F62A7B47}) (Version: 1.0.0 - Shining Rock Software LLC)
Bato (HKLM-x32\...\Bato) (Version: 0.0.0.0 - INTENIUM GmbH)
Battle for Wesnoth 1.8.5 (HKLM-x32\...\Battle for Wesnoth 1.8.5) (Version: 1.8.5 - )
Battle Mages (HKLM-x32\...\Battle Mages) (Version: 1.0 - )
Bauern-Gl點k (HKLM-x32\...\Bauern-Gl點k) (Version: 1.0.0.0 - INTENIUM GmbH)
Bauern-Spa? (HKLM-x32\...\Bauern-Spa?) (Version: 1.0.0.0 - INTENIUM GmbH)
Bauherren-Handbuch (HKLM-x32\...\HPR_Bauherr) (Version:  - )
Beetle Ju 2 (HKLM-x32\...\Beetle Ju 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Beetle Ju 3 (VOLLVERSION) (HKLM-x32\...\Beetle Ju 3 (VOLLVERSION)) (Version: 1.0.0.0 - INTENIUM GmbH)
Bengal (HKLM-x32\...\Bengal) (Version: 1.0.0.0 - INTENIUM GmbH)
Benutzerhandbuch EPSON BX535WD Series (HKLM-x32\...\EPSON BX535WD Series Useg) (Version:  - )
BidCoS Service (HKLM-x32\...\BidCoS Service) (Version: 1.509 - eQ-3 Entwicklung GmbH)
BidCoS Service (x32 Version: 1.509 - eQ-3 Entwicklung GmbH) Hidden
Bing Ads Editor (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\{368b9978-8160-45ec-8887-a4dcc61b09db}) (Version: 10.7.2107.9608 - Microsoft Corporation)
Bing Ads Editor (x32 Version: 10.7.2107.9608 - Microsoft Corporation) Hidden
Black Market version 1.0 (HKLM-x32\...\Black Market_is1) (Version: 1.0 - )
Black Mirror 2 (HKLM-x32\...\Black Mirror 2_is1) (Version:  - dtp)
Black Prophecy (HKLM-x32\...\Black Prophecy_is1) (Version:  - )
Blackmagic Fusion (HKLM\...\{44A1D808-679A-4F32-B11C-A0B765B8FFB7}) (Version: 7.50.1477 - Blackmagic Design)
BlueStacks App Player (HKLM-x32\...\{D7E3588F-25E6-4A93-8B1C-596F7951CA38}) (Version: 0.10.7.5601 - BlueStack Systems, Inc.)
BroadWave Audio Streaming Server (HKLM-x32\...\BroadWave) (Version:  - NCH Software)
Broken Sword 2.5 (HKLM-x32\...\Broken Sword 2.5_is1) (Version:  - mindFactory)
Build-a-lot Fairy Tales (HKLM-x32\...\Build-a-lot Fairy Tales) (Version: 1.0.0.0 - INTENIUM GmbH)
Build-a-lot: The Elizabethan Era (HKLM-x32\...\Build-a-lot: The Elizabethan Era) (Version: 1.0.0.0 - INTENIUM GmbH)
Bulk Image Downloader v4.91.0.0 (HKLM-x32\...\Bulk Image Downloader_is1) (Version:  - Antibody Software)
Burger Bustle (HKLM-x32\...\Burger Bustle) (Version: 1.0.0.0 - INTENIUM GmbH)
Cake Mania: Main Street (HKLM-x32\...\Cake Mania: Main Street) (Version: 1.0.0.0 - INTENIUM GmbH)
Calme version 2012 (HKLM-x32\...\{297ACAAE-FAAC-4817-A3BE-336F63399DA3}_is1) (Version: 2012 - Metin Elma)
Cave Quest (HKLM-x32\...\Cave Quest) (Version: 1.0.0.0 - INTENIUM GmbH)
CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform)
Chainz Galaxy (HKLM-x32\...\Chainz Galaxy) (Version: 1.0.0.0 - INTENIUM GmbH)
Children of the Nile - Alexandria (HKLM-x32\...\Children of the Nile - Alexandria_is1) (Version:  - GamersGate)
Children of the Nile (HKLM-x32\...\Children of the Nile_is1) (Version:  - GamersGate)
Cities XL Platinum (HKLM-x32\...\Cities XL Platinum) (Version: 1.0.0 - Focus Home Interactive)
ClamWin Free Antivirus 0.98.7 (HKLM-x32\...\ClamWin Free Antivirus_is1) (Version:  - alch)
ClipGrab 3.1.3.0 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:  - Philipp Schmieder Medien)
concept/design onlineTV 11 (HKLM-x32\...\{8A4C3184-DA2F-4553-BF61-83F5690C3048}_is1) (Version: 11.0.0.0 - concept/design GmbH)
concept/design onlineTV 6 (HKLM-x32\...\{5BF5331F-E271-4A1F-AF5D-30A93EFF2584}_is1) (Version: onlineTV 6 - concept/design GmbH)
concept/design Video Jukebox (HKLM-x32\...\{37569A10-CB38-4615-8B32-0BF9FF5D887D}_is1) (Version: Video Jukebox - concept/design GmbH)
Cosmo Player 2.1.1 (HKLM-x32\...\CosmoPlayer) (Version:  - )
CPUID CPU-Z 1.69 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Criminal Minds (HKLM-x32\...\Criminal Minds) (Version: 1.0.0.0 - INTENIUM GmbH)
CrossWorlds – Die Stadt in den Wolken (HKLM-x32\...\CrossWorlds – Die Stadt in den Wolken) (Version: 1.0.0.0 - INTENIUM GmbH)
CSVed 2.0.1 (HKLM-x32\...\CSVed_is1) (Version: 2.0.1 - SJ Francke)
Cuttermaran 1.70 (HKLM-x32\...\{5F499D33-546A-442B-B0F9-4C58F3B5B6E3}) (Version: 1.7.0 - toarnold)
Daossoft ZIP Password Recovery 7.0.0.1 (HKLM-x32\...\Daossoft ZIP Password Recovery) (Version: 7.0.0.1 - Daossoft)
Daossoft ZIP Password Rescuer (HKLM-x32\...\Daossoft ZIP Password Rescuer) (Version: 7.0.0.1 - Daossoft)
Dark Angels: Maskerade der Schatten (HKLM-x32\...\Dark Angels: Maskerade der Schatten) (Version: 1.0.0.0 - INTENIUM GmbH)
Darkstar One (HKLM-x32\...\Darkstar One_is1) (Version:  - )
Das gelobte Land (HKLM-x32\...\Das gelobte Land) (Version: 1.0.0.0 - INTENIUM GmbH)
Das Gold von Alaska (HKLM-x32\...\Das Gold von Alaska) (Version: 1.0.0.0 - INTENIUM GmbH)
Das Rettungsteam (HKLM-x32\...\Das Rettungsteam) (Version: 1.0.0.0 - INTENIUM GmbH)
Das Rettungsteam 2 (HKLM-x32\...\Das Rettungsteam 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Das Rettungsteam 3 (HKLM-x32\...\Das Rettungsteam 3) (Version: 1.0.0.0 - INTENIUM GmbH)
Das Smaragd-Riff 2 (HKLM-x32\...\Das Smaragd-Riff 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Das Verm?chtnis der Insel (Vorschau) (HKLM-x32\...\Das Verm?chtnis der Insel (Vorschau)) (Version: 1.0.0.0 - INTENIUM GmbH)
Das Verm鋍htnis der Insel 2 (HKLM-x32\...\Das Verm鋍htnis der Insel 2) (Version: 1.0.0.0 - INTENIUM GmbH)
DAZ 3D Install Manager 1 (HKLM-x32\...\DAZ 3D Install Manager 1 1.0.1.75) (Version: 1.0.1.75 - DAZ 3D)
DAZ Content Management Service (HKLM-x32\...\DAZ Content Management Service 4.8.1.7) (Version: 4.8.1.7 - DAZ 3D)
DB Browser for SQLite (HKLM-x32\...\SqliteBrowser3) (Version: 3.6.0 - oldsch00l)
DDGUID COM DLL version 1.0.0.0 (HKLM-x32\...\{121E7E7D-9AFB-44B1-83B4-EC8502422445}_is1) (Version: 1.0.0.0 - ITS Detlev Dalitz)
Declan's Chinese Dictionary v1.5 (HKLM-x32\...\Declan's Chinese Dictionary_is1) (Version: 1.5.3725 - Declan Software, Inc.)
Declan's Chinese FlashCards v1.6 (HKLM-x32\...\Declan's Chinese FlashCards_is1) (Version: 1.6.3240 - Declan Software, Inc.)
Der Bau der Chinesischen Mauer (HKLM-x32\...\Der Bau der Chinesischen Mauer) (Version: 1.0.0.0 - INTENIUM GmbH)
Der Bau der Chinesischen Mauer Sammleredition (HKLM-x32\...\Der Bau der Chinesischen Mauer Sammleredition) (Version: 1.0.0.0 - INTENIUM GmbH)
Der Exorzist II (HKLM-x32\...\Der Exorzist II) (Version: 1.0.0.0 - INTENIUM GmbH)
Der Exorzist III: Geburt der Finsternis (HKLM-x32\...\Der Exorzist III: Geburt der Finsternis) (Version: 1.0.0.0 - INTENIUM GmbH)
Der Gesandte des K鰊igs 2 (HKLM-x32\...\Der Gesandte des K鰊igs 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Der gro?e Baum (HKLM-x32\...\Der gro?e Baum) (Version: 0.0.0.0 - INTENIUM GmbH)
Der Schatz des K?nigs (HKLM-x32\...\Der Schatz des K?nigs) (Version: 1.0.0.0 - INTENIUM GmbH)
Der Stamm der Azteken: Neues Land (HKLM-x32\...\Der Stamm der Azteken: Neues Land) (Version: 1.0.0.0 - INTENIUM GmbH)
Deus Ex - Invisible War (HKLM-x32\...\{0B6A9773-F8F8-4D3F-BCF0-029D2B87DB8A}) (Version: 1.2 - )
Deutschland Spielt - Spiele Post (HKLM-x32\...\Deutschland Spielt - Spiele Post) (Version: 1.0.3.0 - INTENIUM GmbH)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 2.4.2.14 - INTENIUM GmbH)
DEUTSCHLAND SPIELT Spiele Post (HKLM-x32\...\DEUTSCHLAND SPIELT Spiele Post) (Version: 1.0.3.0 - INTENIUM GmbH)
Deutschland-Spielt ?Das Kreuzwortr鋞sel (HKLM-x32\...\Deutschland-Spielt ?Das Kreuzwortr鋞sel) (Version: 1.0.0.0 - INTENIUM GmbH)
Diamantenfee (VOLLVERSION) (HKLM-x32\...\Diamantenfee (VOLLVERSION)) (Version: 1.0.0.0 - INTENIUM GmbH)
Diamond Drop (HKLM-x32\...\Diamond Drop) (Version: 1.0.0.0 - INTENIUM GmbH)
Diamond Drop 2 (HKLM-x32\...\Diamond Drop 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Die 4 Elemente II (HKLM-x32\...\Die 4 Elemente II) (Version: 1.0.0.0 - INTENIUM GmbH)
Die Chroniken von Emerland – Solitaire (HKLM-x32\...\Die Chroniken von Emerland – Solitaire) (Version: 1.0.0.0 - INTENIUM GmbH)
Die Fisch-Oase 2 (HKLM-x32\...\Die Fisch-Oase 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Die Fisch-Oase 3 (HKLM-x32\...\Die Fisch-Oase 3) (Version: 1.0.0.0 - INTENIUM GmbH)
Die Kreuzwort-Ritter und der Turm von Babel (HKLM-x32\...\Die Kreuzwort-Ritter und der Turm von Babel) (Version: 1.0.0.0 - INTENIUM GmbH)
Die Legende von Atlantis: Exodus (HKLM-x32\...\Die Legende von Atlantis: Exodus) (Version: 1.0.0.0 - INTENIUM GmbH)
Die Legende von Atlantis: Perlen aus der Tiefe (HKLM-x32\...\Die Legende von Atlantis: Perlen aus der Tiefe) (Version: 1.0.0.0 - INTENIUM GmbH)
Die Prophezeiung der Inka 2 (HKLM-x32\...\Die Prophezeiung der Inka 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Die Ritter (HKLM-x32\...\Die Ritter) (Version: 1.0.0.0 - INTENIUM GmbH)
Die Sage von Kolossus (HKLM-x32\...\Die Sage von Kolossus) (Version: 1.0.0.0 - INTENIUM GmbH)
Die Siedler 2 - Die n鋍hste Generation (HKLM-x32\...\{ED56EF4F-35FF-48D4-B616-A66E791EF1B6}) (Version: 1.00.0000 - UBISOFT)
Die Wiege Olympias 2 (HKLM-x32\...\Die Wiege Olympias 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Die Wiege Olympias 3 (HKLM-x32\...\Die Wiege Olympias 3) (Version: 1.0.0.0 - INTENIUM GmbH)
Die Wiege 膅yptens (HKLM-x32\...\Die Wiege 膅yptens) (Version: 1.0.0.0 - INTENIUM GmbH)
Distant Worlds (HKLM-x32\...\Distant Worlds1.0.7.0) (Version: 1.0.7.0 - Matrix Games)
Divine Souls (Suba Games) (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\DivineSoulsAtSubaGames_is1) (Version: 10 - Suba Games)
Divinity II - Ego Draconis (HKLM-x32\...\Divinity II - Ego Draconis_is1) (Version:  - dtp)
DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 1.0.5.13 - DivX, Inc. )
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
Dragon Keeper 2 (HKLM-x32\...\Dragon Keeper 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Dream Inn: Driftwood (HKLM-x32\...\Dream Inn: Driftwood) (Version: 1.0.0.0 - INTENIUM GmbH)
Dropbox (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dungeon Siege (HKLM-x32\...\Steam App 39190) (Version:  - Gas Powered Games)
Dungeon Siege 2 (HKLM-x32\...\DungeonSiege2) (Version:  - Microsoft)
DVRManager (HKLM-x32\...\{8973631B-D3CE-4F74-8A72-F734D928B940}) (Version:  - )
Dyn Updater (HKLM-x32\...\DynUpdater) (Version: 4.1.10 - Dyn, Inc.)
easyLotto-Lite (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\bb2ae2cb1fbfa1ab) (Version: 1.0.0.0 - PEBO-Software)
EHEIM ControlCenter (HKLM-x32\...\EHEIM ControlCenter) (Version: 1.0.5.2 - EHEIM GmbH & Co. KG)
Ein Yankee unter Rittern (HKLM-x32\...\Ein Yankee unter Rittern) (Version: 1.0.0.0 - INTENIUM GmbH)
Ein Yankee unter Rittern 2 (HKLM-x32\...\Ein Yankee unter Rittern 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Elite Dangerous Launcher version 0.4.4347.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.4347.0 - Frontier Developments)
Elixir version 1.2.1 (HKLM-x32\...\Elixir_is1) (Version: 1.2.1 - ElixirLang)
Ember Media Manager BETA (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\Ember Media Manager BETA) (Version:  - Team Ember Media Manager)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - AMPLITUDE Studios)
Enterprise Architect (HKLM-x32\...\{FB1FA4DA-DFFA-4EC0-A6F1-3E2A8B9724A2}) (Version: 12.0.1215.11 - Sparx Systems)
EPSON BX535WD Series Printer Uninstall (HKLM\...\EPSON BX535WD Series) (Version:  - SEIKO EPSON Corporation)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.0.2 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{FFF841F3-9A15-4F61-BD16-C19F132E5A27}) (Version: 2.3.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION)
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Erlang OTP 18 (7.1) (HKLM-x32\...\Erlang OTP 18 (7.1)) (Version:  - )
Eterium Demo (HKLM-x32\...\{49053068-6446-481F-848B-F379DFAF7774}) (Version: 1.0.0.3355 - Rogue Earth LLC)
Eternity (HKLM-x32\...\Eternity) (Version: 1.0.0.0 - INTENIUM GmbH)
EVEREST Ultimate Edition v4.60 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 4.60 - Lavalys, Inc.)
Exif Farm 2.1 (HKLM\...\Exif Farm_is1) (Version: 2.1 - Two Pilots)
Express Burn (HKLM-x32\...\ExpressBurn) (Version: 4.68 - NCH Software)
Farm Craft 2 (HKLM-x32\...\Farm Craft 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Farm Quest (HKLM-x32\...\Farm Quest) (Version: 1.0.0.0 - INTENIUM GmbH)
Farm Tribe (HKLM-x32\...\Farm Tribe) (Version: 1.0.0.0 - INTENIUM GmbH)
Farmington Tales: Geschichten vom Land (HKLM-x32\...\Farmington Tales: Geschichten vom Land) (Version: 1.0.0.0 - INTENIUM GmbH)
Ferne K?nigreiche: Die Elemente der Magie (HKLM-x32\...\Ferne K?nigreiche: Die Elemente der Magie) (Version: 0.0.0.0 - INTENIUM GmbH)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.2.6 - Telerik)
Fiddler Syntax-Highlighting Addons (HKLM-x32\...\FiddlerSyntaxAddons) (Version:  - )
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Flash Stream Hunter 1.0.12 (HKLM-x32\...\Flash Stream Hunter) (Version: 1.0.12 - www.mplaze.com)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.143.923 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.)
Freeciv 2.3.0-beta3 (GTK+ client) (HKLM-x32\...\Freeciv-2.3.0-beta3-gtk2) (Version:  - )
FreeOrion 0.4.3 (HKLM-x32\...\FreeOrion) (Version: 0.4.3 - FreeOrion Community)
Freespace 2 (HKLM-x32\...\GOGPACKFREESPACE2_is1) (Version: 2.0.0.8 - GOG.com)
FreeSpace2Demo (HKLM-x32\...\FreeSpace2Demo) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{4115C9AA-35E0-45D8-9363-47635B8750C7}) (Version: 4.29.438.0 - Futuremark)
Galactic Civilizations II Demo (HKLM-x32\...\Galactic Civilizations II Demo) (Version:  - )
Galaxy on Fire 2? Full HD (HKLM-x32\...\Steam App 212010) (Version:  - Fishlabs Entertainment GmbH)
Game Launcher (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\Game Launcher) (Version: 12345.0.0.0 - Splitscreen Studios GmbH)
Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge)
Garten-Glück 2 (HKLM-x32\...\Garten-Glück 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Garten-Glück: Jetzt wird renoviert! (HKLM-x32\...\Garten-Glück: Jetzt wird renoviert!) (Version: 1.0.0.0 - INTENIUM GmbH)
Garten-Gl點k: Jetzt wird renoviert! (HKLM-x32\...\Garten-Gl點k: Jetzt wird renoviert!) (Version: 1.0.0.0 - INTENIUM GmbH)
GE (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\ge-a720d5416927420421c794affc234984) (Version: 1.6.0 - Apache Cordova Team)
Geflüsterte Geschichten: Die Zwillinge (HKLM-x32\...\Geflüsterte Geschichten: Die Zwillinge) (Version: 1.0.0.0 - INTENIUM GmbH)
Geheime F鋖le: Auf den Spuren von Casanova (HKLM-x32\...\Geheime F鋖le: Auf den Spuren von Casanova) (Version: 1.0.0.0 - INTENIUM GmbH)
Geheime F鋖le: Die gestohlene Venus (HKLM-x32\...\Geheime F鋖le: Die gestohlene Venus) (Version: 1.0.0.0 - INTENIUM GmbH)
Geheime F鋖le: Die gestohlene Venus 2 (HKLM-x32\...\Geheime F鋖le: Die gestohlene Venus 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Geheime F鋖le: Vermisst in Rom (HKLM-x32\...\Geheime F鋖le: Vermisst in Rom) (Version: 1.0.0.0 - INTENIUM GmbH)
Geheimnis von Montezuma 3 (HKLM-x32\...\Geheimnis von Montezuma 3) (Version: 1.0.0.0 - INTENIUM GmbH)
Genymotion version 2.5.4 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.5.4 - Genymobile)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
GOG.com Freespace 2 (HKLM\...\{18fd605c-27de-4827-8faa-7a7e1fd2c6fb}.sdb) (Version:  - )
Goldene Jahre: Der weite Westen (HKLM-x32\...\Goldene Jahre: Der weite Westen) (Version: 1.0.0.0 - INTENIUM GmbH)
Goldfieber: Bankraub in Sunnyvale (HKLM-x32\...\Goldfieber: Bankraub in Sunnyvale) (Version: 1.0.0.0 - INTENIUM GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Gothic 3 (HKLM-x32\...\{9F78DB3D-4F90-4A10-AD0A-85C271C88106}) (Version: 1.0.0 - JoWood)
Great Adventures: Lost in Mountains (HKLM-x32\...\Great Adventures: Lost in Mountains) (Version: 1.0.0.0 - INTENIUM GmbH)
Green Valley (HKLM-x32\...\Green Valley) (Version: 1.0.0.0 - INTENIUM GmbH)
Grusel-Trubel (HKLM-x32\...\Grusel-Trubel) (Version: 1.0.0.0 - INTENIUM GmbH)
Gunblade Saga (HKLM-x32\...\{0AC07A77-0511-4904-9FA1-616DC9BEF50D}) (Version: 11.09.30 - Mail.Ru Games GmbH)
Hajloo.FOSS.UnicodeConverter.Windows.UI (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\6e66985573afb97c) (Version: 1.0.0.1 - Hajloo.FOSS.UnicodeConverter.Windows.UI)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Happyville (HKLM-x32\...\Happyville) (Version: 1.0.0.0 - INTENIUM GmbH)
Haus der 1000 T黵en 2: Das Juwel des Zarathustra (HKLM-x32\...\Haus der 1000 T黵en 2: Das Juwel des Zarathustra) (Version: 1.0.0.0 - INTENIUM GmbH)
Hddb File Search (HKLM-x32\...\Hddb) (Version: 2.0.0 - hddb.xp-zed.com)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Heroes of Kalevala (HKLM-x32\...\Heroes of Kalevala) (Version: 1.0.0.0 - INTENIUM GmbH)
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200091}) (Version:  - )
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version:  - )
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version:  - )
Heroku version 3.2.0 (HKLM-x32\...\Heroku_is1) (Version: 3.2.0 - )
Hidden Object Crosswords (HKLM-x32\...\Hidden Object Crosswords) (Version: 1.0.0.0 - INTENIUM GmbH)
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
HomeMatic Config (HKLM-x32\...\HomeMatic Config) (Version: 1.511 - eQ-3 Entwicklung GmbH)
HomeMatic Config (x32 Version: 1.511 - eQ-3 Entwicklung GmbH) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{368E4EF8-E840-40EE-A224-50B8D1DC2B12}) (Version: 2.4.11.0 - HTC)
Hühner-Rache (HKLM-x32\...\Hühner-Rache) (Version: 1.0.0.0 - INTENIUM GmbH)
H黨ner-Attacke Deluxe (HKLM-x32\...\H黨ner-Attacke Deluxe) (Version: 1.0.0.0 - INTENIUM GmbH)
H黨ner-Rache Deluxe (VOLLVERSION) (HKLM-x32\...\H黨ner-Rache Deluxe (VOLLVERSION)) (Version: 1.0.0.0 - INTENIUM GmbH)
Icecream Screen Recorder version 1.37 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 1.37 - Icecream Apps)
Im Land der Wikinger (HKLM-x32\...\Im Land der Wikinger) (Version: 1.0.0.0 - INTENIUM GmbH)
Image Resizer Powertoy Clone for Windows (64 bit) (HKLM\...\{80A620C1-B22C-4781-A351-B14B8A37BFE3}) (Version: 2.1 - Brice Lambson)
ImageMagick 6.9.1-4 Q16 (64-bit) (2015-07-15) (HKLM\...\ImageMagick 6.9.1 Q16 (64-bit)_is1) (Version: 6.9.1 - ImageMagick Studio LLC)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Jack of all Tribes (HKLM-x32\...\Jack of all Tribes) (Version: 1.0.0.0 - INTENIUM GmbH)
Jane Lucky (HKLM-x32\...\Jane Lucky) (Version: 1.0.0.0 - INTENIUM GmbH)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java SE Development Kit 7 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
Java(TM) SE Development Kit 6 Update 26 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160260}) (Version: 1.6.0.260 - Oracle)
JaVaWa Device Manager 2.6 (HKLM-x32\...\{4D700EE8-5A7D-43C1-B4E2-BC8A22B482DD}_is1) (Version: 2.6 - JaVaWa GPS-tools)
JetBrains RubyMine 3.2.2 (HKLM-x32\...\RubyMine 3.2.2) (Version: 107.441 - JetBrains s.r.o.)
JetBrains RubyMine 3.2.4 (HKLM-x32\...\RubyMine 3.2.4) (Version: 107.612 - JetBrains s.r.o.)
JetBrains RubyMine 4.0.2 (HKLM-x32\...\RubyMine 4.0.2) (Version: 113.31 - JetBrains s.r.o.)
JetBrains RubyMine 4.0.3 (HKLM-x32\...\RubyMine 4.0.3) (Version: 117.230 - JetBrains s.r.o.)
JetBrains RubyMine 4.5.2 (HKLM-x32\...\RubyMine 4.5.2) (Version: 119.46 - JetBrains s.r.o.)
JetBrains RubyMine 5.0.2 (HKLM-x32\...\RubyMine 5.0.2) (Version: 125.94 - JetBrains s.r.o.)
JetBrains RubyMine 5.4.2 (HKLM-x32\...\RubyMine 5.4.2) (Version: 129.512 - JetBrains s.r.o.)
JetBrains RubyMine 7.1.2 (HKLM-x32\...\RubyMine 7.1.2) (Version: 141.1119 - JetBrains s.r.o.)
Jewel Charm (HKLM-x32\...\Jewel Charm) (Version: 1.0.0.0 - INTENIUM GmbH)
Jewel Legends ?Tree of Life (HKLM-x32\...\Jewel Legends ?Tree of Life) (Version: 1.0.0.0 - INTENIUM GmbH)
Jewel Legends: Atlantis (HKLM-x32\...\Jewel Legends: Atlantis) (Version: 1.0.0.0 - INTENIUM GmbH)
Jewel Match 2 (HKLM-x32\...\Jewel Match 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Jewel Match 3 (HKLM-x32\...\Jewel Match 3) (Version: 1.0.0.0 - INTENIUM GmbH)
Jewel Quest: Heritage (HKLM-x32\...\Jewel Quest: Heritage) (Version: 1.0.0.0 - INTENIUM GmbH)
Joe (HKLM-x32\...\{2F8C3308-46DC-4431-B1C0-5C579A5CADBE}) (Version: 3.08.0100 - Wirth IT Design)
Joulemeter (HKLM-x32\...\{E043568C-1745-4C69-9D52-43F6E79EB03B}) (Version: 1.2.0 - Microsoft Research)
Juliet Sex Session (HKLM-x32\...\Juliet Sex Session_is1) (Version:  - SexGameDevil.com)
KeyTweak - Keyboard Remapper (remove only) (HKLM-x32\...\KeyTweak) (Version:  - )
King’s Bounty Crossworlds (Remove Only) (HKLM-x32\...\{19838E63-F2B6-4EE3-81CA-9B61A5CE0673}_is1) (Version: 1.0.0.0 - 1C Company)
King's Bounty: Armored Princess (Remove Only) (HKLM-x32\...\{FEB32068-825C-4E99-9680-5571451B3787}_is1) (Version: 1.0.0.0 - 1C Company)
K-Lite Codec Pack 9.9.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.5 - )
Kodi (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\Kodi) (Version:  - XBMC-Foundation)
Lawn & Order: Die Gartenprofis (HKLM-x32\...\Lawn & Order: Die Gartenprofis) (Version: 1.0.0.0 - INTENIUM GmbH)
League of Angels version 2.1.1 (HKLM-x32\...\{5F5CDBCD-CA12-4C28-84CC-897BB1443117}_is1) (Version: 2.1.1 - YOUZU Games Hongkong Limited)
Legende von Horus (HKLM-x32\...\Legende von Horus) (Version: 0.0.0.0 - INTENIUM GmbH)
Legenden des Mahjong (HKLM-x32\...\Legenden des Mahjong) (Version: 1.0.0.0 - INTENIUM GmbH)
Light of Altair 1.00 (HKLM-x32\...\Light of Altair_is1) (Version:  - SaintXi)
LinkChecker 9.3 (HKLM-x32\...\LinkChecker_is1) (Version:  - )
LockHunter version 1.0 beta 3, 64 bit edition (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich, Ltd)
Log Parser 2.2 (HKLM-x32\...\{4AC23178-EEBC-4BAF-8CC0-AB15C8897AC9}) (Version: 2.2.10 - Microsoft Corporation)
Lost Souls: Die verzauberten Gem鋖de (HKLM-x32\...\Lost Souls: Die verzauberten Gem鋖de) (Version: 1.0.0.0 - INTENIUM GmbH)
Lost Via Domus (HKLM-x32\...\{2702B8FC-6003-4AC6-ADBC-EC65746D800A}) (Version: 1.0 - Ubisoft)
Macrium Reflect Home Edition (HKLM\...\MacriumReflect) (Version: 6.0 - Paramount Software (UK) Ltd.)
Macrium Reflect Home Edition (Version: 6.0.545 - Paramount Software (UK) Ltd.) Hidden
Magic Bookshop Mahjong (HKLM-x32\...\Magic Bookshop Mahjong) (Version: 0.0.0.0 - INTENIUM GmbH)
Magic Encyclopedia: Illusionen (HKLM-x32\...\Magic Encyclopedia: Illusionen) (Version: 1.0.0.0 - INTENIUM GmbH)
MailStore Home 8.2.0.9316 (HKLM-x32\...\MailStore Home_universal1) (Version: 8.2.0.9316 - MailStore Software GmbH)
Malwarebytes Anti-Malware version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)
Master of Orion II (HKLM-x32\...\{C1003F7C-ECA5-4901-9337-FE727455F3AF}_is1) (Version:  - GamersGate)
Max Local Application (HKLM-x32\...\Max Local Application) (Version: 1.3.6 - ELV Elektronik AG)
Max Local Application (x32 Version: 1.3.6 - ELV Elektronik AG) Hidden
Mega World Smash (HKLM-x32\...\Mega World Smash) (Version: 1.0.0.0 - INTENIUM GmbH)
Mein kleiner Farmplanet (HKLM-x32\...\Mein kleiner Farmplanet) (Version: 1.0.0.0 - INTENIUM GmbH)
Meine kleine Farm: Helden der Wikinger (HKLM-x32\...\Meine kleine Farm: Helden der Wikinger) (Version: 1.0.0.0 - INTENIUM GmbH)
meinHausplaner (HKLM-x32\...\meinHausplaner) (Version:  - )
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Application Compatibility Toolkit 5.6 (HKLM-x32\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation)
Microsoft Baseline Security Analyzer 2.2 (HKLM\...\{08C3441C-4FAF-48D3-A551-70DD6031734F}) (Version: 2.2.2170 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}) (Version: 1.2.0238 - Microsoft Corporation)
Microsoft GB18030 Support Package (HKLM-x32\...\{DEBACE7E-5DD1-42DB-AFE7-2B60E7CC80A8}) (Version: 1.0.1 - Microsoft)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Keyboard Layout Creator 1.4 (HKLM-x32\...\{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}) (Version: 1.4.6000 - Microsoft Corp.)
Microsoft Network Monitor 3.4 (HKLM\...\{8C5B5A11-CBF8-451B-B201-77FAB0D0B77D}) (Version: 3.4.2350.0 - Microsoft Corporation)
Microsoft Network Monitor: NetworkMonitor Parsers 3.4 (HKLM\...\{963E5FEB-1367-46B9-851D-A957F1A3747F}) (Version: 3.4.2350.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Millionaire Manor: Die Wimmelbildshow (HKLM-x32\...\Millionaire Manor: Die Wimmelbildshow) (Version: 1.0.0.0 - INTENIUM GmbH)
Moonlight Match: Eine zauberhafte Nacht (HKLM-x32\...\Moonlight Match: Eine zauberhafte Nacht) (Version: 1.0.0.0 - INTENIUM GmbH)
Moorhuhn - Juwel der Finsternis (HKLM-x32\...\Moorhuhn - Juwel der Finsternis) (Version: 1.0.0.0 - INTENIUM GmbH)
Mosaic (HKLM-x32\...\Mosaic) (Version: 0.0.0.0 - INTENIUM GmbH)
Motor Town: Die Seelen der Maschinen (HKLM-x32\...\Motor Town: Die Seelen der Maschinen) (Version: 1.0.0.0 - INTENIUM GmbH)
Mozilla Firefox 43.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 en-US)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.3.0 (x86 en-US)) (Version: 31.3.0 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 en-US) (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\Mozilla Thunderbird 38.5.1 (x86 en-US)) (Version: 38.5.1 - Mozilla)
MP3 Internet Renamer (HKLM-x32\...\{D5DA5515-B1D0-453D-82FA-F136AB927971}) (Version:  - )
Mp3tag v2.48 (HKLM-x32\...\Mp3tag) (Version: v2.48 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyDriveConnect 4.0.3.2180 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.3.2180 - TomTom)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
MyKeyFinder (HKLM-x32\...\MyKeyFinder_is1) (Version: 2012 - Abelssoft)
MySQL Documents 5.6 (HKLM-x32\...\{4D17B5C1-7388-4647-9A24-D5FDD173D4EA}) (Version: 5.6.27 - Oracle Corporation)
MySQL Examples and Samples 5.6 (HKLM-x32\...\{3E1DCC2B-8A78-4E91-B2EC-9DCFE25D41FA}) (Version: 5.6.27 - Oracle Corporation)
MySQL Installer for Windows - Community (HKLM-x32\...\{3BA103F3-9F80-468F-A4D0-52ED5709B871}) (Version: 1.4.11.0 - Oracle Corporation)
MySQL Server 5.6 (HKLM\...\{861A680B-2084-444B-BE8D-89E153BEEEE3}) (Version: 5.6.27 - Oracle Corporation)
MySQL Tools for 5.0 (HKLM-x32\...\{FCB10DE3-E190-4A7E-B06A-FAC61567ABFC}) (Version: 5.0.17 - MySQL AB, Sun Microsystems, Inc.)
M黱chhausens Unglaubliche Abenteuer (HKLM-x32\...\M黱chhausens Unglaubliche Abenteuer) (Version: 1.0.0.0 - INTENIUM GmbH)
Nebel der Elfen (HKLM-x32\...\Nebel der Elfen) (Version: 1.0.0.0 - INTENIUM GmbH)
Neodrome version 1.1 (HKLM-x32\...\{41144EC9-C6C0-4007-AF7A-D72655C66692}_is1) (Version: 1.1 - Happy Hole Studios)
Netsparker [Community Edition] - Web Application Security Scanner (HKLM-x32\...\NetsparkerCommunityEdition) (Version:  - Mavituna Security Limited)
Netzwerkhandbuch EPSON BX535WD Series (HKLM-x32\...\EPSON BX535WD Series Netg) (Version:  - )
Neverwinter Nights 2 (HKLM-x32\...\{F20C1251-1D0A-4944-B2AE-678581B33B19}) (Version: 1.00.0000 - Obsidian)
Nexus: The Jupiter Incident - Singleplayer Demo (HKLM-x32\...\{0775D5AF-0458-4F04-867D-1C7DD0B70CD0}) (Version: 1.00.0000 - Mithis)
Nici v2.10 (HKLM-x32\...\Nici_is1) (Version:  - The DiScosel Group)
NmDecrypt 2.3 (HKLM\...\{EB5458DA-11D6-457D-87CF-E5001F042744}) (Version: 2.3.4.0 - Microsoft)
NMTopProtocols 3.2 (HKLM\...\{7C38E07B-48B5-4468-98C2-AA4C394ADC3A}) (Version: 3.2.0.0 - Outercurve Foundation)
NmTopUsers 2.2 (HKLM\...\{693DEB2F-5094-4B34-A54A-2148D3B2ADB2}) (Version: 2.2.0.0 - Outercurve)
Node.js (HKLM\...\{3B7D7D6B-6811-4E43-9206-2D20FFCB2AF2}) (Version: 4.2.4 - Node.js Foundation)
Notepad App (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\Notepad App) (Version:  - Sun Microsystems, Inc.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NTFS Undelete 3.0.2.210 (HKLM-x32\...\NTFS Undelete_is1) (Version:  - Copyright ?2010 eSupport.com ?All Rights Reserved)
Nullsoft Install System (HKLM-x32\...\NSIS) (Version: 2.46 - )
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA CUDA Toolkit v5.0 (64 bit) (HKLM\...\{03EF0B6E-6C0F-4939-9E3B-58A75C850A10}) (Version: 5.0.35.3 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Island Demo (HKLM-x32\...\{D422FDA2-EE96-4556-8F56-6713F92F4D1C}) (Version: 1.00 - )
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6514 - NVIDIA Corporation)
o2c Player (HKLM-x32\...\o2c Player) (Version: 2.0.0.57 - Eleco PLC)
Octava SD4 (HKLM-x32\...\{E680BB35-F552-4B28-BE4F-8E7CE515636F}) (Version: 5.01 - Obtiv)
Octoshape Streaming Services (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\Octoshape Streaming Services) (Version:  - )
Oolite 1.76.1.4946 (HKLM-x32\...\Oolite) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.2 (HKLM-x32\...\{8D1E61D1-1395-4E97-997F-D002DB3A5074}) (Version: 3.2.9502 - OpenOffice.org)
OpenOffice.org 3.2 Language Pack (English (United Kingdom)) (HKLM-x32\...\{A678B043-5E96-4437-84B2-0A3D25A1FB1D}) (Version: 3.2.9502 - OpenOffice.org)
OpenTTD 1.0.5 (HKLM-x32\...\OpenTTD) (Version: 1.0.5 - OpenTTD)
OpenVPN 2.3.1-I001  (HKLM\...\OpenVPN) (Version: 2.3.1-I001 - )
Oracle VM VirtualBox 4.3.18 (HKLM\...\{74B7E6F9-DCAC-4ADB-B2D0-EEFDD1B5AC25}) (Version: 4.3.18 - Oracle Corporation)
Orbyx Deluxe (HKLM-x32\...\Orbyx Deluxe) (Version: 1.0.0.0 - INTENIUM GmbH)
OSFMount v1.5 (HKLM\...\OSFMount_is1) (Version: 1.5.1013 - Passmark Software)
Paradise Beach 2 (HKLM-x32\...\Paradise Beach 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Paragon Software Langenscheidt 7 (HKLM-x32\...\Paragon Software Langenscheidt 7) (Version:  - Paragon Software)
Parkan II (HKLM-x32\...\Parkan II_is1) (Version:  - GamersGate)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 1.1.5.34023 - Grinding Gear Games)
PcSoft 2.00 (HKLM-x32\...\PcSoft1011-2_is1) (Version:  - Hannes-Georg Liedtke)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heind鰎fer, Philip Chinery)
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 11.0 - PlotSoft LLC)
pdfsam (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\pdfsam) (Version: 2.2.1 - )
Phantasmat (HKLM-x32\...\Phantasmat) (Version: 1.0.0.0 - INTENIUM GmbH)
PhotoTitle (HKLM-x32\...\{26AEC5D9-16FD-42DA-98FE-D771EAFA639C}) (Version: 3.1 - IV-Software)
Planescape - Torment (HKLM-x32\...\Planescape - Torment) (Version:  - )
POV-Ray for Windows v3.7 (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\POV-Ray for Windows v3.7) (Version: 3.7 - Persistence of Vision Raytracer Pty. Ltd.)
Power Manager Version 6.0.0.10 (HKLM\...\{F8EE377A-9FD7-49E9-BCE6-DD3EBEEFAA7A}_is1) (Version: 6.0.0.10 - Energenie)
Privateer (HKLM-x32\...\Privateer) (Version:  - )
Puzzle Quest 2 version 1.0 (HKLM-x32\...\{67D37AF1-EE19-43AE-B650-61BD56B06527}_is1) (Version: 1.0 - GamersGate)
Python 2.6 PIL-1.1.7 (HKLM\...\PIL-py2.6) (Version:  - )
Python 2.6.5 (64-bit) (HKLM\...\{4723f199-fa64-4233-8e6e-9fccc95a18ef}) (Version: 2.6.5150 - Python Software Foundation)
Qemu Manager 7.0 (HKLM-x32\...\Qemu Manager 7.0 - Qemu 0.11.1_is1) (Version:  - David T Reynolds)
Questpaket 4 Update 1 Deinstallation (HKLM-x32\...\G3QP231012008_is1) (Version: 4.1.0.0 - Humanforce)
RarZilla Free Unrar (HKLM-x32\...\RarZilla Free Unrar) (Version: 4.50 - Philipp Winterberg)
ReadWrite Chinese (Simplified) Version 1.4 (HKLM-x32\...\ReadWrite Chinese (Simplified)_is1) (Version: 1.4.2220 - Declan Software, Inc.)
Retter in der Not (HKLM-x32\...\Retter in der Not) (Version: 1.0.0.0 - INTENIUM GmbH)
Ritter Arthur (HKLM-x32\...\Ritter Arthur) (Version: 1.0.0.0 - INTENIUM GmbH)
Ritter Arthur II (HKLM-x32\...\Ritter Arthur II) (Version: 1.0.0.0 - INTENIUM GmbH)
Ritter Arthur III (HKLM-x32\...\Ritter Arthur III) (Version: 1.0.0.0 - INTENIUM GmbH)
Robin抯 Quest: Aufstieg einer Legende (HKLM-x32\...\Robin抯 Quest: Aufstieg einer Legende) (Version: 1.0.0.0 - INTENIUM GmbH)
Rodina (HKLM-x32\...\{6AEB2A96-A6F4-4146-83D1-6EBB3C86F2A9}) (Version: 1.1.4 - Elliptic Games)
RokuRadioSnooper v2.10.06 (HKLM-x32\...\Roku Radio Snooper_is1) (Version:  - DonationCoder.com)
Rome - Total War - Gold Edition (HKLM-x32\...\{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}) (Version: 1.6 - The Creative Assembly)
Room Arranger (HKLM-x32\...\Room Arranger) (Version: 7.1.2 - Jan Adamec)
Rosetta Stone Ltd Services (HKLM-x32\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
Rosetta Stone TOTALe (HKLM-x32\...\{6B6BC189-D606-4BC7-9758-E6C364F76A55}) (Version: 4.5.5.0 - Rosetta Stone, Ltd)
Royal Trouble (HKLM-x32\...\Royal Trouble) (Version: 1.0.0.0 - INTENIUM GmbH)
Ruby 1.9.3-p448 (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\{17E73B15-62D2-43FD-B851-ACF86A8C9D25}_is1) (Version: 1.9.3-p448 - RubyInstaller Team)
Ruby 2.1.6-p336-x64 (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\{2A5A5972-E912-49C4-9459-F05131507B6E}_is1) (Version: 2.1.6-p336 - RubyInstaller Team)
Sacra Terra: Nacht der Engel (HKLM-x32\...\Sacra Terra: Nacht der Engel) (Version: 1.0.0.0 - INTENIUM GmbH)
Sacred 2 (HKLM-x32\...\{1023383E-D9F6-478C-A965-23A4657B3C9A}) (Version: 2.64.0.0 - Deep Silver)
Safari Quest (HKLM-x32\...\Safari Quest) (Version: 1.0.0.0 - INTENIUM GmbH)
Samantha Swift 4 (HKLM-x32\...\Samantha Swift 4) (Version: 1.0.0.0 - INTENIUM GmbH)
Sandman (HKLM-x32\...\Sandman) (Version: 1.0.0.0 - INTENIUM GmbH)
Sandra Fleming Chronicles ?Crystal Skulls (HKLM-x32\...\Sandra Fleming Chronicles ?Crystal Skulls) (Version: 1.0.0.0 - INTENIUM GmbH)
Sarah抯 Ranch 2 (HKLM-x32\...\Sarah抯 Ranch 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Scarlett Frost und das Theater des Schreckens (HKLM-x32\...\Scarlett Frost und das Theater des Schreckens) (Version: 1.0.0.0 - INTENIUM GmbH)
Schachmeister 2010 (HKLM-x32\...\{F5E48D53-0EA8-46A8-9457-93F893B330EF}) (Version: 1.0 - ChessBase)
Schachmeister 2010 (x32 Version: 1.0 - ChessBase) Hidden
Sch鋞ze der geheimnisvollen Insel: Das Geisterschiff (HKLM-x32\...\Sch鋞ze der geheimnisvollen Insel: Das Geisterschiff) (Version: 1.0.0.0 - INTENIUM GmbH)
Screaming Frog SEO Spider (HKLM-x32\...\Screaming Frog SEO Spider) (Version: 3.2 - Screaming Frog Ltd)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Secunia PSI (3.0.0.2004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.2004 - Secunia)
Sengoku (HKLM-x32\...\{77CEF490-8C06-437D-A91A-725765DFE6E0}) (Version:  - )
Seven Seas Solitaire: Ein karibisches Abenteuer (HKLM-x32\...\Seven Seas Solitaire: Ein karibisches Abenteuer) (Version: 1.0.0.0 - INTENIUM GmbH)
ShadowProtect Desktop (x32 Version: 4.10.8605 - StorageCraft) Hidden
Sherlock Holmes und der Hund der Baskervilles (HKLM-x32\...\Sherlock Holmes und der Hund der Baskervilles) (Version: 1.0.0.0 - INTENIUM GmbH)
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Shroud of the Avatar (HKLM-x32\...\{E8334E02-EE1F-4DAF-960D-7AF5D8E829DF}) (Version: 0.1.0 - Portalarium)
Silent Scream: Die T?nzerin (HKLM-x32\...\Silent Scream: Die T?nzerin) (Version: 1.0.0.0 - INTENIUM GmbH)
Simplz:Zoo (HKLM-x32\...\Simplz:Zoo) (Version: 1.0.0.0 - INTENIUM GmbH)
Sins of a Solar Empire Demo (HKLM-x32\...\Sins of a Solar Empire Demo) (Version:  - Stardock Entertainment)
Sins of a Solar Empire Demo (x32 Version: 1.03.00 - Stardock Entertainment, Inc.) Hidden
Sins of a Solar Empire?: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - Ironclad Games)
SiSoftware Sandra Lite 2012.SP4c (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 18.52.2012.6 - SiSoftware)
Smash Frenzy 4 (HKLM-x32\...\Smash Frenzy 4) (Version: 1.0.0.0 - INTENIUM GmbH)
Snark Busters: Jetzt mit Vollgas (HKLM-x32\...\Snark Busters: Jetzt mit Vollgas) (Version: 1.0.0.0 - INTENIUM GmbH)
Solar 2 (HKLM-x32\...\{9A304435-E368-4F10-AB64-D6C1481D9AF9}) (Version: 1.1.0.0 - Murudai)
Solars Abenteuer (HKLM-x32\...\Solars Abenteuer) (Version: 1.0.0.0 - INTENIUM GmbH)
Soluto (HKLM\...\{32F9DBC7-95D1-469F-B7A3-678948D6DA32}) (Version: 1.3.1140.0 - Soluto)
Sonoscope (remove only) (HKLM-x32\...\Sonoscope) (Version:  - )
Sothink FLV Player (HKLM-x32\...\{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1) (Version: 2.3 - SourceTec Software Co., LTD)
Sothink SWF Decompiler (HKLM-x32\...\{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1) (Version: 4.5 - SourceTec Software Co., LTD)
Space Colony (HKLM-x32\...\{42C402C3-F95B-4BA2-BC90-99816AAF8159}) (Version:  - )
Space Empires V Demo (HKLM-x32\...\Space Empires V Demo_is1) (Version:  - )
SpaceChem (HKLM-x32\...\{5157A26D-28AF-4E96-99EE-25D510437653}_is1) (Version: 1007 - Zachtronics Industries)
SpaceChem Demo (HKLM-x32\...\{300D824F-DA86-4F08-B38C-3B204291AFE9}_is1) (Version: 1006 - Zachtronics Industries)
SpaceForce - Rogue Universe DEMO (HKLM-x32\...\SpaceForce - Rogue Universe DEMO1.0.0.0 DEMO) (Version: 1.0.0.0 DEMO - DreamCatcher)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.5.5.4 - Splashtop Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.)
Star Wolves (HKLM-x32\...\GOGPACKSTARWOLVES_is1) (Version: 2.0.0.3 - GOG.com)
Starpoint Gemini II (HKLM-x32\...\1207666123_is1) (Version: 2.0.0.1 - GOG.com)
Starsector by Fractal Softworks LLC (HKLM-x32\...\Starsector) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamripper (Remove only) (HKLM-x32\...\Streamripper) (Version:  - )
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Super Nautica (HKLM-x32\...\Super Nautica) (Version: 1.0.0.0 - INTENIUM GmbH)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1040 - SUPERAntiSpyware.com)
Sword of the Stars Complete Collection (HKLM-x32\...\Sword of the Stars) (Version: 1.8.0 - Lighthouse Interactive)
SX Virtual Link (HKLM\...\SX Virtual Link) (Version: 3.9.1 - silex technology, Inc.)
SysMetrix 3.44 (HKLM-x32\...\SysMetrix) (Version: 3.44 - Xymantix)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Tarot des Schicksals (HKLM-x32\...\Tarot des Schicksals) (Version: 1.0.0.0 - INTENIUM GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
Terrafarmers (HKLM-x32\...\Terrafarmers) (Version: 1.0.0.0 - INTENIUM GmbH)
The Dark Mod version 2.0 (HKLM-x32\...\{FB724A53-4B16-4710-B694-D7C17DA6F603}_is1) (Version: 2.0 - The Dark Mod Team)
The Ur-Quan Masters 0.7.0 (HKLM-x32\...\The Ur-Quan Masters) (Version: 0.7.0 - )
The Void (HKLM-x32\...\The Void_is1) (Version:  - )
Thief Gold version 1.37 (HKLM-x32\...\{43DD5CB5-3CB7-44EC-8A7A-2F300BED7301}_is1) (Version: 1.37 - Square Enix)
TightVNC (HKLM\...\{8011A67E-2702-4A4E-867E-F491EF8A04B3}) (Version: 2.5.1.0 - GlavSoft LLC.)
TightVNC 2.0.2 (HKLM-x32\...\TightVNC) (Version: 2.0.2 - GlavSoft LLC.)
Tiny Tale: Ein Troll für alle F?lle (HKLM-x32\...\Tiny Tale: Ein Troll für alle F?lle) (Version: 1.0.0.0 - INTENIUM GmbH)
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
TMPGEnc 4.0 XPress Testversion (HKLM-x32\...\{5F4B9958-F507-449A-A6E1-FD223314AF5A}) (Version: 4.7.8.309 - Pegasys Inc,)
TorchED (HKLM-x32\...\Runic Games TorchED) (Version: 1.0.68.226 - )
Torchlight (HKLM-x32\...\{4F64A46D-67F7-4497-AEA2-313D4305A5F6}) (Version: 1.15 - JoWooD)
Torchlight 2 (HKLM-x32\...\{049FF5E4-EB02-4c42-8DB0-226E2F7A9E53}) (Version: 1.1.1.1 - )
TortoiseSVN 1.8.5.25224 (64 bit) (HKLM\...\{57FCA88C-D94A-490A-B8C6-8ECC3A9A48D2}) (Version: 1.8.25224 - TortoiseSVN)
Tr?ume des Orients (HKLM-x32\...\Tr?ume des Orients) (Version: 1.0.0.0 - INTENIUM GmbH)
Tropico 3: Absolute Power (HKLM-x32\...\Tropico3) (Version: 2.01 - Kalypso Media)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 6.3a - TrueCrypt Foundation)
TSDoctor (HKLM-x32\...\{0272D74B-3630-48B1-A2A6-90B68DE6CE1E}) (Version: 1.0.75 - Cypheros)
Tulula: Die Legende des Vulkans (HKLM-x32\...\Tulula: Die Legende des Vulkans) (Version: 1.0.0.0 - INTENIUM GmbH)
Two Worlds (HKLM-x32\...\Two Worlds) (Version: 1.7.0.0 - Reality Pump)
Two Worlds II (HKLM-x32\...\Two Worlds II) (Version: 1.3.0.0 - )
Two Worlds II Castle Defense (HKLM-x32\...\Two Worlds II Castle Defense) (Version: 1.0.0 - )
Tyre (HKLM\...\Tyre_is1) (Version: 6.4.1.4 - 't Schrijverke)
Tyre (HKLM-x32\...\Tyre_is1) (Version: 6.4.1.4 - 't Schrijverke)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ultima 4 - Quest of the Avatar (HKLM-x32\...\GOGPACKULTIMA4FREE_is1) (Version: 2.0.0.19 - GOG.com)
UltraSearch V1.6.1 (HKLM-x32\...\UltraSearch_is1) (Version: 1.6.1 - JAM Software)
Uninstall trueSpace7.61 Beta 8 (HKLM-x32\...\Caligari trueSpace7.61 Beta 8_is1) (Version: 7.6 - Caligari Corp.)
Update 1.0.0.1 for "King’s Bounty Crossworlds" (HKLM-x32\...\{8BC85EE5-F169-482D-B818-117CD77E2093}_update1.0.0.1) (Version: 1.0.0.1 - )
URL Snooper v2.30.01 (HKLM-x32\...\URLSnooper 2_is1) (Version:  - DonationCoder.com)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Venetica (HKLM-x32\...\Venetica_is1) (Version:  - dtp)
Verschleierte Wirklichkeit (HKLM-x32\...\Verschleierte Wirklichkeit) (Version: 1.0.0.0 - INTENIUM GmbH)
Virtual City (HKLM-x32\...\Virtual City) (Version: 1.0.0.0 - INTENIUM GmbH)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VirtualDJ Home FREE (HKLM-x32\...\{A6AC699F-8315-40CA-8F70-E917494978AB}) (Version: 7.4 - Atomix Productions)
VisiPics V1.30 (HKLM-x32\...\VisiPics_is1) (Version:  - Ozone)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Visual Zip Password Recovery Processor (HKLM-x32\...\Visual Zip Password Recovery Processor) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Virtual Disk Development Kit (HKLM-x32\...\{547EB317-F9FC-4571-B66A-83B3C9D6A2C8}) (Version: 5.1.1.1042608 - VMware, Inc.)
WampServer 2.5 (HKLM-x32\...\WampServer 2_is1) (Version:  - Hervé Leclerc (HeL))
Warhammer 40,000: Dawn Of War - Gold Edition (HKLM-x32\...\{D0B36BAF-3E9D-423E-8821-ED238C18DB0A}) (Version: 1.51 - THQ)
WebLog Expert Lite 8.4 (HKLM-x32\...\WebLog Expert Lite_is1) (Version: 8.4 - Alentum Software Ltd.)
Websecurify 0.7 (HKLM-x32\...\Websecurify_is1) (Version:  - )
Wenlin 3.4.1 (HKLM-x32\...\Wenlin_is1) (Version: 3.4.1 - Wenlin Institute, Inc.)
Wenlin 4.2.2 (HKLM-x32\...\Wenlin4_is1) (Version: 4.2.2 - Wenlin Institute, Inc. SPC)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
WinDirStat 1.1.2 (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\WinDirStat) (Version:  - )
Windows 7 Codec Pack 4.1.1 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.1.1 - Windows 7 Codec Pack)
Windows Driver Package - ACER Incorporated (qcusbser) Modem  (10/12/2009 2.0.6.6) (HKLM\...\BF39BAA13199B9BFDFC03B6C26851E9F3246C6A2) (Version: 10/12/2009 2.0.6.6 - ACER Incorporated)
Windows Driver Package - ACER Incorporated (qcusbser) Ports  (10/12/2009 2.0.6.6) (HKLM\...\5F3015F0AD4F9F61F4D01EAE1AF322C1A901C27C) (Version: 10/12/2009 2.0.6.6 - ACER Incorporated)
Windows Driver Package - ACER, Inc (androidusb) USB  (10/12/2009 1.0.0010.00000) (HKLM\...\A61AC676A7F61C423134B0621CBA2D4134507A2D) (Version: 10/12/2009 1.0.0010.00000 - ACER, Inc)
Windows Driver Package - Silicon Laboratories (silabenm) Ports  (03/19/2014 6.7.0.0) (HKLM\...\B97004A400E30DCF940971EFA7A0C13C6B0A4B66) (Version: 03/19/2014 6.7.0.0 - Silicon Laboratories)
Windows Grep 2.3 (HKLM-x32\...\Windows Grep_is1) (Version:  - )
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinMount Free Edition, V3.4.0831 (HKLM\...\WinMount Free Edition_is1) (Version: 3.4.0831 - WinMount)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinSCP 4.3.8 (HKLM-x32\...\winscp3_is1) (Version: 4.3.8 - Martin Prikryl)
WinUtilities Undelete 3.1 (HKLM-x32\...\{FC274982-5AAD-4C20-848D-4424A5043A06}_is1) (Version:  - YL Computing, Inc)
Wireshark 1.8.4 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.8.4 - The Wireshark developer community, hxxp://www.wireshark.org)
WordFile Creator Pro (Chinese) 1.3 (HKLM-x32\...\WordFile Creator Pro (Chinese)_is1) (Version: 1.3.1303 - Declan Software, Inc.)
World Mosaics 5 (HKLM-x32\...\World Mosaics 5) (Version: 1.0.0.0 - INTENIUM GmbH)
World Mosaics 6: Die geheimnisvolle Sanduhr (HKLM-x32\...\World Mosaics 6: Die geheimnisvolle Sanduhr) (Version: 1.0.0.0 - INTENIUM GmbH)
World Riddles: Animals (HKLM-x32\...\World Riddles: Animals) (Version: 1.0.0.0 - INTENIUM GmbH)
World Riddles: Secrets of the Ages (HKLM-x32\...\World Riddles: Secrets of the Ages) (Version: 1.0.0.0 - INTENIUM GmbH)
wxLauncher (HKLM-x32\...\wxLauncher) (Version: 0.9.4 - wxLauncher Team)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version:  - )
X3 Reunion v2.5 (HKLM-x32\...\X3Reunion_is1) (Version:  - EGOSOFT)
X3 Terran Conflict v3.1 (HKLM-x32\...\X3TerranConflict_is1) (Version:  - EGOSOFT)
XAMPP 1.8.1 (HKLM-x32\...\xampp) (Version:  - )
XBMC (HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\XBMC) (Version:  - Team XBMC)
X-Com Apocalypse (HKLM-x32\...\{196BDDB7-8498-4C00-A73F-5D1B5717C7A8}_is1) (Version:  - GamersGate)
X-Com Enforcer (HKLM-x32\...\{9690B5DD-E1AE-4C35-87EB-A0AB939F2D26}_is1) (Version:  - GamersGate)
X-Com Interceptor (HKLM-x32\...\{D0CF6A7C-2367-40CF-A930-8B6E0A6CD4DE}_is1) (Version:  - GamersGate)
X-Com Terror from the Deep (HKLM-x32\...\{B92A9350-7D46-4DDD-B164-3DB892FA5FB7}_is1) (Version:  - GamersGate)
X-Com UFO Defence (HKLM-x32\...\{94F4BFB2-925F-4B20-AC88-343C556E1603}_is1) (Version:  - GamersGate)
Xenu's Link Sleuth (HKLM-x32\...\Xenu's Link Sleuth) (Version: 1.3.8 - Tilman Hausherr)
Yeti Quest: Pinguine im Einsatz (HKLM-x32\...\Yeti Quest: Pinguine im Einsatz) (Version: 1.0.0.0 - INTENIUM GmbH)
Youda Mystery: Das Stanwick-Erbe (HKLM-x32\...\Youda Mystery: Das Stanwick-Erbe) (Version: 1.0.0.0 - INTENIUM GmbH)
Youda Safari (HKLM-x32\...\Youda Safari) (Version: 1.0.0.0 - INTENIUM GmbH)
Youda Survivor 2 (HKLM-x32\...\Youda Survivor 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Zeit der Abenteuer: Der Held in dir (HKLM-x32\...\Zeit der Abenteuer: Der Held in dir) (Version: 1.0.0.0 - INTENIUM GmbH)
Zepter des Ra (Vollversion) (HKLM-x32\...\Zepter des Ra (Vollversion)) (Version: 1.0.0.0 - INTENIUM GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\volker\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001_Classes\CLSID\{42DAE51D-C239-4F1C-9EDB-AA2E56AEB2DF}\InprocServer32 -> C:\Users\volker\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\Uploader8_x64.ocx (Aurigma)
CustomCLSID: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001_Classes\CLSID\{49C9FECC-02EE-49D9-8171-F548577E7ACD}\InprocServer32 -> C:\Users\volker\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\Uploader8_x64.ocx (Aurigma)
CustomCLSID: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001_Classes\CLSID\{64158948-3A52-4AF2-95CD-78A8B663014E}\InprocServer32 -> C:\Users\volker\AppData\Local\Microsoft\Windows Sidebar\Gadgets\AGWWeatherMetar[1].gadget\AGWWeatherMetar.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001_Classes\CLSID\{A50CBD94-7618-4116-892A-648CD02E4E57}\InprocServer32 -> C:\Users\volker\AppData\Local\Microsoft\Windows Sidebar\Gadgets\minibrowser072[1].gadget\MB64.ocx (Eduardo Mancero)
CustomCLSID: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\volker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\volker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\volker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\volker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\volker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\volker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\volker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\volker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\volker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\volker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0C13D5E6-5634-4D5F-832B-77D88484F9B9} - System32\Tasks\Microsoft\MaxBuddy => C:\Games\MaxBuddy916\MAX!Buddy.exe
Task: {1CE7346B-EFDF-4BD6-8E38-D212A3A48C3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {20A68D88-E1C1-418D-8B86-70D6FF785584} - System32\Tasks\{B4C6FE10-E204-42AE-852F-158912D45D47} => pcalua.exe -a E:\Games\GALCIV~1\UNWISE.EXE -c E:\Games\GALCIV~1\INSTALL.LOG
Task: {3794C501-F288-4AC9-9F43-1CA82823D102} - System32\Tasks\Music SoundBridge => S:\_AudioServer\004_music.bat [2013-05-01] ()
Task: {390205E9-132C-41A5-863A-AFF0B80BBDFD} - System32\Tasks\{B50E333F-47FB-4027-B5D6-718CCB495E8F} => pcalua.exe -a Z:\Nici\Nici.exe -d C:\Users\volker\Desktop\Diverses\FOR_Z
Task: {3ADBCFBE-28C1-423E-B15D-B98C61619E1E} - System32\Tasks\UbuntuStart
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {5CD5083C-A9E7-4C3D-AA3E-7D17C3741DE3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2245305492-3031918622-1259896419-1001UA => C:\Users\volker\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {6535FD57-1ECF-45A2-8F59-3613820454E1} - System32\Tasks\{737AF542-B8BA-4090-800C-989C6E68A790} => E:\Games\DungeonSiege2\DungeonSiege2.exe
Task: {7B55D18E-47CD-47AF-8375-8140092BCB82} - System32\Tasks\{0CB2EBD9-FE9B-4AB6-B843-7C770FF3A296} => C:\tmp\nvidia-island-demo-installer.exe
Task: {82F08E50-F69B-4A67-8C51-5B1A45DED64D} - System32\Tasks\Macrium-Backup-{E55A40A9-5BB6-4F15-B40E-46AAECC47709} => E:\Games\Reflect\reflect.exe
Task: {965C4BC1-7AB2-480A-A9DF-82F00232FDDB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2245305492-3031918622-1259896419-1001Core => C:\Users\volker\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {A3814213-58F2-4E45-B004-FFF53350EB6D} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [2015-08-19] (Oracle Corporation)
Task: {A89E7FA1-31E5-4D4D-8446-E1A66FCFA39E} - System32\Tasks\Macrium-Backup-{2FA4F3E8-ED06-4C68-BAAE-30F88E43ED56} => E:\Games\Reflect\reflect.exe
Task: {AC60A694-4E71-43CC-9155-F4EB7436B628} - System32\Tasks\{50764391-5DA4-45B5-8EDE-95B6E5E6B8DB} => E:\Games\SteamLibrary\steamapps\common\Dungeon Siege 1\DungeonSiege.exe
Task: {AC7A1580-19F3-44C7-AFF7-E568C79970B7} - System32\Tasks\{74849240-7A21-49BD-A4BC-48DFEF818A45} => pcalua.exe -a C:\tmp\nvidia-island-demo-installer.exe -d C:\tmp
Task: {B1DB28BF-AEDC-4ED9-8D3B-FD03F75CCF89} - System32\Tasks\{E880B556-4282-417E-AD49-8A984294C33A} => E:\Games\SteamLibrary\steamapps\common\Dungeon Siege 1\DungeonSiege.exe
Task: {BFCD94C6-FBD7-44B8-84AC-C312FD03C65A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {C8695462-7077-4236-B869-2A06F6987450} - System32\Tasks\{04E39708-EF8E-41E0-9779-70B117936ED8} => C:\tmp\nvidia-island-demo-installer.exe
Task: {CB004093-78E8-4B59-B910-8334E606A62D} - System32\Tasks\Microsoft\TemperatureLogging => C:\Games\wget\bin\runme.bat [2012-12-26] ()
Task: {D1D23242-DB2B-41B6-81F0-14E3A1604A02} - System32\Tasks\{02014CFB-29FC-4BE4-B958-CEE6853B3917} => E:\0TEMP\dfdfdf\Setup_HMCFG.exe
Task: {DAA4BCA6-6B61-497C-B719-1603D5C832A0} - System32\Tasks\{1EAB14B8-4233-424C-954A-7A792F156604} => pcalua.exe -a "C:\Users\volker\Downloads\Firefox Setup 3.5.5.exe" -d C:\Users\volker\Desktop
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {E0B7605C-3EC1-4A9E-8314-BEB57304C64A} - System32\Tasks\{1BF56495-CAB9-4A1F-861A-358A64671369} => pcalua.exe -a C:\tmp\vdk\VMware-mount-5.5.0-18463.exe -d C:\tmp\vdk
Task: {E1FC3BC9-08AF-4F79-94AF-C80F790CC12F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {EE1EFA95-1058-4F3E-A4DD-74366AD09D1A} - System32\Tasks\{4CAD5F19-AB8D-4FC6-B677-89E70A92B00B} => E:\Games\ChildrenOfTheNile\CotN.exe
Task: {F3F05CB1-4A2F-4ED9-860E-6609803DA15F} - System32\Tasks\ProcessExplorer => /t

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2245305492-3031918622-1259896419-1001Core.job => C:\Users\volker\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2245305492-3031918622-1259896419-1001UA.job => C:\Users\volker\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Macrium-Backup-{2FA4F3E8-ED06-4C68-BAAE-30F88E43ED56}.job => E:\Games\Reflect\reflect.exeY-e -w S:\Backups\__MeinPC\MyBackup.xml
Task: C:\Windows\Tasks\Macrium-Backup-{E55A40A9-5BB6-4F15-B40E-46AAECC47709}.job => E:\Games\Reflect\reflect.exeX-e -w S:\Backups\__MeinPC\MyBackup.xml

==================== Verknüpfungen =============================

(Die Eintr?ge k?nnen gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\volker\Downloads\00_putty\ClickMe_Videos_RunasAdministrator.bat.lnk -> C:\Users\volker\Downloads\00_putty\Videos_RunasAdministrator.bat ()
Shortcut: C:\Users\volker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.1.6-p336-x64\Interactive Ruby.lnk -> C:\Games\RoR\Ruby21-x64\bin\irb.bat ()
Shortcut: C:\Users\volker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 1.9.3-p194\Interactive Ruby.lnk -> C:\Volker\Heroku\ruby-1.9.2\bin\irb.bat ()

ShortcutWithArgument: C:\Users\volker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.1.6-p336-x64\Start Command Prompt with Ruby.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /E:ON /K C:\Games\RoR\Ruby21-x64\bin\setrbvars.bat
ShortcutWithArgument: C:\Users\volker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 1.9.3-p194\Start Command Prompt with Ruby.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /E:ON /K C:\Volker\Heroku\ruby-1.9.2\bin\setrbvars.bat
ShortcutWithArgument: C:\Users\volker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js command prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Games\nodejs\nodevars.bat"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-05-28 10:18 - 2006-02-23 10:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2012-05-28 10:18 - 2006-02-22 09:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2012-03-04 10:53 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2015-09-18 16:53 - 2015-09-18 16:53 - 13067264 _____ () C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
2016-01-12 19:26 - 2015-12-09 02:52 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-04-20 20:11 - 2012-04-25 17:56 - 00129550 _____ () C:\Games\cygwin\bin\cygrunsrv.exe
2013-04-20 20:11 - 2013-04-02 15:40 - 00465437 _____ () C:\Games\cygwin\usr\sbin\sshd.exe
2014-02-18 21:16 - 2014-02-18 21:16 - 00076016 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2014-02-18 21:16 - 2014-02-18 21:16 - 00088816 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2013-04-20 20:11 - 2011-10-26 05:26 - 00008206 _____ () C:\Games\cygwin\bin\cygssp-0.dll
2013-04-20 20:11 - 2012-05-07 12:18 - 00007182 _____ () C:\Games\cygwin\bin\cygcrypt-0.dll
2013-04-20 20:11 - 2012-05-13 05:15 - 00072718 _____ () C:\Games\cygwin\bin\cygz.dll
2013-04-20 20:11 - 2011-10-26 05:26 - 00080910 _____ () C:\Games\cygwin\bin\cyggcc_s-1.dll
2013-04-20 20:11 - 2013-01-01 09:33 - 00183837 _____ () C:\Games\cygwin\bin\cyggssapi-3.dll
2013-04-20 20:11 - 2013-01-01 09:34 - 00020509 _____ () C:\Games\cygwin\bin\cygheimntlm-0.dll
2013-04-20 20:11 - 2013-01-01 09:34 - 00381469 _____ () C:\Games\cygwin\bin\cygkrb5-26.dll
2013-04-20 20:11 - 2013-01-01 09:33 - 00459293 _____ () C:\Games\cygwin\bin\cygasn1-8.dll
2013-04-20 20:11 - 2013-01-01 09:34 - 00052253 _____ () C:\Games\cygwin\bin\cygroken-18.dll
2013-04-20 20:11 - 2013-03-11 03:10 - 00009757 _____ () C:\Games\cygwin\bin\cygcom_err-2.dll
2013-04-20 20:11 - 2013-01-01 09:34 - 00160797 _____ () C:\Games\cygwin\bin\cygwind-0.dll
2013-04-20 20:11 - 2013-01-01 09:34 - 00216093 _____ () C:\Games\cygwin\bin\cyghx509-5.dll
2013-04-20 20:11 - 2013-04-16 18:19 - 00597021 _____ () C:\Games\cygwin\bin\cygsqlite3-0.dll
2013-04-20 20:11 - 2013-01-01 09:33 - 00010781 _____ () C:\Games\cygwin\bin\cygheimbase-1.dll
2013-04-20 20:11 - 2013-01-01 09:34 - 00021021 _____ () C:\Games\cygwin\bin\cygkafs-0.dll
2013-04-20 20:11 - 2010-03-28 10:02 - 00028174 _____ () C:\Games\cygwin\bin\cygwrap-0.dll
2010-06-10 16:34 - 2010-06-10 16:34 - 00204800 _____ () C:\Program Files (x86)\Notepad++\plugins\ComparePlugin.dll
2009-12-28 02:32 - 2009-12-28 02:32 - 00180224 _____ () C:\Program Files (x86)\Notepad++\plugins\LightExplorer.dll
2014-02-18 20:32 - 2014-02-18 20:32 - 00065776 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2014-02-18 20:32 - 2014-02-18 20:32 - 00071920 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2011-07-18 22:07 - 2011-07-18 22:07 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2015-01-26 01:47 - 2015-01-26 01:47 - 02748416 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
2008-11-11 18:48 - 2008-11-11 18:48 - 00074240 _____ () C:\Program Files (x86)\Notepad++\plugins\NppNetNote.dll
2007-08-05 02:10 - 2007-08-05 02:10 - 00250368 _____ () C:\Program Files (x86)\Notepad++\plugins\Config\tidy\libTidy.dll
2015-06-23 12:09 - 2015-12-09 02:53 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\volker:gs5sys
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\ProgramData\TEMP:408F95E5
AlternateDataStreams: C:\ProgramData\TEMP:618D0840
AlternateDataStreams: C:\ProgramData\TEMP:CA23F7C8
AlternateDataStreams: C:\ProgramData\TEMP:CC345777
AlternateDataStreams: C:\ProgramData\TEMP:E590E5B2
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\volker\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\volker\Cookies:gs5sys
AlternateDataStreams: C:\Users\volker\Lokale Einstellungen:gs5sys
AlternateDataStreams: C:\Users\volker\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\volker\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\volker\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\volker\AppData\Local\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\volker\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\volker\Documents\desktop.ini:gs5sys

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SolutoService => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschr?nkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\pps.tv -> hxxp://pps.tv
IE trusted site: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\ppstream.com -> hxxp://ppstream.com
IE trusted site: HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\...\webscache.com -> hxxp://webscache.com

==================== Hosts Inhalt: ==========================

(Wenn ben?tigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2014-11-01 23:19 - 00001094 ____A C:\Windows\system32\Drivers\etc\hosts

192.168.178.1   fritz.box
192.168.178.20 volker-pc
192.168.178.21 liese-pc
192.168.178.24 mybooklive
192.168.178.29 radio-roku
192.168.178.30 max-cube
192.168.178.45 TL-801N
192.168.178.49 powermanager
192.168.178.220 linksys-WRT54GL
127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2245305492-3031918622-1259896419-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\volker\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Eintr?ge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^Users^volker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PPS.lnk => C:\Windows\pss\PPS.lnk.Startup
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: aiko => C:\Users\volker\AppData\Roaming\SexGameDevil\aiko.exe
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\volker\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Alamandi tray notifier => E:\Games\DeutschlandSpielt\Alamandi\TaskBarNotifier.exe
MSCONFIG\startupreg: ApacheTomcatMonitor7.0_Tomcat7 => "C:\Games\Tomcat7.0\bin\Tomcat7w.exe" //MS//Tomcat7
MSCONFIG\startupreg: AutoRunnerU => C:\Program Files (x86)\AutoRunnerU\arusrv.exe /run
MSCONFIG\startupreg: AutoRunnerX => C:\Program Files (x86)\AutoRunnerX\arxsrv.exe /run
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: Energenie Power Manager => "C:\Games\PowerManager\pm.exe" -winstartup
MSCONFIG\startupreg: FlashPlayerUpdate => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -update plugin
MSCONFIG\startupreg: hola => C:\Program Files\Hola\app\hola.exe --tray --autorun
MSCONFIG\startupreg: Langenscheidt 7 => "E:\Games\Langenscheidt7\Langenscheidt.exe" -autorun
MSCONFIG\startupreg: Media Finder => "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray
MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\volker\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
MSCONFIG\startupreg: PPS Accelerator => C:\Games\PPStream\ppsap.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SGD aiko => C:\Users\volker\AppData\Roaming\SexGameDevil\aiko.exe
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Spiele Post => C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe
MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave
MSCONFIG\startupreg: uTorrent => "C:\Users\volker\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: Web Video Downloader => "C:\Program Files (x86)\Sothink Web Video Downloader Stand-alone\VideoDownloader.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{AB81E670-717C-402B-9322-6016D8F7A323}] => (Allow) C:\Program Files (x86)\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{A0C82A65-1434-404D-9B0E-37E74E974ED2}] => (Allow) C:\Program Files (x86)\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{93B0EF71-6D30-4996-BF71-E2829260360A}] => (Allow) C:\Program Files (x86)\Dragon Age\DAOriginsLauncher.exe
FirewallRules: [{837037CD-82B3-447C-95E1-86F285769915}] => (Allow) C:\Program Files (x86)\Dragon Age\DAOriginsLauncher.exe
FirewallRules: [{DF03AD0E-F42C-44D6-9692-A4F32705D886}] => (Allow) C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe
FirewallRules: [{ECF3AFE2-1232-442F-8B38-9833660D5CDD}] => (Allow) C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe
FirewallRules: [{09494495-256D-40CE-9060-B03BF869AD63}] => (Allow) C:\Program Files (x86)\Neverwinter Nights 2\nwn2main.exe
FirewallRules: [{145D3B0E-C142-4F9E-A85C-69B945C032B0}] => (Allow) C:\Program Files (x86)\Neverwinter Nights 2\nwn2main.exe
FirewallRules: [{0D62901E-F458-4FDF-AD29-00F4EA6075CB}] => (Allow) C:\Program Files (x86)\Neverwinter Nights 2\nwn2main_amdxp.exe
FirewallRules: [{D3822466-83BB-489F-B32E-3C136A731330}] => (Allow) C:\Program Files (x86)\Neverwinter Nights 2\nwn2main_amdxp.exe
FirewallRules: [{742DE436-11B3-4695-928B-BA9570836BB5}] => (Allow) C:\Program Files (x86)\Neverwinter Nights 2\nwupdate.exe
FirewallRules: [{0473AC0E-9AD1-455E-99AF-A104A7E94EB2}] => (Allow) C:\Program Files (x86)\Neverwinter Nights 2\nwupdate.exe
FirewallRules: [{48A51907-0664-44B4-8F7D-E5B6F053B8A5}] => (Allow) C:\Program Files (x86)\Neverwinter Nights 2\nwn2server.exe
FirewallRules: [{48CB5436-2A42-4E82-A989-45ECECAEB931}] => (Allow) C:\Program Files (x86)\Neverwinter Nights 2\nwn2server.exe
FirewallRules: [{F50E1FFF-D330-41BF-99B0-DFDEF54C7878}] => (Allow) E:\Games\Sacred 2 - Gold\system\s2gs.exe
FirewallRules: [{73CD8E8C-3A36-48FE-9746-45C4F4968CD6}] => (Allow) E:\Games\Sacred 2 - Gold\system\s2gs.exe
FirewallRules: [{CD81B67E-8D71-4B9B-89BE-505E6CAC4C14}] => (Allow) E:\Games\Sacred 2 - Gold\system\sacred2.exe
FirewallRules: [{B480DF8A-07A9-4372-A719-0D1C7A19D990}] => (Allow) E:\Games\Sacred 2 - Gold\system\sacred2.exe
FirewallRules: [{4E877D3D-7986-4959-A0FD-48868BF49E90}] => (Allow) E:\Games\Lost\Lost Via Domus\Yeti_Final_Win32.exe
FirewallRules: [{75B65EE9-E717-41AB-AA4C-8B59F2F1DA4C}] => (Allow) E:\Games\Lost\Lost Via Domus\Yeti_Final_Win32.exe
FirewallRules: [{7F81F5B1-7196-4C90-ACCB-6D21723B23AF}] => (Allow) E:\Games\Lost\Lost Via Domus\gu.exe
FirewallRules: [{48B53744-9D6B-4152-8EB4-2820A5B23396}] => (Allow) E:\Games\Lost\Lost Via Domus\gu.exe
FirewallRules: [{5D44C239-5A5F-42D6-AA01-DA0FFC4A9C6D}] => (Allow) E:\Games\Lost\Lost Via Domus\detection\Launcher.exe
FirewallRules: [{0D896512-9401-41C6-8479-3270244741C1}] => (Allow) E:\Games\Lost\Lost Via Domus\detection\Launcher.exe
FirewallRules: [{7B9526A6-2485-4F41-B17C-E3E9B6655F30}] => (Allow) C:\Program Files (x86)\PPStream\PPStream.exe
FirewallRules: [{235E8565-B52F-4DB8-83E5-FCEBA13864A7}] => (Allow) C:\Program Files (x86)\PPStream\PPStream.exe
FirewallRules: [{27AEF509-EE8F-4EB8-A41C-03CE895FA65F}] => (Allow) C:\Program Files (x86)\PPStream\PPSAP.exe
FirewallRules: [{F2F4564B-DC52-4F93-99A1-6C57AAA1E870}] => (Allow) C:\Program Files (x86)\PPStream\PPSAP.exe
FirewallRules: [{D6B6053F-CE52-4CCF-888F-EE709D92992E}] => (Allow) C:\Program Files (x86)\TightVNC\tvnserver.exe
FirewallRules: [{E8234C92-B85C-4C66-87E6-EA3A30F627DE}] => (Allow) C:\Program Files (x86)\TightVNC\tvnserver.exe
FirewallRules: [{1F5A83FA-F285-4B1E-8C33-6F1C805F7FB4}] => (Allow) C:\Program Files (x86)\TightVNC\vncviewer.exe
FirewallRules: [{CE2C35B6-53DF-403C-B368-4A35FE296A30}] => (Allow) C:\Program Files (x86)\TightVNC\vncviewer.exe
FirewallRules: [{8FEDA75E-7EA0-441C-A191-2656C0D7E523}] => (Allow) E:\Games\Anno1404\Anno4.exe
FirewallRules: [{BBF49643-71F7-4332-B5AC-FE65EBBFB593}] => (Allow) E:\Games\Anno1404\Anno4.exe
FirewallRules: [{3CC7E587-44BD-4BFB-A63F-04FE661AAAEA}] => (Allow) E:\Games\Anno1404\tools\Anno4Web.exe
FirewallRules: [{436B32E8-7286-40D9-819F-D025CF8188AE}] => (Allow) E:\Games\Anno1404\tools\Anno4Web.exe
FirewallRules: [{3A80E85D-8F84-4098-B872-C1AA57FB0D91}] => (Allow) C:\Games\PPStream\PPStream.exe
FirewallRules: [{FA443FE8-8D7E-4E27-A4C4-3C0615DBED0C}] => (Allow) C:\Games\PPStream\PPStream.exe
FirewallRules: [{0E5C363D-B07A-4F8E-A7D9-9C57B87E0784}] => (Allow) C:\Games\PPStream\PPSAP.exe
FirewallRules: [{FC6E84EA-94B5-4164-9230-F0A69F1CDA94}] => (Allow) C:\Games\PPStream\PPSAP.exe
FirewallRules: [{6F9660A1-4B44-433D-89B5-F796EA92FCA6}] => (Allow) E:\Games\Steam\Steam.exe
FirewallRules: [{39655184-FA0E-4539-87C8-B4A3518765DD}] => (Allow) E:\Games\Steam\Steam.exe
FirewallRules: [{E32EFFF3-90F4-4B30-9DEF-524B9A2B0CE7}] => (Allow) E:\Games\Black Prophecy\BIN\WIN32\BlackProphecy.exe
FirewallRules: [{A3CDE9AB-24A0-4560-8C83-68CFF5086DEE}] => (Allow) E:\Games\Black Prophecy\BIN\WIN32\BlackProphecy.exe
FirewallRules: [{02163E17-5771-4C20-9DC5-A97D716BCD39}] => (Allow) E:\Games\Black Prophecy\BIN\WIN32\BlackProphecy.exe
FirewallRules: [{FB6137E9-0BC5-4B11-8C5B-CA646BBBDEA6}] => (Allow) E:\Games\Black Prophecy\BIN\WIN32\BlackProphecy.exe
FirewallRules: [{BAD76533-8215-445E-AD77-CC53B8790152}] => (Allow) E:\Games\Black Prophecy\BIN\WIN32\Launcher.exe
FirewallRules: [{36460979-36A0-4D91-BFA8-0CBB0EC2ACF5}] => (Allow) E:\Games\Black Prophecy\BIN\WIN32\Launcher.exe
FirewallRules: [{AEA46621-0A38-4607-AB00-F17FD218BCD0}] => (Allow) E:\Games\Black Prophecy\BIN\WIN32\Launcher.exe
FirewallRules: [{85773924-8B13-4320-9167-0DA9D58459BC}] => (Allow) E:\Games\Black Prophecy\BIN\WIN32\Launcher.exe
FirewallRules: [{C3D268F5-3931-4E60-AB11-A19EC3751E22}] => (Allow) E:\Games\Black Prophecy\BIN\WIN32\Patcher.exe
FirewallRules: [{18BD4718-37A8-4459-AF93-AE359CA014F2}] => (Allow) E:\Games\Black Prophecy\BIN\WIN32\Patcher.exe
FirewallRules: [{607F1BE9-C236-4F46-AAA0-83837301A8BA}] => (Allow) E:\Games\Black Prophecy\BIN\WIN32\Patcher.exe
FirewallRules: [{F5713243-FA2F-418C-B71A-DED24B7B8949}] => (Allow) E:\Games\Black Prophecy\BIN\WIN32\Patcher.exe
FirewallRules: [{19B3B989-6D2C-4746-8721-6AF60AE10584}] => (Allow) C:\Users\volker\Downloads\solutoinstaller.exe
FirewallRules: [{C63DF2F6-25BF-46DA-9D1A-698B6D247A4A}] => (Allow) C:\Users\volker\Downloads\solutoinstaller.exe
FirewallRules: [{AA77B111-7AB4-438A-9CE7-05E6C9A39191}] => (Allow) C:\Games\SiSoftware Sandra Lite 2012.SP4c\RpcAgentSrv.exe
FirewallRules: [{FCEE9437-B546-48C2-B615-70A4E9416F39}] => (Allow) E:\Games\TwoWorlds\TwoWorlds.exe
FirewallRules: [{82586C47-8F05-4A07-80E8-363BAB61EF76}] => (Allow) E:\Games\TwoWorlds\TwoWorlds.exe
FirewallRules: [{46263085-D02C-4032-A6EA-D9804CEC3B8F}] => (Allow) E:\Games\TwoWorlds\TwoWorlds_RADEON.exe
FirewallRules: [{20B8F05D-4629-421F-B56F-303D2844AD39}] => (Allow) E:\Games\TwoWorlds\TwoWorlds_RADEON.exe
FirewallRules: [{C345463D-51AE-4171-9CAF-A3EA69629C4F}] => (Allow) LPort=62910
FirewallRules: [{E3C3543E-B8DF-4BAA-ACEE-0D07816EB1F2}] => (Allow) LPort=23272
FirewallRules: [{970CB63C-763B-472C-B9FA-94D107389A55}] => (Allow) LPort=23272
FirewallRules: [{BB5AD949-170B-45F1-885D-2FEB247C895F}] => (Allow) LPort=62910
FirewallRules: [{6EBE20E5-AE06-4DF3-AFAB-1290D2866639}] => (Allow) E:\Games\Torchlight2\tl2.runic.launcher.exe
FirewallRules: [{269888C9-0093-4BE9-B1E4-110F74CCAFD9}] => (Allow) E:\Games\Torchlight2\tl2.runic.launcher.exe
FirewallRules: [{750DD8DE-3265-4ABB-A4A0-9C05A023DD16}] => (Allow) E:\Games\Torchlight2\Torchlight2.exe
FirewallRules: [{8DCF4A05-93B8-4A9D-B03A-4BFF3F8BE9CC}] => (Allow) E:\Games\Torchlight2\Torchlight2.exe
FirewallRules: [{85D46B2D-7839-4107-A5AD-5D4CFD17E7CE}] => (Allow) C:\Program Files\Soluto\SolutoCleanup.exe
FirewallRules: [{E0F67C67-3A23-4232-9484-7631F9E1442D}] => (Allow) C:\Program Files\Soluto\SolutoCleanup.exe
FirewallRules: [{B9392D67-CE17-4BB2-9971-7050C1881856}] => (Allow) C:\Program Files\Soluto\Soluto.exe
FirewallRules: [{FCE3BCA1-95EB-4B6A-B264-A8B189EDA6AC}] => (Allow) C:\Program Files\Soluto\Soluto.exe
FirewallRules: [{FE3CD19D-67D2-43C2-B5EC-27AA8E496000}] => (Allow) C:\Program Files\Soluto\SolutoService.exe
FirewallRules: [{AC4C3C30-AB74-493A-99BA-85F96877081E}] => (Allow) C:\Program Files\Soluto\SolutoService.exe
FirewallRules: [{32A93164-DACD-459B-B914-B861720F0D76}] => (Allow) C:\Program Files\Soluto\SolutoConsole.exe
FirewallRules: [{9BF19BB9-3616-486B-8634-E3D7BB7C33B1}] => (Allow) C:\Program Files\Soluto\SolutoConsole.exe
FirewallRules: [{128CC1C0-0828-418B-B9B9-7D025EB03ADC}] => (Allow) C:\Program Files\Soluto\SolutoUpdateService.exe
FirewallRules: [{8919BA09-A817-4784-BFB7-CC19E7CE7492}] => (Allow) C:\Program Files\Soluto\SolutoUpdateService.exe
FirewallRules: [{C059A893-3621-494E-A6FF-976DC5C2182F}] => (Allow) C:\Program Files (x86)\NCH Software\BroadWave\broadwave.exe
FirewallRules: [{3B56192F-3D9B-4504-8AF9-4C55287A031E}] => (Allow) C:\Program Files (x86)\NCH Software\BroadWave\broadwave.exe
FirewallRules: [{595139B5-51FA-474D-A3F4-DAB71F5D05BF}] => (Allow) C:\Program Files (x86)\NCH Software\BroadWave\broadwave.exe
FirewallRules: [{46374BAF-79B6-4BC0-B6FB-A642BD27AE54}] => (Allow) C:\Program Files (x86)\NCH Software\BroadWave\broadwave.exe
FirewallRules: [{327D1EF5-CD0E-43E0-9170-CD7E48908CD1}] => (Allow) C:\Program Files (x86)\NCH Software\BroadWave\broadwave.exe
FirewallRules: [{0103E268-5BF5-498E-9A10-B90E0DCFE551}] => (Allow) C:\Program Files (x86)\NCH Software\BroadWave\broadwave.exe
FirewallRules: [{4395EE1C-795A-45F3-87D6-C5A876B12611}] => (Allow) C:\Program Files (x86)\NCH Software\BroadWave\broadwave.exe
FirewallRules: [{34A34815-B8A0-4626-A6BE-40185070BCB9}] => (Allow) C:\Program Files (x86)\NCH Software\BroadWave\broadwave.exe
FirewallRules: [{84CA914D-2D09-409F-A9C8-86B39D21318C}] => (Allow) C:\Games\Fiddler2\Fiddler.exe
FirewallRules: [{95D49544-1F95-457E-AAEE-77E47AB19404}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{23302C41-7151-4082-AE35-31A14CC7E0E3}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{2439A7CC-5BF3-4CF5-941C-A9E4B62DBA44}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [{50874DDF-5573-4A56-8268-EC05C7E93853}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [{6AC1A263-2AFC-430B-948D-DAE0EBD67ED5}] => (Allow) E:\Games\TwoWorldsII\TwoWorlds2.exe
FirewallRules: [{41521075-EF96-4F99-87A1-AB16DC05D381}] => (Allow) E:\Games\TwoWorldsII\TwoWorlds2.exe
FirewallRules: [{727B18DD-FE06-49B8-81EF-C1D2A705F058}] => (Allow) E:\Games\TwoWorldsII\TwoWorlds2_DX10.exe
FirewallRules: [{5F657F55-69B4-4AFD-9825-0FCB265450F7}] => (Allow) E:\Games\TwoWorldsII\TwoWorlds2_DX10.exe
FirewallRules: [{31C0D24D-86AD-4A3A-ACC1-FB9B29041356}] => (Allow) E:\Games\TwoWorldsIICastleDefense\TW2CD.exe
FirewallRules: [{C119D2B3-AB91-4075-83C3-727C855546ED}] => (Allow) E:\Games\TwoWorldsIICastleDefense\TW2CD.exe
FirewallRules: [{ED766DC7-E9CF-4E10-BB6F-2180FD7C05D1}] => (Allow) C:\Users\volker\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9FC7DF55-1076-4478-B090-5367D0243B38}] => (Allow) C:\Users\volker\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4E16859C-2157-4E01-BD1E-BF714F2E38B3}] => (Allow) C:\Users\volker\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B1D61959-E42B-4823-B282-3F22F421E9CD}] => (Allow) C:\Users\volker\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{99D3E199-22D3-49C1-B7D7-D6E9E1B47B17}] => (Allow) C:\Games\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{B068FF23-BC0A-46F5-B8AA-74A53E5A682F}] => (Allow) E:\Games\Sins_of_a_Solar_Empire_Demo\Sins of a Solar Empire.exe
FirewallRules: [{10803394-DF59-42D0-8E16-FA469A7A163B}] => (Allow) E:\Games\Sins_of_a_Solar_Empire_Demo\Sins of a Solar Empire.exe
FirewallRules: [{5A553020-897C-4F1F-9CFC-430E0FAAC443}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9EC518FB-82EA-4898-BFA8-56A5B2879759}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7A497337-22A6-491F-BDC3-5532614AFAAA}] => (Allow) C:\Games\SiSoftware Sandra Lite 2012.SP4c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{BB10DE63-C26B-4B73-ABE3-848F36F37EDC}] => (Allow) C:\Program Files\silex technology\SX Virtual Link\Connect.exe
FirewallRules: [{4562AE84-4915-489D-A59E-8738663FD355}] => (Allow) LPort=19540
FirewallRules: [{F431304D-D76D-4EC4-B83E-CD86A7DDB773}] => (Allow) C:\Program Files (x86)\BidCoS Service\lanif_config.exe
FirewallRules: [{04555250-B483-47B6-863D-E8F7F5AE5861}] => (Allow) C:\Program Files (x86)\BidCoS Service\lanif_config.exe
FirewallRules: [{090E658D-60A5-4BD5-8B09-5C4AFEA3237F}] => (Allow) C:\Program Files (x86)\BidCoS Service\lanif_config_gui.exe
FirewallRules: [{B66B0819-032B-4206-9683-30FFB278B25E}] => (Allow) C:\Program Files (x86)\BidCoS Service\lanif_config_gui.exe
FirewallRules: [{9FBD4B2A-CB9E-4F53-AB00-C8CDFEA3E9C4}] => (Allow) C:\Program Files (x86)\HomeMatic Config\lanif_config_gui.exe
FirewallRules: [{4DC61C1C-8690-4C70-BA0C-3EE8EDCAC04F}] => (Allow) C:\Program Files (x86)\HomeMatic Config\tclsh85t.exe
FirewallRules: [{60D3E41E-51C3-4E84-AF88-E1E67AFAD9CD}] => (Allow) C:\Program Files (x86)\HomeMatic Config\hm_config.exe
FirewallRules: [{C403AC82-88DC-4669-A564-92F9B274A5B8}] => (Allow) C:\Program Files (x86)\HomeMatic Config\lanif_config_gui.exe
FirewallRules: [{BCD4D8A7-54BD-418F-990C-116B6960486C}] => (Allow) C:\Program Files (x86)\HomeMatic Config\hm_config.exe
FirewallRules: [{2F3E68D9-1A9E-44F3-AA9E-83E39F9421F2}] => (Allow) C:\Program Files (x86)\HomeMatic Config\rfd.exe
FirewallRules: [{44C81D48-4AA3-4F0F-BC32-F5655B9A6436}] => (Allow) C:\Program Files (x86)\HomeMatic Config\rfd.exe
FirewallRules: [{955D88BF-B0C1-42D4-94E5-1768A5F9383F}] => (Allow) C:\Program Files (x86)\HomeMatic Config\tclsh85t.exe
FirewallRules: [{DF77E066-0AB9-4BC6-B3C8-DD26A16726FB}] => (Allow) C:\Users\volker\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BF5C0324-1F47-4021-BEE5-9D109619E036}] => (Allow) C:\Users\volker\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2E5FFD82-5943-440C-929E-9A2F6D66B4B6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{037AEDFF-71B0-4BE7-A141-EC4A5D097341}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{2AC4377D-A8BC-4737-A646-C473C1AA6A83}] => (Allow) E:\Games\ANNO2070\Anno5.exe
FirewallRules: [{FD896A4A-9248-4B41-83E2-DBF182A319B8}] => (Allow) E:\Games\ANNO2070\Anno5.exe
FirewallRules: [{5CFFDF2E-BFB3-4B1E-AC5A-96D83DC3A8A7}] => (Allow) E:\Games\ANNO2070\AutoPatcher.exe
FirewallRules: [{26E6F110-2390-45B7-B6DF-9652DDDD8370}] => (Allow) E:\Games\ANNO2070\AutoPatcher.exe
FirewallRules: [{3626D018-A08D-4D04-AB6B-5DD2F19644B2}] => (Allow) E:\Games\ANNO2070\InitEngine.exe
FirewallRules: [{04159031-C597-40DE-8492-4310046B4EA6}] => (Allow) E:\Games\ANNO2070\InitEngine.exe
FirewallRules: [{7B9CF189-A86A-4F89-B492-B9FDE7ADF599}] => (Allow) E:\Games\onlineTV 11\onlineTV.exe
FirewallRules: [{CA6E7E5E-2EF7-41FB-B7B0-3B66DA408322}] => (Allow) E:\Games\onlineTV 11\onlineTV.exe
FirewallRules: [{65FC3D91-05C6-4E6D-85CA-087B1B4F7AF6}] => (Allow) C:\Games\Steam\Steam.exe
FirewallRules: [{467DC6DB-2069-45B3-9C18-1D4BB5633CA7}] => (Allow) C:\Games\Steam\Steam.exe
FirewallRules: [{D3C9F2CA-4A6B-4C6F-A5EE-BF77F42D1E74}] => (Allow) C:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{29459DFA-80C6-4ABD-BE66-C4B0B263754B}] => (Allow) C:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{E5949FAF-E151-42C3-A716-A50C3579E050}] => (Allow) E:\Games\SteamLibrary\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{BD85B1B8-DE6B-4185-AED5-19B681D951FA}] => (Allow) E:\Games\SteamLibrary\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{B3847711-050A-41D6-B75C-3B1A6CBAE893}] => (Allow) E:\Games\SteamLibrary\steamapps\common\Galaxy On Fire 2 HD\GoF2Launcher.exe
FirewallRules: [{D863FB5F-E64B-414C-A264-EF8674330278}] => (Allow) E:\Games\SteamLibrary\steamapps\common\Galaxy On Fire 2 HD\GoF2Launcher.exe
FirewallRules: [{BCA46FC6-1A68-40DE-881B-CC623645D686}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6126317F-0624-46A7-8949-4538BF8C6A51}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CA73CE32-D5AE-4527-B656-A0DF8B6D9D4B}] => (Allow) E:\Games\SteamLibrary\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{667EC67E-71EA-47A6-AA3F-C762AC2CAB29}] => (Allow) E:\Games\SteamLibrary\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{B5DE4BDF-1375-46CA-8AF2-F89BEA481047}] => (Allow) E:\Games\SteamLibrary\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{98A0DB7C-0AEF-4DCB-8A21-4FFD968A2D35}] => (Allow) E:\Games\SteamLibrary\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{2E824A7B-9368-4603-B962-5E30F383E14A}] => (Allow) E:\Games\DungeonSiege2\DungeonSiege2.exe
FirewallRules: [{63A88895-5F93-4EF5-B1BF-4FA6E5227D4A}] => (Allow) E:\Games\DungeonSiege2\DungeonSiege2.exe
FirewallRules: [{E2BF1981-3345-4C73-AC84-A05941D549B0}] => (Allow) E:\Games\SteamLibrary\steamapps\common\Dungeon Siege 1\DungeonSiege.exe
FirewallRules: [{74E6F8BC-6E93-42BE-9BCE-7BF208C1D475}] => (Allow) E:\Games\SteamLibrary\steamapps\common\Dungeon Siege 1\DungeonSiege.exe
FirewallRules: [{AC9774BF-40C3-4035-95D5-ACA911B5057B}] => (Allow) E:\Games\GameforgeLive\gfl_client.exe
FirewallRules: [{A9498EBF-53F8-4541-969B-4DED2BACCD61}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FC92D618-E8C4-4685-B9E5-7CFE8754BCE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CE131B1C-4F3A-4767-96FD-FB7C804A5F6E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B7196552-CC2C-45A9-8BBD-11186A2523F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8E1E8627-6CB4-4F9D-87B4-8F0932776DDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6F21009D-96C4-4B00-B404-5052A5E8E4B0}] => (Allow) C:\Program Files\WindroyeBox\WindroyeBoxHD.exe
FirewallRules: [{D3F85DE5-F7AD-4D1B-B9AC-353C935D888D}] => (Allow) C:\Program Files\WindroyeBox\WindroyeBoxHD.exe
FirewallRules: [{26F1E2DA-5E4E-4CB7-B458-961BC2415ED9}] => (Allow) C:\Program Files (x86)\Windroye\Windroye.exe
FirewallRules: [{6891D49D-8328-4E9E-A7FD-76FD6144396E}] => (Allow) C:\Program Files (x86)\Windroye\Windroye.exe
FirewallRules: [{3DCF3E83-F817-411A-B2A4-3A1345B4DF7C}] => (Allow) LPort=3306
FirewallRules: [{8E4E65C4-A1E2-4FC0-A7EF-0134FB766CD4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C74D40A5-241F-4372-97EB-B4C8889EAA88}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{773CAB36-86AE-446B-A820-B7E53B150ADB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9A4E2D2A-BE49-417B-AFE6-2B6AED2C5485}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C0B51F14-A116-40A5-A8D4-BA4A86A17AA5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8937CF67-9E30-460B-88CB-FFC197F4CC00}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3B04D820-41BD-43D5-BA19-CE416CB0D4CF}] => (Allow) E:\Games\Anno 2205\Bin\Win64\Anno2205.exe
FirewallRules: [{EC305D62-500D-448F-A842-D4F97B711F65}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Games\FlashGet3\FlashGet3.exe] => Enabled:Flashget3

==================== Wiederherstellungspunkte =========================

16-01-2016 11:13:24 JRT Pre-Junkware Removal

==================== Fehlerhafte Ger?te im Ger?temanager =============

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Broadcom NetXtreme-Gigabit-Ethernet #2
Description: Broadcom NetXtreme Gigabit Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: b57nd60a
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Fehlereintr?ge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/16/2016 02:31:14 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CLSIDFromString({24602736-bed9-4619-91b0-243447c6409c}.back).  hr = 0x800401f3, Ungültige Klassenzeichenfolge
.


Vorgang:
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (01/16/2016 02:02:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CLSIDFromString({24602736-bed9-4619-91b0-243447c6409c}.back).  hr = 0x800401f3, Ungültige Klassenzeichenfolge
.


Vorgang:
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (01/16/2016 11:13:23 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CLSIDFromString({24602736-bed9-4619-91b0-243447c6409c}.back).  hr = 0x800401f3, Ungültige Klassenzeichenfolge
.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Anbieterverwaltungsschnittstelle wird abgerufen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {00000000-0000-0000-0000-000000000000}
   Snapshotkontext: -1
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (01/16/2016 11:01:21 AM) (Source: Apache Service) (EventID: 3299) (User: )
Description: The Apache service named  reported the following error:
>>> <Directory "E:/From_C_Apache_htdocs/HandyBilder/"> path is invalid.     .

Error: (01/16/2016 11:01:21 AM) (Source: Apache Service) (EventID: 3299) (User: )
Description: The Apache service named  reported the following error:
>>> Syntax error on line 356 of C:/Program Files (x86)/Apache Software Foundation/Apache2.2/conf/httpd.conf:     .

Error: (01/16/2016 03:09:51 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CLSIDFromString({24602736-bed9-4619-91b0-243447c6409c}.back).  hr = 0x800401f3, Ungültige Klassenzeichenfolge
.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Anbieterverwaltungsschnittstelle wird abgerufen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {00000000-0000-0000-0000-000000000000}
   Snapshotkontext: -1
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (01/16/2016 12:44:22 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CLSIDFromString({24602736-bed9-4619-91b0-243447c6409c}.back).  hr = 0x800401f3, Ungültige Klassenzeichenfolge
.


Vorgang:
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (01/15/2016 11:03:39 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CLSIDFromString({24602736-bed9-4619-91b0-243447c6409c}.back).  hr = 0x800401f3, Ungültige Klassenzeichenfolge
.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Anbieterverwaltungsschnittstelle wird abgerufen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {00000000-0000-0000-0000-000000000000}
   Snapshotkontext: -1
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (01/15/2016 10:19:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/15/2016 10:19:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.


Systemfehler:
=============
Error: (01/16/2016 11:13:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Display Driver Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/16/2016 11:01:21 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Apache2.2 service terminated with service-specific error %%1.

Error: (01/16/2016 11:00:18 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORIT?T)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORIT?TSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (01/16/2016 10:59:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Vstor2 Virtual Storage Driver service failed to start due to the following error: 
%%3

Error: (01/16/2016 10:58:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Neustart des Diensts.

Error: (01/16/2016 10:58:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Apache2.2 service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/16/2016 10:58:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Neustart des Diensts.

Error: (01/16/2016 10:58:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Streamer Network Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/16/2016 10:58:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CYGWIN sshd service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/16/2016 10:58:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Macrium Reflect Image Mounting Service service terminated unexpectedly.  It has done this 1 time(s).


CodeIntegrity:
===================================
  Date: 2014-08-14 16:37:40.649
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NirSoftOpenedFilesDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-08-14 16:37:40.259
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NirSoftOpenedFilesDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-07-10 20:26:27.966
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-31 21:15:07.782
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-07 17:30:30.729
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-07 17:30:30.308
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-07 17:29:41.019
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-07 17:29:40.614
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-07 17:28:44.293
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-07 17:28:43.841
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: AMD Athlon(tm) 64 X2 Dual Core Processor 6000+
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 8191.43 MB
Verfügbarer physikalischer RAM: 5748.64 MB
Summe virtueller Speicher: 13204.68 MB
Verfügbarer virtueller Speicher: 7574.38 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:8.66 GB) NTFS
Drive f: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive g: (20141206) (Removable) (Total:29.41 GB) (Free:11.93 GB) FAT32
Drive s: () (Network) (Total:1851.41 GB) (Free:138.08 GB) 
Drive t: (Public) (Network) (Total:2746.24 GB) (Free:1005.38 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: A3DD8426)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 29.4 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=29.4 GB) - (Type=0C)

==================== Ende von Addition.txt ============================
         

Alt 17.01.2016, 12:57   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7SP1: svchost braucht 50% CPU Teil1 - Standard

Win7SP1: svchost braucht 50% CPU Teil1



Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.01.2016, 18:51   #8
thor42
 
Win7SP1: svchost braucht 50% CPU Teil1 - Standard

Logfile mbar



Beim Scan wurde nichts gefunden und kein Cleanup durchgeführt.
Hier das Logfile:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.01.17.02
  rootkit: v2016.01.09.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
volker :: VOLKER-PC [administrator]

17.01.2016 15:18:46
mbar-log-2016-01-17 (15-18-46).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 509759
Time elapsed: 15 minute(s), 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 17.01.2016, 22:34   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7SP1: svchost braucht 50% CPU Teil1 - Standard

Win7SP1: svchost braucht 50% CPU Teil1



FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 18.01.2016, 07:16   #10
thor42
 
Win7SP1: svchost braucht 50% CPU Teil1 - Standard

Logfile Fixlog.txt



In der Datei Fixlog.txt steht folgender Inhalt:

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
durchgeführt von volker (2016-01-18 07:11:22) Run:1
Gestartet von C:\Users\volker\Downloads\SPECIAL
Geladene Profile: volker & cyg_server & Apache (Verfügbare Profile: volker & UbuntuTest & cyg_server & Apache)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
emptytemp:
         
*****************

EmptyTemp: => 610.8 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 07:11:47 ====
         

Alt 18.01.2016, 10:41   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7SP1: svchost braucht 50% CPU Teil1 - Standard

Win7SP1: svchost braucht 50% CPU Teil1



Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: MBAM

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: ESET

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 19.01.2016, 07:32   #12
thor42
 
Win7SP1: svchost braucht 50% CPU Teil1 - Standard

Mbam.txt



Mbam.txt
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 18.01.2016
Scan Time: 22:22
Logfile: Mbam.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.01.18.06
Rootkit Database: v2016.01.09.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: volker

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 507970
Time Elapsed: 9 min, 51 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
PUP.Optional.StartPage24, C:\Users\volker\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxibqd.default\extensions\ffext_basicvideoext@startpage24.xpi, No Action By User, [1905a49785145dd911afcb095da5ee12], 

Physical Sectors: 0
(No malicious items detected)


(end)
         
Eset läuft noch...

Hier das Eset logfile:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=befa4719fcc21a44b5cee4c730362c55
# end=init
# utc_time=2016-01-18 09:21:14
# local_time=2016-01-18 10:21:14 (+0100, W. Europe Standard Time)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 27702
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=befa4719fcc21a44b5cee4c730362c55
# end=updated
# utc_time=2016-01-18 09:46:40
# local_time=2016-01-18 10:46:40 (+0100, W. Europe Standard Time)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=befa4719fcc21a44b5cee4c730362c55
# engine=27702
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-01-19 03:47:17
# local_time=2016-01-19 04:47:17 (+0100, W. Europe Standard Time)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 204805087 0 0
# scanned=1351266
# found=10
# cleaned=0
# scan_time=21637
sh=8157D0C50CDAD9F608FCC1698D945A9C16114B35 ft=1 fh=1ad04c244ddba60d vn="Variante von Win32/ELEX.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\volker\AppData\Roaming\eIntaller\7A2047CF560A478394336CB5FDBF2221\eGdpSvc.exe.vir"
sh=F37FDAAD49B857DC99DCEDB9603915502237F567 ft=1 fh=ae37f09b0a9f5c78 vn="Variante von Win32/ELEX.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\volker\AppData\Roaming\eIntaller\7A2047CF560A478394336CB5FDBF2221\eXQ.exe.vir"
sh=3D09B4A1E2E55E7D1DF62B739D434F3F4E51DB90 ft=1 fh=31688d33c108b3f2 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\Games\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe"
sh=D375A2937CF2D06CF830285B1144273396670837 ft=1 fh=f95c209bffaec161 vn="Variante von Win32/Toolbar.Conduit.H evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\NCH Software\BroadWave\broadwave.exe"
sh=18C7EBF73AA1AF48AE95E011CA774A555EB0B2A9 ft=1 fh=68281b671b871110 vn="Variante von Win32/Toolbar.Conduit.H evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\NCH Software\BroadWave\broadwavesetup_v1.27.exe"
sh=BB58078BCE84628C521DDB8193C8329CEA63C807 ft=1 fh=c8a81f66132630fa vn="Win32/Packed.Autoit.E.Gen verdächtige Datei" ac=I fn="C:\Users\volker\Downloads\FritzRePass+U3\Portable\FritzRePass.exe"
sh=98C4AD085AB31A08A196D51B9A9A2F7196F08898 ft=1 fh=bcd07129a3d89530 vn="Win32/Packed.Autoit.E.Gen verdächtige Datei" ac=I fn="C:\Users\volker\Downloads\FritzRePass+U3\U3\FritzRePassU3.exe"
sh=738ACF9EEE6E86FF74970C71F170DE22EC651271 ft=1 fh=42fcdfb489f49b67 vn="Variante von Win32/Kryptik.BPP Trojaner" ac=I fn="C:\_OTM\MovedFiles\12122009_131822\C_Windows\msa.exe"
sh=19876B0C21073CE7AC4725124851FC36B7EA7301 ft=1 fh=31b372839de59c7b vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="E:\0TEMP\cbsidlm-cbsi188-Energy_Lens-ORG-10571141.exe"
sh=F1EFF6451CED129C0E5C0A510955F234A01158A0 ft=1 fh=332b4278a72373e2 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="E:\_DropBox\Dropbox\Applications\Unlocker1.9.2.exe"
         

Alt 19.01.2016, 09:18   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7SP1: svchost braucht 50% CPU Teil1 - Standard

Win7SP1: svchost braucht 50% CPU Teil1



Was ist mit dem dritten Tool?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 19.01.2016, 22:14   #14
thor42
 
Win7SP1: svchost braucht 50% CPU Teil1 - Standard

Security Check Logfile



Zum 3. logfile war ich noch nicht gekommen.
Das logfile vom security check:
Code:
ATTFilter
 Results of screen317's Security Check version 1.009  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
 Windows Firewall Enabled!  
 Windows Firewall Disabled!  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Out of date HijackThis  installed! 
 Spybot - Search & Destroy 
 Secunia PSI (3.0.0.2004)   
 HijackThis 2.0.2    
 Java 7 Update 65  
 JaVaWa Device Manager 2.6  
 Java version 32-bit out of Date! 
 Adobe Flash Player 20.0.0.267  
 Mozilla Firefox (43.0.4) 
 Mozilla Thunderbird 31.3.0 Thunderbird out of Date!  
 Google Chrome (47.0.2526.106) 
 Google Chrome (47.0.2526.111) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 20% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
         

Alt 19.01.2016, 22:23   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7SP1: svchost braucht 50% CPU Teil1 - Standard

Win7SP1: svchost braucht 50% CPU Teil1



Zitat:
Spybot - Search & Destroy
HijackThis 2.0.2
Java 7 Update 65
Deinstallieren

Zitat:
Secunia PSI (3.0.0.2004)
Mozilla Thunderbird 31.3.0
Updaten
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Win7SP1: svchost braucht 50% CPU Teil1
administrator, appdata, browser, clipgrab, cpu, dateien, einstellungen, explorer, firefox, folge, helper, internet, internet explorer, launch, logfiles, microsoft, mozilla, ordner, problem, proxy, prozess, rechner, server, software, svchost, tarma, windows, winsock



Ähnliche Themen: Win7SP1: svchost braucht 50% CPU Teil1


  1. [Win7.64bit] svchost.exe (netscvs) braucht mehr als 1GB Ram - Rechner dadurch langsam
    Log-Analyse und Auswertung - 20.05.2015 (28)
  2. relativ neuer Laptop der Marke hp braucht 5 - 15 Min. um hochzufahren und er hängt sich oft, je nach Gebrauch, auf oder braucht ewig.
    Plagegeister aller Art und deren Bekämpfung - 07.04.2015 (11)
  3. Windows 7 64 Bit: svchost.exe braucht 120.000 KB
    Plagegeister aller Art und deren Bekämpfung - 23.02.2015 (12)
  4. Laptop braucht ewig zum starten, friert plötzlich ein, braucht für jede Aktion ewig
    Plagegeister aller Art und deren Bekämpfung - 20.06.2014 (16)
  5. Programmidee: SVCHOST testen, braucht unterstützung !
    Diskussionsforum - 14.12.2012 (18)
  6. svchost.exe ( Svchost Prozess Analyser)
    Log-Analyse und Auswertung - 23.09.2011 (7)
  7. svchost Virus ! C:\Benutzer\Windows\Install\svchost.exe - WORM/Rebhip.A.318
    Plagegeister aller Art und deren Bekämpfung - 20.01.2011 (1)
  8. TR/Crypt.ZPACK.Gen in C:\Temp\bcot.tmp\svchost.exe , C:\Temp\qmub.tmp\svchost.exe usw
    Plagegeister aller Art und deren Bekämpfung - 12.04.2010 (1)
  9. Zone alarm friert rechner ein und svchost.exe braucht 100%!
    Mülltonne - 29.06.2008 (0)
  10. svchost.exe -k netsvcs braucht 100% CPU Auslastung
    Plagegeister aller Art und deren Bekämpfung - 03.04.2008 (19)
  11. Pc braucht 10 min zum hochfahren
    Log-Analyse und Auswertung - 17.03.2008 (5)
  12. svchost braucht zuviel leistung
    Log-Analyse und Auswertung - 15.01.2008 (2)
  13. PC braucht min. 15 min zum hochfahren
    Mülltonne - 02.01.2008 (0)
  14. Braucht Linux 30 Gb?
    Alles rund um Mac OSX & Linux - 10.02.2005 (4)
  15. wer braucht xp als betriebssystem?
    Alles rund um Windows - 21.08.2003 (16)

Zum Thema Win7SP1: svchost braucht 50% CPU Teil1 - Hallo, habe auf meinem WIN7SP1 Rechner den svchost Prozess für netsvcs mit 50% CPU am laufen. Habe zuletzt elixir/erlang/phoenix installiert. Evt. Bestand das Problem aber schon vorher und wurde nicht - Win7SP1: svchost braucht 50% CPU Teil1...
Archiv
Du betrachtest: Win7SP1: svchost braucht 50% CPU Teil1 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.