| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Probleme TR/Crypt.ZPACK.Gen9'Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.04.2016, 20:25
| #1 |
 |  Probleme TR/Crypt.ZPACK.Gen9' Hallo vielleicht kann mir hier jemand helfen. mein virenscaner (avira) hat gemeldet" C:\ProgramData\ewinpe\xtemp\mib.exe' enthält folgendes Muster 'TR/Crypt.ZPACK.Gen9' [trojan] wie krieg ich den wieder los vorausgesetzt ich hab den wirklikch drauf |
|
15.04.2016, 20:26
| #2 |
| /// TB-Ausbilder   | Probleme TR/Crypt.ZPACK.Gen9' Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
15.04.2016, 20:54
| #3 |
| | Frst.txt FRST Logfile:
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
durchgeführt von Florian (Administrator) auf FLORIAN-PC (15-04-2016 21:32:19)
Gestartet von D:\Installationsprogramme\Antivirensoftware
Geladene Profile: Florian (Verfügbare Profile: Florian)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(tsvr.com) C:\Users\Florian\AppData\Roaming\TSv\TSvr.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(TeamViewer GmbH) D:\Programme\TeamViewer\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
() C:\Users\Florian\AppData\LocalLow\WOT\IE\WOTUpdater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\FdmBrowserHelper.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-06] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1609296 2010-06-26] (Logitech, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [696320 2011-11-18] ()
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-24] (AVM Berlin)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2010-05-13]
ShortcutTarget: DSL-Manager.lnk -> D:\Programme\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2010-05-13]
ShortcutTarget: DSL-Manager.lnk -> D:\Programme\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{46A21199-6841-4D64-908B-2AC9386B247B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5F378C25-B3F5-4DAF-881C-E32CBBD8EF12}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2977951965-3881512990-2941591932-1001 -> DefaultScope {5867B61C-0F3F-4E79-BBEB-AC6A84A7813C} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2977951965-3881512990-2941591932-1001 -> {5867B61C-0F3F-4E79-BBEB-AC6A84A7813C} URL = hxxp://www.google.de/search?q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-29] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2016-03-16] (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-29] (Oracle Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870
FF Homepage: hxxp://www.t-online.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-11-14] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll [Keine Datei]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-11-14] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> D:\Multimediaprogramme\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> D:\Multimediaprogramme\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-07-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-07-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-07-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-07-18] (Apple Inc.)
FF SearchPlugin: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\searchplugins\ebay-kleinanzeigen-.xml [2014-08-23]
FF SearchPlugin: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\searchplugins\myvideo.xml [2014-08-16]
FF SearchPlugin: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\searchplugins\youtube.xml [2014-08-16]
FF Extension: Avira Browser Safety - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\abs@avira.com [2016-04-13]
FF Extension: German Dictionary - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-01-18]
FF Extension: Block site - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2015-06-04]
FF Extension: Add to Search Bar - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\add-to-searchbox@maltekraus.de.xpi [2014-08-16]
FF Extension: Classic Theme Restorer - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-08-16]
FF Extension: Linky - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\linky@gemal.dk.xpi [2016-02-03]
FF Extension: Snap Links Plus - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\snaplinks@snaplinks.mozdev.org.xpi [2016-02-06]
FF Extension: Video DownloadHelper - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-29]
FF Extension: Hide Tab Bar With One Tab - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\{e5bbc237-c99b-4ced-a061-0be27703295f}.xpi [2014-08-16]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-04-14]
FF HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files (x86)\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager extension - C:\Program Files (x86)\Free Download Manager\Firefox\Extension [2016-04-05]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nphjeokkkbngjpiofnfpnafjeofjomfb] - C:\Users\Florian\AppData\LocalLow\WOT\CHROME\WOT.crx [2012-01-12]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-08] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-06-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-19] (BlueStack Systems, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 IhPul; C:\Users\Florian\AppData\Roaming\TSv\TSvr.exe [359696 2016-04-15] (tsvr.com)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [Datei ist nicht signiert]
S3 TDslMgrService; D:\Programme\DSL-Manager\DslMgrSvc.exe [307200 2008-10-23] (T-Systems Enterprise Services GmbH) [Datei ist nicht signiert]
R2 TeamViewer; D:\Programme\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2010-10-27] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1403200 2010-09-30] (TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WOTUpdater; C:\Users\Florian\AppData\LocalLow\WOT\IE\WOTUpdater.exe [18432 2012-01-12] () [Datei ist nicht signiert]
S2 BugreportW; "C:\Program Files (x86)\SpeedSearchesbnd\Bugreportauclt.exe" {154DFF63-3402-4815-941A-AAD63AE8B428} [X]
S2 qkseeService; C:\Program Files (x86)\qksee\qkseeSvc.exe [X]
S2 WdMan; C:\ProgramData\ewinpe\WFini.exe -svr [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-08] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-08] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-08-24] (AVM Berlin)
S3 AVMUNET; C:\Windows\System32\DRIVERS\avmunet.sys [30208 2006-11-07] (AVM GmbH) [Datei ist nicht signiert]
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-06-19] (BlueStack Systems)
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-24] (AVM GmbH)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 PciDumpr; C:\Program Files (x86)\Common Files\T-Com\DSLCheck\PciDumpr.sys [2144 2001-01-26] () [Datei ist nicht signiert]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2010-02-24] (TuneUp Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-15 18:29 - 2016-04-15 18:29 - 00001838 _____ C:\Users\Florian\Neue Datenbank.odb
2016-04-15 16:32 - 2016-04-15 21:24 - 00000000 ____D C:\Program Files (x86)\WinZipper
2016-04-15 16:31 - 2016-04-15 16:31 - 00000000 ____D C:\Users\Florian\AppData\Roaming\WinZiper
2016-04-15 16:31 - 2016-04-15 16:31 - 00000000 ____D C:\Users\Florian\AppData\Roaming\eCyber
2016-04-15 16:29 - 2016-04-15 16:29 - 00015128 _____ C:\Windows\System32\Tasks\Browser Updater Task(Core)
2016-04-15 16:29 - 2016-04-15 16:29 - 00000000 ____D C:\Users\Florian\AppData\Roaming\TSv
2016-04-15 16:29 - 2016-04-15 16:29 - 00000000 ____D C:\Program Files (x86)\QQBrowser
2016-04-14 17:11 - 2016-03-31 21:25 - 00394952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-14 17:11 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-14 17:11 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-14 17:11 - 2016-03-31 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-14 17:11 - 2016-03-31 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-04-14 17:11 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-14 17:11 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-14 17:11 - 2016-03-31 02:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-04-14 17:11 - 2016-03-31 02:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-14 17:11 - 2016-03-31 02:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-04-14 17:11 - 2016-03-31 02:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-04-14 17:11 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-14 17:11 - 2016-03-31 02:22 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-14 17:11 - 2016-03-31 02:21 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-04-14 17:11 - 2016-03-31 02:19 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-14 17:11 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-14 17:11 - 2016-03-31 02:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-04-14 17:11 - 2016-03-31 02:17 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-14 17:11 - 2016-03-31 02:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-04-14 17:11 - 2016-03-31 02:11 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-14 17:11 - 2016-03-31 02:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-14 17:11 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-14 17:11 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-04-14 17:11 - 2016-03-31 02:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-14 17:11 - 2016-03-31 01:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-04-14 17:11 - 2016-03-31 01:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-04-14 17:11 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-14 17:11 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-14 17:11 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-14 17:11 - 2016-03-31 01:53 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-04-14 17:11 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-04-14 17:11 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-04-14 17:11 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-04-14 17:11 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-04-14 17:11 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-14 17:11 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-04-14 17:11 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-04-14 17:11 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-04-14 17:11 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-14 17:11 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-04-14 17:11 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-14 17:11 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-04-14 17:11 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-14 17:11 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-14 17:11 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-14 17:11 - 2016-03-31 01:42 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-04-14 17:11 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-14 17:11 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-04-14 17:11 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-14 17:11 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-04-14 17:11 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-04-14 17:11 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-04-14 17:11 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-14 17:11 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-14 17:11 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-14 17:11 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-04-14 17:11 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-14 17:11 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-14 17:11 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-14 17:11 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-04-14 17:11 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-14 17:11 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-14 17:11 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-14 17:11 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-14 17:11 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-14 17:11 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-14 16:23 - 2016-04-14 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-13 20:08 - 2016-03-18 01:04 - 05551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-13 20:08 - 2016-03-18 01:04 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-13 20:08 - 2016-03-18 01:04 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-13 20:08 - 2016-03-18 01:04 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-13 20:08 - 2016-03-18 01:01 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 20:08 - 2016-03-18 01:01 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-13 20:08 - 2016-03-18 00:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-13 20:08 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 20:08 - 2016-03-18 00:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-04-13 20:08 - 2016-03-18 00:54 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-13 20:08 - 2016-03-18 00:54 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-13 20:08 - 2016-03-18 00:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-13 20:08 - 2016-03-18 00:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-13 20:08 - 2016-03-18 00:53 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 20:08 - 2016-03-18 00:53 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-13 20:08 - 2016-03-18 00:53 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-13 20:08 - 2016-03-18 00:53 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-04-13 20:08 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-04-13 20:08 - 2016-03-18 00:33 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-04-13 20:08 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-04-13 20:08 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-04-13 20:08 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-04-13 20:08 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-04-13 20:08 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-04-13 20:08 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-04-13 20:08 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-13 20:08 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-04-13 20:08 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-04-13 20:08 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-04-13 20:08 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-04-13 20:08 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-13 20:08 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 20:08 - 2016-03-17 23:53 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-13 20:08 - 2016-03-17 23:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-13 20:08 - 2016-03-17 23:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-13 20:08 - 2016-03-17 23:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-13 20:08 - 2016-03-17 23:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-13 20:08 - 2016-03-17 23:43 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-13 20:08 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-04-13 20:08 - 2016-03-17 23:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-13 20:08 - 2016-03-17 23:37 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-13 20:08 - 2016-03-17 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-13 20:08 - 2016-03-17 23:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-13 20:08 - 2016-03-17 23:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-13 20:08 - 2016-03-17 23:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-04-13 20:08 - 2016-03-17 23:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-04-13 20:08 - 2016-03-17 23:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-04-13 20:08 - 2016-03-17 23:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-04-13 20:08 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-04-13 20:08 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 20:08 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 20:08 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 20:08 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 20:02 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 20:02 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-13 20:02 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-13 20:02 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-04-13 19:41 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 19:41 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 19:41 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-13 19:03 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 19:03 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-13 19:03 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-13 19:03 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-13 18:49 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-13 18:49 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-13 18:49 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-13 18:49 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-13 18:49 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-13 18:49 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-13 18:49 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-13 18:49 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-13 18:43 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-13 18:43 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-04-09 22:50 - 2016-04-09 22:50 - 00015208 _____ C:\Windows\System32\Tasks\WinTsks
2016-04-09 22:50 - 2016-04-09 22:50 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-09 22:50 - 2016-04-09 22:50 - 00000000 ____D C:\Program Files (x86)\WinTsks
2016-04-05 22:54 - 2016-04-05 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
2016-04-05 22:54 - 2016-04-05 23:05 - 00000000 ____D C:\Program Files (x86)\Free Download Manager
2016-04-05 19:46 - 2016-04-05 22:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-26 15:07 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-03-26 15:07 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-03-26 15:07 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-03-26 15:07 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-26 15:07 - 2016-02-01 21:08 - 00114624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-26 15:07 - 2016-02-01 20:59 - 03243008 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-26 15:07 - 2016-02-01 20:59 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-03-26 15:07 - 2016-02-01 20:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-03-26 15:07 - 2016-02-01 20:56 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-26 15:07 - 2016-02-01 20:56 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-26 15:07 - 2016-02-01 20:49 - 02364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-03-26 15:07 - 2016-02-01 20:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-03-26 15:07 - 2016-02-01 20:49 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-03-26 15:07 - 2016-02-01 20:45 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-26 15:07 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-03-26 15:06 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-15 21:32 - 2015-05-31 14:15 - 00000000 ____D C:\FRST
2016-04-15 21:29 - 2010-05-09 13:35 - 00000000 ____D C:\Users\Florian
2016-04-15 21:28 - 2015-11-17 21:28 - 00068207 _____ C:\Users\Florian\Einausgaben.ods
2016-04-15 20:56 - 2012-07-08 02:26 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-15 20:55 - 2012-08-15 18:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-15 18:31 - 2012-09-09 17:34 - 00000000 ____D C:\Users\Florian\AppData\Local\CrashDumps
2016-04-15 18:21 - 2009-07-14 06:45 - 00026384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-15 18:21 - 2009-07-14 06:45 - 00026384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-15 18:20 - 2014-06-29 18:52 - 01299033 _____ C:\Windows\WindowsUpdate.log
2016-04-15 18:11 - 2012-07-08 02:26 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-15 18:10 - 2014-10-05 19:31 - 01086598 _____ C:\Windows\PFRO.log
2016-04-15 18:10 - 2014-10-05 01:00 - 21583206 _____ C:\Windows\setupact.log
2016-04-15 18:10 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-15 16:32 - 2010-05-12 21:21 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{61D97D25-2BEF-4AEC-A94F-510529E28523}
2016-04-15 16:18 - 2012-05-05 16:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-14 21:55 - 2009-07-14 19:58 - 00699432 _____ C:\Windows\system32\perfh007.dat
2016-04-14 21:55 - 2009-07-14 19:58 - 00149572 _____ C:\Windows\system32\perfc007.dat
2016-04-14 21:55 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-14 21:51 - 2009-07-14 06:45 - 00679312 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-14 18:37 - 2014-12-12 16:12 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-14 17:24 - 2010-05-09 15:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-04-14 17:23 - 2013-07-18 15:49 - 00000000 ____D C:\Windows\system32\MRT
2016-04-14 17:16 - 2010-05-13 15:03 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-14 15:57 - 2012-12-03 00:26 - 00000000 ____D C:\Users\Florian\.BH
2016-04-12 20:52 - 2012-03-25 13:34 - 00000000 ____D C:\Users\Florian\Briefe
2016-04-12 20:42 - 2011-12-20 20:18 - 00000099 _____ C:\Users\Public\LMDebug.log
2016-04-12 20:40 - 2015-12-23 22:33 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Free Download Manager
2016-04-10 14:31 - 2010-05-14 00:41 - 00000000 ____D C:\Users\Florian\AppData\Roaming\VSO
2016-04-10 00:46 - 2016-03-05 14:49 - 00001865 _____ C:\Users\Public\Desktop\P-touch Editor 5.1.lnk
2016-04-10 00:46 - 2016-02-28 00:27 - 00001462 _____ C:\Users\Public\Desktop\LibreOffice 5.0.lnk
2016-04-10 00:46 - 2015-12-25 13:36 - 00001098 _____ C:\Users\Florian\Desktop\Free Doanloadmanager.lnk
2016-04-10 00:46 - 2015-09-13 16:19 - 00001104 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2016-04-10 00:46 - 2015-09-09 19:07 - 00000676 _____ C:\Users\Public\Desktop\IrfanView.lnk
2016-04-10 00:46 - 2015-05-31 17:20 - 00000691 _____ C:\Users\Public\Desktop\dm-Fotowelt.lnk
2016-04-10 00:46 - 2015-05-16 01:20 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-10 00:46 - 2015-05-16 01:20 - 00002041 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-04-10 00:46 - 2015-04-08 19:09 - 00001633 _____ C:\Users\Florian\Desktop\Avira.lnk
2016-04-10 00:46 - 2014-12-28 17:20 - 00000683 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2016-04-10 00:46 - 2014-12-28 17:20 - 00000683 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2016-04-10 00:46 - 2014-12-28 16:37 - 00000669 _____ C:\Users\Florian\Desktop\teXXas.lnk
2016-04-10 00:46 - 2014-12-16 21:43 - 00000684 _____ C:\Users\Florian\Desktop\VSO Image Resizer.lnk
2016-04-10 00:46 - 2014-11-23 16:26 - 00001244 _____ C:\Users\Florian\Desktop\mbar.exe -.lnk
2016-04-10 00:46 - 2014-08-13 01:18 - 00001618 _____ C:\Users\Public\Desktop\Logitech Webcam Software .lnk
2016-04-10 00:46 - 2014-08-11 03:34 - 00001067 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-04-10 00:46 - 2014-03-23 19:54 - 00002206 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-04-10 00:46 - 2013-09-03 21:57 - 00001801 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2016-04-10 00:46 - 2013-01-12 04:41 - 00001103 _____ C:\Users\Florian\Desktop\Smart Panel.lnk
2016-04-10 00:46 - 2012-12-04 10:32 - 00001410 _____ C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Windows installieren.lnk
2016-04-10 00:46 - 2012-12-03 00:26 - 00000786 _____ C:\Users\Florian\Desktop\BilderHerunterlader.lnk
2016-04-10 00:46 - 2012-04-15 21:11 - 00002084 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-04-10 00:46 - 2012-01-29 01:11 - 00001686 _____ C:\Users\Florian\Desktop\PhotoStudio.lnk
2016-04-10 00:46 - 2012-01-14 20:40 - 00001865 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-10 00:46 - 2012-01-14 20:40 - 00001859 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-10 00:46 - 2011-11-24 18:56 - 00000946 _____ C:\Users\Public\Desktop\Top50 V5 Viewer.lnk
2016-04-10 00:46 - 2011-10-08 22:32 - 00001744 _____ C:\Users\Public\Desktop\Nokia PC Suite.lnk
2016-04-10 00:46 - 2011-07-17 16:21 - 00002204 _____ C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
2016-04-10 00:46 - 2010-11-07 23:34 - 00000673 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-10 00:46 - 2010-10-26 20:55 - 00002736 _____ C:\Users\Public\Desktop\Nero StartSmart.lnk
2016-04-10 00:46 - 2010-05-30 04:04 - 00000632 _____ C:\Users\Florian\Desktop\RegCleaner.lnk
2016-04-10 00:46 - 2010-05-14 14:59 - 00000737 _____ C:\Users\Florian\Desktop\Cefic ERICards Offline.lnk
2016-04-10 00:46 - 2010-05-14 13:50 - 00002169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities.lnk
2016-04-10 00:46 - 2010-05-14 13:50 - 00002163 _____ C:\Users\Public\Desktop\TuneUp Utilities.lnk
2016-04-10 00:46 - 2010-05-13 23:29 - 00000623 _____ C:\Users\Public\Desktop\LingoPad.lnk
2016-04-10 00:46 - 2010-05-13 20:54 - 00001143 _____ C:\Users\Florian\Desktop\Fahrtenbuch.lnk
2016-04-10 00:46 - 2010-05-12 20:06 - 00001816 _____ C:\Users\Florian\Desktop\Microsoft Office - Verknüpfung.lnk
2016-04-10 00:46 - 2010-05-10 19:07 - 00002093 _____ C:\Users\Public\Desktop\MP Navigator EX 2.0.lnk
2016-04-10 00:46 - 2010-05-09 13:48 - 00001425 _____ C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-10 00:46 - 2010-05-09 13:48 - 00001379 _____ C:\Users\Florian\Desktop\Internet Explorer (64-bit).lnk
2016-04-10 00:46 - 2010-05-09 13:35 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-04-10 00:46 - 2010-05-09 13:35 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-04-10 00:46 - 2010-05-09 12:42 - 00001179 _____ C:\Users\Public\Desktop\SpeedCommander.lnk
2016-04-10 00:46 - 2009-07-14 07:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-04-10 00:46 - 2009-07-14 06:57 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-10 00:46 - 2009-07-14 06:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-04-10 00:46 - 2009-07-14 06:57 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-04-10 00:46 - 2009-07-14 06:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-04-10 00:46 - 2009-07-14 06:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-04-10 00:46 - 2009-07-14 06:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-04-10 00:45 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\Performance
2016-04-10 00:36 - 2014-08-24 22:03 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-10 00:07 - 2010-05-13 17:52 - 01067520 ___SH C:\Users\Florian\Thumbs.db
2016-04-09 23:54 - 2013-11-17 22:27 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-04-09 23:21 - 2014-12-14 01:15 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-09 23:19 - 2015-05-31 14:08 - 00000000 ____D C:\AdwCleaner
2016-04-09 20:13 - 2016-03-12 20:57 - 00000000 ____D C:\Users\Florian\Downloads\PSNV
2016-04-09 18:02 - 2012-10-31 20:42 - 00000000 ____D C:\Users\Florian\AppData\Roaming\vlc
2016-04-08 15:40 - 2012-03-25 13:31 - 00054474 _____ C:\Users\Florian\Fahrtenbuch.ods
2016-04-07 20:49 - 2012-08-15 18:45 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-07 20:49 - 2012-03-30 14:31 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-07 20:49 - 2012-01-14 20:03 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-01 22:34 - 2012-03-25 13:34 - 00000000 ____D C:\Users\Florian\Verzeichnisse
2016-03-31 19:52 - 2014-01-06 03:51 - 00026204 _____ C:\Users\Florian\Haus Zählerstände Haus.ods
2016-03-30 19:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-03-29 15:39 - 2015-11-21 23:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-29 15:39 - 2010-05-13 22:39 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-29 15:38 - 2015-11-21 23:21 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-03-29 15:38 - 2015-08-30 13:31 - 00000000 ____D C:\Users\Florian\.oracle_jre_usage
2016-03-21 18:44 - 2012-03-25 13:34 - 00000000 ____D C:\Users\Florian\Internet
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2010-05-28 19:58 - 2013-05-12 22:00 - 0000192 _____ () C:\Users\Florian\AppData\Roaming\default.rss
2010-05-28 19:58 - 2010-05-28 19:58 - 0000000 _____ () C:\Users\Florian\AppData\Roaming\downloads.m3u
2014-08-17 12:56 - 2015-07-19 16:04 - 0019456 _____ () C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-07-02 22:31 - 2010-07-02 22:32 - 0000333 _____ () C:\ProgramData\hpzinstall.log
2015-02-10 18:48 - 2015-02-10 18:48 - 0000366 _____ () C:\ProgramData\UpdStartupLog.log
Einige Dateien in TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\avgnt.exe
C:\Users\Florian\AppData\Local\Temp\libeay32.dll
C:\Users\Florian\AppData\Local\Temp\msvcr120.dll
C:\Users\Florian\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-29 16:29
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:15-09-2015
durchgeführt von Florian (2016-04-15 21:32:56)
Gestartet von D:\Installationsprogramme\Antivirensoftware
Windows 7 Professional Service Pack 1 (X64) (2010-05-09 11:47:54)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2977951965-3881512990-2941591932-500 - Administrator - Disabled)
Florian (S-1-5-21-2977951965-3881512990-2941591932-1001 - Administrator - Enabled) => C:\Users\Florian
Gast (S-1-5-21-2977951965-3881512990-2941591932-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2977951965-3881512990-2941591932-1004 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version: - ArcSoft)
ATI AVIVO64 Codecs (Version: 10.10.0.40918 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{B85D868D-1415-FDA5-8DB9-D4D457080885}) (Version: 3.0.745.0 - ATI Technologies, Inc.)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
Audiograbber MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
AVM FRITZ!Box AddOn (IE) (x64) (HKLM\...\{EC3671D7-98AC-4951-8FFD-5556BE066137}) (Version: 1.7.0 - AVM Berlin)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
BilderHerunterlader 3.6.6 (HKLM-x32\...\BilderHerunterlader) (Version: - )
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{9D84E30F-6757-4A56-BCB5-51ADE3AE8631}) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
Brother P-touch Editor 5.1 (HKLM-x32\...\{39270390-A851-4E4B-94A9-D5C468216ED3}) (Version: 5.1.0500 - Brother Industries, Ltd.)
Brother P-touch Update Software (HKLM-x32\...\{42036760-2DA4-43C4-A48A-9F90A0F1FA0E}) (Version: 1.0.0060 - Brother Industries, Ltd.)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Canon iP3300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3300) (Version: - )
Canon iP3300 Benutzerregistrierung (HKLM-x32\...\Canon iP3300 Benutzerregistrierung) (Version: - )
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
CanoScan LiDE 200 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4807) (Version: - )
ccc-core-static (x32 Version: 2009.0918.2132.36825 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
CDex extraction audio (HKLM-x32\...\CDex) (Version: - )
Cefic ERICards Offline (Remove only) (HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\...\Ericards.NET) (Version: 3.6.0.0 - Pharox Automatisering B.V.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2312.02 - CyberLink Corp.)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 6.0.4 - CEWE Stiftung u Co. KGaA)
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
DSL-Manager (HKLM-x32\...\{90A455A7-0FC8-4508-B7FA-8F135B8F041A}) (Version: - )
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Geogrid®-Viewer (x32 Version: 6.30.0000 - EADS Deutschland GmbH) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.114.0 - ATI Technologies Inc.) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Inkjet Printer/Scanner Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
LibreOffice 5.0.5.2 (HKLM-x32\...\{43D862C3-739D-4FF6-91C0-25612368CC81}) (Version: 5.0.5.2 - The Document Foundation)
Logitech Motion Detector Gadget (HKLM\...\{5FCF5515-4CC4-4812-8C9A-755336AB85F8}) (Version: 1.00.1082 - Ihr Firmenname)
Logitech SetPoint 6.15 (HKLM\...\SP6) (Version: 6.15.25 - Logitech)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Menu Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
Mozilla Thunderbird 38.7.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.7.2 (x86 de)) (Version: 38.7.2 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{EBFC96E5-4409-426E-88B7-650ADB342E78}) (Version: 8.0.50727.42 - The Firebird Project)
MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 (HKLM-x32\...\{e0b22685-7d0a-4754-91a5-71a010985185}) (Version: - Nero AG)
NHL™ 09 (HKLM-x32\...\{827B97A9-B347-4110-9F89-37AF2B758F94}) (Version: 2.0.1.0 - Electronic Arts)
Nokia Connectivity Cable Driver (HKLM-x32\...\{2D99A593-C841-43A7-B7C9-D6F3AE70B756}) (Version: 7.1.45.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.62.1 - Nokia)
Nokia PC Suite (x32 Version: 7.1.62.1 - Nokia) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{C373F7C4-05D2-4047-96D1-6AF30661C6AA}) (Version: 11.4.21.0 - Nokia)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5953 - Realtek Semiconductor Corp.)
Samsung SCX-3200 Series (HKLM-x32\...\Samsung SCX-3200 Series) (Version: __VERSION__ - Samsung Electronics Co., Ltd.)
SoundTrax (x32 Version: 4.4.37.1 - Nero AG) Hidden
SpeedCommander 10 (HKLM-x32\...\SpeedCommander 10) (Version: 10.0 - SpeedProject)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
teXXas (HKLM-x32\...\{F3DCD04C-BE9C-408C-BC8C-B77AF972DBC2}) (Version: 1 - metaspinner net GmbH)
TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Top50 V5 Viewer (HKLM-x32\...\{6594F5B0-350C-42AC-A613-F980B88BDB64}) (Version: 6.30.0000 - EADS Deutschland GmbH)
TuneUp Utilities (HKLM-x32\...\TuneUp Utilities) (Version: 9.0.4700.21 - TuneUp Software)
TuneUp Utilities (x32 Version: 9.0.4700.21 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 9.0.4700.21 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows-Treiberpaket - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
26-03-2016 15:08:00 Windows Update
03-04-2016 17:51:40 Geplanter Prüfpunkt
09-04-2016 23:05:33 JRT Pre-Junkware Removal
09-04-2016 23:26:05 JRT Pre-Junkware Removal
14-04-2016 17:12:17 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2012-02-03 14:46 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {3501A96D-7D76-49A6-89C1-9D4CC5A594BD} - System32\Tasks\{6CC98E2B-9BE5-462B-B369-42069058EAD6} => Firefox.exe
Task: {456917AC-305D-4750-9A8A-97CE3358DACB} - System32\Tasks\{F44ECDBE-298A-40D7-98D3-C0FF3FE1E600} => Firefox.exe
Task: {49E2DE76-CE43-4A52-BC40-B8FA8DA59D30} - System32\Tasks\WinTsks => C:\Program Files (x86)\WinTsks\WinTsks\WinTsks.exe [2016-04-09] ()
Task: {5FD73834-A7DE-4B77-B7F2-A9210C61A21F} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {601D5388-3E87-4821-B528-5EAAB4552D9E} - System32\Tasks\{C549D747-D157-44A3-B17F-90B8555BB588} => Firefox.exe
Task: {6AACC338-2AEB-415A-AA0F-6EECC5CE3888} - System32\Tasks\{17CD3FDE-47B6-4A20-B087-66B52DE14763} => pcalua.exe -a "C:\Users\Florian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\67QQDUW5\Firefox%20Setup%203.6.3[1].exe" -d C:\Users\Florian\Desktop
Task: {72E115C5-3CFC-4168-B3C3-D857A10673FA} - System32\Tasks\{8BDA699B-E140-4568-84AA-41BE9AA72E88} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
Task: {827EDDF5-D8A3-4686-8C59-C02451199847} - System32\Tasks\{749E0A3A-4B7C-4FE9-8938-E83057C9F759} => Firefox.exe
Task: {84938F27-3689-4089-85FC-AF91443AB400} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\QQBrowser\Update\B416869DFD96A8AC47B9FD85030674FD\Update\BrowserUpdate.exe [2016-04-08] (Tencent)
Task: {9AFD6482-4085-46DA-846A-924CE896EEED} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-04-04] (Microsoft Corporation)
Task: {9EB6674B-35E0-4123-9297-50E920CF9ADB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A0B7EF38-F73B-4138-8877-B6807C9F13FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A49D49B1-54EF-4D1C-A80E-13C0679F0D60} - System32\Tasks\{B27A2FA5-871D-43E6-959B-C24082C225B7} => pcalua.exe -a C:\Users\Florian\AppData\Local\Temp\jre-8u60-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {A4B1FEF0-AC9E-458B-A51E-B56A120387D9} - System32\Tasks\{55D49C19-D136-4A82-BB84-2687B47C5BF1} => C:\Program Files (x86)\Skype\Phone\Skype.exe
Task: {AA24DB11-CA45-423B-BCC5-855FF7D8B0F4} - System32\Tasks\{ED1502EC-54FB-4E08-A6C0-E820F96C49B8} => Firefox.exe
Task: {AFD7E2E9-2406-488E-B25F-A63F88F68986} - System32\Tasks\Amazon Music Helper => C:\Users\Florian\AppData\Local\Amazon Music\Amazon Music Helper.exe
Task: {B1BC65B8-59E2-46BC-99F4-A0CC526EA5C8} - System32\Tasks\{8A8F8A70-821C-407C-81ED-A9EE9E8BA180} => Firefox.exe hxxp://ui.skype.com/ui/0/4.2.0.155.259/de/abandoninstall?source=lightinstaller&page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;ienotdefaultbrowser2
Task: {B37247B5-5BD7-40C4-9D77-6C7F85F15DF1} - System32\Tasks\{A805A452-D41C-4266-AE6F-CEBC6B821C20} => D:\Programme\Nettalk6\Nettalk.exe
Task: {D9DE150F-7E85-41AD-8A1C-D828CD6ABA37} - System32\Tasks\CCleanerSkipUAC => D:\Programme\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {DE071E9B-54DC-424D-A665-E50F611ED24C} - System32\Tasks\{DCBA626F-B7C2-4F6F-A3F9-2EF5298B50F1} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
Task: {EF24CC43-F11C-4642-9E0D-DC1B69C83436} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {F00DBBA9-811A-4C49-B924-3DB7864C713E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {F2BD1B92-FC98-4834-A091-8B040C1021E2} - System32\Tasks\{6A91AEF7-FE4B-4F0C-A8BF-51DB259DA302} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-01-12 04:54 - 2006-02-23 12:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2011-04-14 03:41 - 2011-04-14 03:41 - 00034304 _____ () C:\Windows\System32\ssb3ml6.dll
2011-04-14 03:40 - 2011-04-14 04:40 - 00968192 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\ssb3mdu.dll
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () D:\Programme\FileZilla FTP Client\fzshellext_64.dll
2012-01-12 12:23 - 2012-01-12 12:23 - 00018432 _____ () C:\Users\Florian\AppData\LocalLow\WOT\IE\WOTUpdater.exe
2013-03-09 19:36 - 2011-11-18 12:22 - 00696320 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2013-03-09 19:36 - 2009-11-19 11:15 - 00306688 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2009-08-28 16:08 - 2009-08-28 16:08 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-05-09 13:38 - 2010-05-09 13:38 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2016-04-05 22:54 - 2016-03-16 05:24 - 04932688 _____ () C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll
2016-04-05 22:54 - 2015-07-23 16:08 - 00324096 _____ () C:\Program Files (x86)\Free Download Manager\ytparser.dll
2016-04-05 19:46 - 2016-04-05 19:46 - 00153032 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2016-04-05 19:46 - 2016-04-05 19:46 - 00022472 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2016-02-05 15:07 - 2016-02-05 15:07 - 01040488 _____ () C:\Program Files (x86)\LibreOffice 5\program\libxml2.dll
2016-02-05 15:07 - 2016-02-05 15:07 - 00372840 _____ () C:\Program Files (x86)\LibreOffice 5\program\glew32.dll
2016-02-05 15:07 - 2016-02-05 15:07 - 00182376 _____ () C:\Program Files (x86)\LibreOffice 5\program\libxslt.dll
2016-02-05 15:07 - 2016-02-05 15:07 - 00116328 _____ () C:\Program Files (x86)\LibreOffice 5\program\python3.dll
2016-02-05 12:38 - 2016-02-05 12:38 - 00049152 _____ () C:\Program Files (x86)\LibreOffice 5\program\python-core-3.3.3\lib\_socket.pyd
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: QuickTime Task => "D:\Multimediaprogramme\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{E5948720-B8D6-4ED3-B47F-1AFEDB415AA6}D:\multimediaprogramme\winamp\winamp.exe] => (Allow) D:\multimediaprogramme\winamp\winamp.exe
FirewallRules: [UDP Query User{56DD4C5A-C883-4E08-AF52-375D5A2908FC}D:\multimediaprogramme\winamp\winamp.exe] => (Allow) D:\multimediaprogramme\winamp\winamp.exe
FirewallRules: [{76E0C865-777C-4504-9C6A-AF8A653A0E39}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [TCP Query User{D753B374-D945-4A8F-8C3C-87E76CB922FD}D:\programme\filezilla ftp client\filezilla.exe] => (Allow) D:\programme\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{872A5183-5A00-44B5-A009-A81A28819095}D:\programme\filezilla ftp client\filezilla.exe] => (Allow) D:\programme\filezilla ftp client\filezilla.exe
FirewallRules: [{43F4A700-4296-449B-817F-39ED1CC5C158}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{BED8EC39-0A3F-48FA-A26D-B39180EC8985}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{3D77DDA7-F34B-4053-A85E-40B11F5BCCF2}] => (Allow) LPort=10322
FirewallRules: [{C1753386-2CC7-4375-A877-1998D3FBEDDC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{A44098AF-A4C6-4FBC-8660-D0278BEAD038}C:\program files (x86)\java\jre6\launch4j-tmp\ffm.exe] => (Allow) C:\program files (x86)\java\jre6\launch4j-tmp\ffm.exe
FirewallRules: [UDP Query User{783591B1-989A-4286-B9E1-06630C693AC4}C:\program files (x86)\java\jre6\launch4j-tmp\ffm.exe] => (Allow) C:\program files (x86)\java\jre6\launch4j-tmp\ffm.exe
FirewallRules: [TCP Query User{6D35A44B-DF4D-4ECF-A042-70ACDB0594DE}C:\program files\java\jre6\launch4j-tmp\ffm.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\ffm.exe
FirewallRules: [UDP Query User{D9EFEE21-124F-485C-ADF6-F471E94C3DCC}C:\program files\java\jre6\launch4j-tmp\ffm.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\ffm.exe
FirewallRules: [TCP Query User{539AA981-7F26-4D11-8F51-BB0E08DB1E1D}D:\multimediaprogramme\k-lite codec pack\media player classic\mpc-hc.exe] => (Allow) D:\multimediaprogramme\k-lite codec pack\media player classic\mpc-hc.exe
FirewallRules: [UDP Query User{3BF76468-5C52-4B2E-906C-379A4808338E}D:\multimediaprogramme\k-lite codec pack\media player classic\mpc-hc.exe] => (Allow) D:\multimediaprogramme\k-lite codec pack\media player classic\mpc-hc.exe
FirewallRules: [{F3E3340A-09ED-415A-9D69-999DABA6D722}] => (Allow) F:\fsetup.exe
FirewallRules: [{4B3E6583-2402-450B-8B66-3403B89A2188}] => (Allow) F:\fsetup.exe
FirewallRules: [{3981521D-D430-42D0-B40C-2273E8B4D8F2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F4F2AED0-4844-4D0E-B055-8244C85E7091}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7B153A05-8D17-4205-8B08-DAB3B07AEB59}] => (Allow) D:\Multimediaprogramme\Winamp\winamp.exe
FirewallRules: [{58DB1A85-233D-4DAF-8215-7EC0E75BB11A}] => (Allow) D:\Multimediaprogramme\Winamp\winamp.exe
FirewallRules: [{F2F7DF84-35B0-44CC-8C45-4327AC725A90}] => (Allow) LPort=49167
FirewallRules: [{1DA9FD06-4467-4B1B-8682-15DFED9C1063}] => (Allow) LPort=5000
FirewallRules: [TCP Query User{306072D2-B2D8-45C1-B8E9-A5F6F1408FE5}D:\multimediaprogramme\vlc\vlc.exe] => (Block) D:\multimediaprogramme\vlc\vlc.exe
FirewallRules: [UDP Query User{6692AE2D-63F4-4306-BB80-0443B5910AE6}D:\multimediaprogramme\vlc\vlc.exe] => (Block) D:\multimediaprogramme\vlc\vlc.exe
FirewallRules: [{BE2BA043-F600-436B-97EC-DC5850F7C0C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AF2F48C3-CF8E-4A7E-9110-D0956C7182C6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{93B0E5FE-F24B-407C-8189-AC74C874AB45}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9020114B-8B5B-422A-A967-E5EBCB194373}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{7E88D983-C887-4AD2-829A-55380B0140AF}] => (Allow) D:\Programme\TeamViewer\TeamViewer.exe
FirewallRules: [{2EDE3AB8-6031-4436-8584-8CF9349AB204}] => (Allow) D:\Programme\TeamViewer\TeamViewer.exe
FirewallRules: [{F632A110-A0B2-4F8F-9164-7C8515A0DAF7}] => (Allow) D:\Programme\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{72B18DF3-4E01-458A-882F-6D7128F1ADAB}] => (Allow) D:\Programme\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EC8CA683-542D-42C6-91DD-3898AB9AA484}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5CE63752-E130-4DF8-92A2-A5D0B90E282F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{6AD824F9-676C-48C1-B53D-0CA08EC3946C}D:\programme\einsatzstellenverwaltung\einsatzstellenverwaltung server.exe] => (Allow) D:\programme\einsatzstellenverwaltung\einsatzstellenverwaltung server.exe
FirewallRules: [UDP Query User{CD0AAA2A-E2C7-41D5-AE1F-0721AEB570F8}D:\programme\einsatzstellenverwaltung\einsatzstellenverwaltung server.exe] => (Allow) D:\programme\einsatzstellenverwaltung\einsatzstellenverwaltung server.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (04/15/2016 06:29:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: soffice.bin, Version: 5.0.5.2, Zeitstempel: 0x56b49618
Name des fehlerhaften Moduls: msci_uno.dll, Version: 5.0.5.2, Zeitstempel: 0x56b47b91
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c224
ID des fehlerhaften Prozesses: 0xeb4
Startzeit der fehlerhaften Anwendung: 0xsoffice.bin0
Pfad der fehlerhaften Anwendung: soffice.bin1
Pfad des fehlerhaften Moduls: soffice.bin2
Berichtskennung: soffice.bin3
Error: (04/15/2016 06:11:02 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (04/15/2016 05:30:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: qkseeSvc.exe, Version: 3.1.0.0, Zeitstempel: 0x570e061e
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000024
ID des fehlerhaften Prozesses: 0x1bc
Startzeit der fehlerhaften Anwendung: 0xqkseeSvc.exe0
Pfad der fehlerhaften Anwendung: qkseeSvc.exe1
Pfad des fehlerhaften Moduls: qkseeSvc.exe2
Berichtskennung: qkseeSvc.exe3
Error: (04/15/2016 04:19:15 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (04/14/2016 09:51:06 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (04/14/2016 05:14:04 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Kontext: Anwendung, SystemIndex Katalog
Error: (04/14/2016 03:44:09 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (04/13/2016 03:51:22 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (04/12/2016 03:50:31 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (04/11/2016 03:39:00 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Systemfehler:
=============
Error: (04/15/2016 09:24:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WinZiper service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/15/2016 06:11:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (04/15/2016 06:10:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WFini WdMan Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/15/2016 06:10:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "qkseeService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/15/2016 04:19:15 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (04/14/2016 09:51:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (04/14/2016 05:16:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/14/2016 05:16:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
Error: (04/14/2016 03:44:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (04/13/2016 03:51:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
CodeIntegrity:
===================================
Date: 2012-04-30 01:42:14.389
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:42:14.311
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:42:12.845
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:42:12.767
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:42:10.598
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:42:10.520
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:41:34.141
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:41:34.063
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-02-03 13:45:55.746
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-02-03 13:45:55.684
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: AMD Athlon(tm) II X4 630 Processor
Prozentuale Nutzung des RAM: 56%
Installierter physikalischer RAM: 4095.24 MB
Verfügbarer physikalischer RAM: 1797.88 MB
Summe virtueller Speicher: 8188.67 MB
Verfügbarer virtueller Speicher: 5112.65 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:390.53 GB) (Free:270.26 GB) NTFS
Drive d: (Daten) (Fixed) (Total:263.67 GB) (Free:250.64 GB) NTFS
Drive e: (Medien) (Fixed) (Total:277.21 GB) (Free:247.12 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E274FB94)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=390.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=263.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=277.2 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
15.04.2016, 20:57
| #4 |
| | Probleme TR/Crypt.ZPACK.Gen9'Code:
ATTFilter 21:54:08.0434 0x0ed0 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
21:54:12.0611 0x0ed0 ============================================================
21:54:12.0611 0x0ed0 Current date / time: 2016/04/15 21:54:12.0611
21:54:12.0611 0x0ed0 SystemInfo:
21:54:12.0611 0x0ed0
21:54:12.0611 0x0ed0 OS Version: 6.1.7601 ServicePack: 1.0
21:54:12.0611 0x0ed0 Product type: Workstation
21:54:12.0612 0x0ed0 ComputerName: FLORIAN-PC
21:54:12.0612 0x0ed0 UserName: Florian
21:54:12.0612 0x0ed0 Windows directory: C:\Windows
21:54:12.0612 0x0ed0 System windows directory: C:\Windows
21:54:12.0612 0x0ed0 Running under WOW64
21:54:12.0612 0x0ed0 Processor architecture: Intel x64
21:54:12.0612 0x0ed0 Number of processors: 4
21:54:12.0612 0x0ed0 Page size: 0x1000
21:54:12.0612 0x0ed0 Boot type: Normal boot
21:54:12.0612 0x0ed0 ============================================================
21:54:16.0082 0x0ed0 KLMD registered as C:\Windows\system32\drivers\05360176.sys
21:54:16.0326 0x0ed0 System UUID: {D68389A8-64DE-8436-DEB4-9C7DF45E0366}
21:54:16.0709 0x0ed0 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:54:16.0725 0x0ed0 ============================================================
21:54:16.0725 0x0ed0 \Device\Harddisk0\DR0:
21:54:16.0725 0x0ed0 MBR partitions:
21:54:16.0725 0x0ed0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:54:16.0725 0x0ed0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x30D0E000
21:54:16.0725 0x0ed0 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x30D40800, BlocksNum 0x20F58000
21:54:16.0725 0x0ed0 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x51C98800, BlocksNum 0x22A6D800
21:54:16.0725 0x0ed0 ============================================================
21:54:16.0745 0x0ed0 C: <-> \Device\Harddisk0\DR0\Partition2
21:54:16.0776 0x0ed0 D: <-> \Device\Harddisk0\DR0\Partition3
21:54:16.0810 0x0ed0 E: <-> \Device\Harddisk0\DR0\Partition4
21:54:16.0811 0x0ed0 ============================================================
21:54:16.0811 0x0ed0 Initialize success
21:54:16.0811 0x0ed0 ============================================================
21:54:26.0526 0x1678 ============================================================
21:54:26.0526 0x1678 Scan started
21:54:26.0526 0x1678 Mode: Manual; SigCheck; TDLFS;
21:54:26.0526 0x1678 ============================================================
21:54:26.0527 0x1678 KSN ping started
21:54:44.0683 0x1678 KSN ping finished: true
21:54:45.0446 0x1678 ================ Scan system memory ========================
21:54:45.0446 0x1678 System memory - ok
21:54:45.0447 0x1678 ================ Scan services =============================
21:54:45.0601 0x1678 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:54:45.0649 0x1678 1394ohci - ok
21:54:45.0675 0x1678 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:54:45.0692 0x1678 ACPI - ok
21:54:45.0703 0x1678 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:54:45.0715 0x1678 AcpiPmi - ok
21:54:45.0802 0x1678 [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:54:45.0838 0x1678 AdobeARMservice - ok
21:54:45.0951 0x1678 [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:54:45.0978 0x1678 AdobeFlashPlayerUpdateSvc - ok
21:54:46.0052 0x1678 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:54:46.0083 0x1678 adp94xx - ok
21:54:46.0113 0x1678 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:54:46.0130 0x1678 adpahci - ok
21:54:46.0141 0x1678 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:54:46.0154 0x1678 adpu320 - ok
21:54:46.0186 0x1678 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:54:46.0197 0x1678 AeLookupSvc - ok
21:54:46.0263 0x1678 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
21:54:46.0298 0x1678 AFD - ok
21:54:46.0333 0x1678 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
21:54:46.0344 0x1678 agp440 - ok
21:54:46.0368 0x1678 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
21:54:46.0381 0x1678 ALG - ok
21:54:46.0414 0x1678 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
21:54:46.0423 0x1678 aliide - ok
21:54:46.0464 0x1678 [ 0D3E12216D6F956F05B0B555D53D7ABB, B640E50E96E709B2413A71A72ECAF7A7420F27FF1264E335187342D75EDF3700 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:54:46.0480 0x1678 AMD External Events Utility - ok
21:54:46.0499 0x1678 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
21:54:46.0509 0x1678 amdide - ok
21:54:46.0533 0x1678 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:54:46.0544 0x1678 AmdK8 - ok
21:54:46.0554 0x1678 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:54:46.0565 0x1678 AmdPPM - ok
21:54:46.0591 0x1678 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:54:46.0603 0x1678 amdsata - ok
21:54:46.0626 0x1678 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:54:46.0640 0x1678 amdsbs - ok
21:54:46.0653 0x1678 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:54:46.0663 0x1678 amdxata - ok
21:54:46.0804 0x1678 [ 37CD9EB03B36D8329F96BA921470DB54, 0CD3BFBA51F84D83E3B208D2BED7CE8E91B447B2037014663EC7CB8E5A925201 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
21:54:46.0846 0x1678 AntiVirMailService - ok
21:54:46.0919 0x1678 [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:54:46.0944 0x1678 AntiVirSchedulerService - ok
21:54:47.0010 0x1678 [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:54:47.0041 0x1678 AntiVirService - ok
21:54:47.0108 0x1678 [ 1F5CC3C23E10290A3FF9CAA74AA30D07, A4F1F3465A5E0A914EE5A4FEF4A6B639956BA04B7145EF68820BC2A15DEE4162 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
21:54:47.0151 0x1678 AntiVirWebService - ok
21:54:47.0190 0x1678 [ A9FB80B0BBA6F765F4E691B7AD4963A7, 06BC740AF47ACECEE3707C433357F872EA0D9F2CA1B9FC2489FA3B421A262EF0 ] AppID C:\Windows\system32\drivers\appid.sys
21:54:47.0222 0x1678 AppID - ok
21:54:47.0234 0x1678 [ C47B6624AF9AEE4146743DCB133A159D, 10D1E6C9F972C3A8CC304F38B0A52818A78D70B4AF71F6E22CE1773397FC2AB4 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:54:47.0250 0x1678 AppIDSvc - ok
21:54:47.0275 0x1678 [ 046E837786271237A76C50F7CE1F5BC6, 10EFAEC9BCEF241B3046DFECA7659E137DF42C975E50B35D841024D44A58BB98 ] Appinfo C:\Windows\System32\appinfo.dll
21:54:47.0286 0x1678 Appinfo - ok
21:54:47.0321 0x1678 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
21:54:47.0335 0x1678 AppMgmt - ok
21:54:47.0381 0x1678 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
21:54:47.0408 0x1678 arc - ok
21:54:47.0426 0x1678 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:54:47.0445 0x1678 arcsas - ok
21:54:47.0529 0x1678 [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:54:47.0575 0x1678 aspnet_state - ok
21:54:47.0609 0x1678 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:54:47.0643 0x1678 AsyncMac - ok
21:54:47.0662 0x1678 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
21:54:47.0672 0x1678 atapi - ok
21:54:47.0706 0x1678 [ 506934DF94E3197F4A1BBE8FBEAB0CCD, 678E16DED6767565DFA03397AA49061029351863904712DAED1862F4A606B41B ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
21:54:47.0718 0x1678 AtiHdmiService - ok
21:54:47.0929 0x1678 [ 79CEB8D4F25CABE69F3762C90F5B06B8, 6E34F1F44A851097EA292FA864AB275226850F92B9C259DC5B89E089223CC15B ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:54:48.0076 0x1678 atikmdag - ok
21:54:48.0154 0x1678 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:54:48.0187 0x1678 AudioEndpointBuilder - ok
21:54:48.0211 0x1678 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:54:48.0235 0x1678 AudioSrv - ok
21:54:48.0283 0x1678 [ 742D578C28F6F58B8B576F91A1D8EB4E, 6C49EC198E67CE40728F0C19CB2BDCB59310BA59324F58E4D456DA2C8CC28BA6 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:54:48.0297 0x1678 avgntflt - ok
21:54:48.0325 0x1678 [ FBC2483AD62FBC8BD76A4254C50874BA, 04398AB0221535DD5D0A1AF6CA107F815CD607E668E2E7887D061FCED7373728 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:54:48.0338 0x1678 avipbb - ok
21:54:48.0383 0x1678 [ 98BB62ABFD17F284C3C5DE40F8266F3C, CD08C737BE9FC32FF98252FCFFCAE779EC6FAB76BF80F0835ACE71F1E155D70D ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
21:54:48.0400 0x1678 Avira.ServiceHost - ok
21:54:48.0443 0x1678 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:54:48.0453 0x1678 avkmgr - ok
21:54:48.0468 0x1678 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
21:54:48.0478 0x1678 avmeject - ok
21:54:48.0492 0x1678 [ 60DDD914D878D04B5B0B1179B67E214D, 56007A7FECAEF7B61F348B67DC11EF27632593462CE3B5166A7B6F02D29BAB4C ] AVMUNET C:\Windows\system32\DRIVERS\avmunet.sys
21:54:48.0496 0x1678 AVMUNET - detected UnsignedFile.Multi.Generic ( 1 )
21:54:49.0983 0x03c8 Object required for P2P: [ 37CD9EB03B36D8329F96BA921470DB54 ] AntiVirMailService
21:54:55.0986 0x1a0c Object required for P2P: [ 98BB62ABFD17F284C3C5DE40F8266F3C ] Avira.ServiceHost
21:54:55.0986 0x1678 Detect skipped due to KSN trusted
21:54:55.0986 0x1678 AVMUNET - ok
21:54:56.0043 0x1678 [ 7FDC860B34BDFFDFCE98622F81F24FA9, 3EF774A7F2EB741633611400161B6D4F642F9357BF6E957E14E70D1645BE6466 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
21:54:56.0073 0x03c8 Object send P2P result: true
21:54:56.0073 0x1678 avnetflt - ok
21:54:56.0117 0x1678 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:54:56.0145 0x1678 AxInstSV - ok
21:54:56.0200 0x1678 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:54:56.0243 0x1678 b06bdrv - ok
21:54:56.0266 0x1678 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:54:56.0283 0x1678 b57nd60a - ok
21:54:56.0325 0x1678 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
21:54:56.0344 0x1678 BDESVC - ok
21:54:56.0353 0x1678 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
21:54:56.0382 0x1678 Beep - ok
21:54:56.0442 0x1678 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
21:54:56.0472 0x1678 BFE - ok
21:54:56.0507 0x1678 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
21:54:56.0558 0x1678 BITS - ok
21:54:56.0590 0x1678 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:54:56.0601 0x1678 blbdrive - ok
21:54:56.0628 0x1678 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:54:56.0651 0x1678 bowser - ok
21:54:56.0664 0x1678 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:54:56.0677 0x1678 BrFiltLo - ok
21:54:56.0684 0x1678 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:54:56.0696 0x1678 BrFiltUp - ok
21:54:56.0719 0x1678 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
21:54:56.0750 0x1678 BridgeMP - ok
21:54:56.0777 0x1678 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
21:54:56.0799 0x1678 Browser - ok
21:54:56.0842 0x1678 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:54:56.0912 0x1678 Brserid - ok
21:54:56.0922 0x1678 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:54:56.0939 0x1678 BrSerWdm - ok
21:54:56.0952 0x1678 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:54:56.0964 0x1678 BrUsbMdm - ok
21:54:56.0971 0x1678 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:54:56.0981 0x1678 BrUsbSer - ok
21:54:57.0068 0x1678 [ 9A873075063B4B9E77E75835158AB60F, DD7A73E0A8117FE9A93F81A32B2FA5D52E0D7D467946D45B188E2DDB1B0E4725 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
21:54:57.0104 0x1678 BstHdAndroidSvc - ok
21:54:57.0156 0x1678 [ D867CC47E487C119F35CF0573B384EBF, 25939FAA0187DA3A0CCB30DE52E91E89C38102B2EDA78826FF0F3395AF0435A5 ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
21:54:57.0182 0x1678 BstHdDrv - ok
21:54:57.0217 0x1678 [ 120A276B3A78BEDEB39E1925405A201D, 7D054B2AB000791D3B9DEB153EE5456FB781CD0FD211973EEED0879749C070FA ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
21:54:57.0240 0x1678 BstHdLogRotatorSvc - ok
21:54:57.0252 0x1678 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:54:57.0266 0x1678 BTHMODEM - ok
21:54:57.0299 0x1678 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
21:54:57.0330 0x1678 bthserv - ok
21:54:57.0358 0x1678 BugreportW - ok
21:54:57.0374 0x1678 catchme - ok
21:54:57.0411 0x1678 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:54:57.0456 0x1678 cdfs - ok
21:54:57.0485 0x1678 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:54:57.0499 0x1678 cdrom - ok
21:54:57.0532 0x1678 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
21:54:57.0561 0x1678 CertPropSvc - ok
21:54:57.0576 0x1678 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:54:57.0589 0x1678 circlass - ok
21:54:57.0623 0x1678 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
21:54:57.0642 0x1678 CLFS - ok
21:54:57.0690 0x1678 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:54:57.0722 0x1678 clr_optimization_v2.0.50727_32 - ok
21:54:57.0737 0x1678 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:54:57.0752 0x1678 clr_optimization_v2.0.50727_64 - ok
21:54:57.0809 0x1678 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:54:57.0828 0x1678 clr_optimization_v4.0.30319_32 - ok
21:54:57.0842 0x1678 [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:54:57.0857 0x1678 clr_optimization_v4.0.30319_64 - ok
21:54:57.0882 0x1678 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:54:57.0893 0x1678 CmBatt - ok
21:54:57.0911 0x1678 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:54:57.0921 0x1678 cmdide - ok
21:54:57.0958 0x1678 [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG C:\Windows\system32\Drivers\cng.sys
21:54:57.0985 0x1678 CNG - ok
21:54:58.0010 0x1678 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:54:58.0020 0x1678 Compbatt - ok
21:54:58.0059 0x1678 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:54:58.0072 0x1678 CompositeBus - ok
21:54:58.0083 0x1678 COMSysApp - ok
21:54:58.0095 0x1678 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:54:58.0105 0x1678 crcdisk - ok
21:54:58.0135 0x1678 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:54:58.0156 0x1678 CryptSvc - ok
21:54:58.0190 0x1678 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
21:54:58.0224 0x1678 CSC - ok
21:54:58.0256 0x1678 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
21:54:58.0284 0x1678 CscService - ok
21:54:58.0331 0x1678 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
21:54:58.0360 0x1678 DcomLaunch - ok
21:54:58.0385 0x1678 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
21:54:58.0421 0x1678 defragsvc - ok
21:54:58.0445 0x1678 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:54:58.0475 0x1678 DfsC - ok
21:54:58.0503 0x1678 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:54:58.0529 0x1678 Dhcp - ok
21:54:58.0553 0x1678 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
21:54:58.0582 0x1678 discache - ok
21:54:58.0596 0x1a0c Object send P2P result: true
21:54:58.0613 0x1678 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
21:54:58.0625 0x1678 Disk - ok
21:54:58.0657 0x1678 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:54:58.0682 0x1678 Dnscache - ok
21:54:58.0713 0x1678 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
21:54:58.0747 0x1678 dot3svc - ok
21:54:58.0775 0x1678 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
21:54:58.0807 0x1678 DPS - ok
21:54:58.0839 0x1678 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:54:58.0858 0x1678 drmkaud - ok
21:54:58.0886 0x1678 [ D52EEB224DF107AAD9059597F0EB95CC, 40BE0E795CE981AB287FE93C509ED7FB11519B9A5173C7AC67D1EFB3E766859D ] DslMNLwf C:\Windows\system32\DRIVERS\dslmnlwf.sys
21:54:58.0895 0x1678 DslMNLwf - ok
21:54:58.0943 0x1678 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:54:58.0978 0x1678 DXGKrnl - ok
21:54:59.0020 0x1678 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
21:54:59.0076 0x1678 EapHost - ok
21:54:59.0181 0x1678 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:54:59.0276 0x1678 ebdrv - ok
21:54:59.0303 0x1678 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] EFS C:\Windows\System32\lsass.exe
21:54:59.0314 0x1678 EFS - ok
21:54:59.0372 0x1678 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:54:59.0400 0x1678 ehRecvr - ok
21:54:59.0433 0x1678 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
21:54:59.0464 0x1678 ehSched - ok
21:54:59.0514 0x1678 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:54:59.0543 0x1678 elxstor - ok
21:54:59.0564 0x1678 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:54:59.0574 0x1678 ErrDev - ok
21:54:59.0621 0x1678 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
21:54:59.0660 0x1678 EventSystem - ok
21:54:59.0680 0x1678 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
21:54:59.0714 0x1678 exfat - ok
21:54:59.0728 0x1678 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:54:59.0762 0x1678 fastfat - ok
21:54:59.0805 0x1678 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
21:54:59.0838 0x1678 Fax - ok
21:54:59.0856 0x1678 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:54:59.0867 0x1678 fdc - ok
21:54:59.0903 0x1678 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
21:54:59.0958 0x1678 fdPHost - ok
21:54:59.0972 0x1678 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
21:55:00.0001 0x1678 FDResPub - ok
21:55:00.0039 0x1678 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:55:00.0067 0x1678 FileInfo - ok
21:55:00.0074 0x1678 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:55:00.0108 0x1678 Filetrace - ok
21:55:00.0119 0x1678 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:55:00.0129 0x1678 flpydisk - ok
21:55:00.0159 0x1678 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:55:00.0176 0x1678 FltMgr - ok
21:55:00.0278 0x1678 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
21:55:00.0332 0x1678 FontCache - ok
21:55:00.0385 0x1678 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:55:00.0411 0x1678 FontCache3.0.0.0 - ok
21:55:00.0440 0x1678 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:55:00.0455 0x1678 FsDepends - ok
21:55:00.0471 0x1678 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:55:00.0484 0x1678 Fs_Rec - ok
21:55:00.0521 0x1678 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:55:00.0543 0x1678 fvevol - ok
21:55:00.0594 0x1678 [ 8A3DB33B2FA1D0CAF7A70256E00EB996, 13F51EEB0088A8891620388843A8C3BA1D1526CF8AF1C5960E167FC4C877563A ] fwlanusb5 C:\Windows\system32\DRIVERS\fwlanusb5.sys
21:55:00.0637 0x1678 fwlanusb5 - ok
21:55:00.0665 0x1678 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:55:00.0676 0x1678 gagp30kx - ok
21:55:00.0715 0x1678 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
21:55:00.0763 0x1678 gpsvc - ok
21:55:00.0864 0x1678 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:55:00.0899 0x1678 gupdate - ok
21:55:00.0915 0x1678 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:55:00.0929 0x1678 gupdatem - ok
21:55:00.0954 0x1678 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:55:00.0970 0x1678 gusvc - ok
21:55:00.0995 0x1678 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:55:01.0008 0x1678 hcw85cir - ok
21:55:01.0047 0x1678 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:55:01.0084 0x1678 HDAudBus - ok
21:55:01.0096 0x1678 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:55:01.0109 0x1678 HidBatt - ok
21:55:01.0121 0x1678 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:55:01.0135 0x1678 HidBth - ok
21:55:01.0150 0x1678 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:55:01.0164 0x1678 HidIr - ok
21:55:01.0188 0x1678 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
21:55:01.0218 0x1678 hidserv - ok
21:55:01.0240 0x1678 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:55:01.0257 0x1678 HidUsb - ok
21:55:01.0281 0x1678 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:55:01.0311 0x1678 hkmsvc - ok
21:55:01.0332 0x1678 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:55:01.0360 0x1678 HomeGroupListener - ok
21:55:01.0386 0x1678 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:55:01.0401 0x1678 HomeGroupProvider - ok
21:55:01.0421 0x1678 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:55:01.0432 0x1678 HpSAMD - ok
21:55:01.0472 0x1678 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:55:01.0508 0x1678 HTTP - ok
21:55:01.0531 0x1678 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:55:01.0541 0x1678 hwpolicy - ok
21:55:01.0563 0x1678 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:55:01.0576 0x1678 i8042prt - ok
21:55:01.0617 0x1678 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:55:01.0638 0x1678 iaStorV - ok
21:55:01.0704 0x1678 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:55:01.0720 0x1678 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
21:55:06.0718 0x1678 Detect skipped due to KSN trusted
21:55:06.0719 0x1678 IDriverT - ok
21:55:06.0810 0x1678 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:55:06.0848 0x1678 idsvc - ok
21:55:06.0867 0x1678 IEEtwCollectorService - ok
21:55:06.0992 0x1678 [ 304EB246AA8035E25693BCFDC85B8C70, 6DD4B3454A491CA0BC028B1D2E390EB16331A0D0E39C9D19DAF8BA810D979ABB ] IhPul C:\Users\Florian\AppData\Roaming\TSv\TSvr.exe
21:55:07.0035 0x1678 IhPul - ok
21:55:07.0063 0x1678 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:55:07.0074 0x1678 iirsp - ok
21:55:07.0111 0x1678 [ 755519F49906B73C1FE9CBBF75E347EA, 20FF0D235478C693AB0708DF040EDA2ED8D4856EFCACD0A0ABD25E49330810FC ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
21:55:07.0140 0x1678 IJPLMSVC - ok
21:55:07.0190 0x1678 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
21:55:07.0224 0x1678 IKEEXT - ok
21:55:07.0349 0x1678 [ EE64207F2F5C20BFE5F73DB2566C4601, 760874FA661EC86B25802BFC03E238EA2DCBB5AFD3444AC5101A0C3AD4D7BED9 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:55:07.0409 0x1678 IntcAzAudAddService - ok
21:55:07.0439 0x1678 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
21:55:07.0449 0x1678 intelide - ok
21:55:07.0484 0x1678 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:55:07.0496 0x1678 intelppm - ok
21:55:07.0520 0x1678 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:55:07.0552 0x1678 IPBusEnum - ok
21:55:07.0572 0x1678 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:55:07.0601 0x1678 IpFilterDriver - ok
21:55:07.0630 0x1678 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:55:07.0655 0x1678 iphlpsvc - ok
21:55:07.0682 0x1678 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:55:07.0694 0x1678 IPMIDRV - ok
21:55:07.0706 0x1678 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:55:07.0737 0x1678 IPNAT - ok
21:55:07.0766 0x1678 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:55:07.0803 0x1678 IRENUM - ok
21:55:07.0826 0x1678 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:55:07.0843 0x1678 isapnp - ok
21:55:07.0869 0x1678 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:55:07.0893 0x1678 iScsiPrt - ok
21:55:07.0902 0x1678 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:55:07.0913 0x1678 kbdclass - ok
21:55:07.0940 0x1678 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:55:07.0951 0x1678 kbdhid - ok
21:55:07.0961 0x1678 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] KeyIso C:\Windows\system32\lsass.exe
21:55:07.0971 0x1678 KeyIso - ok
21:55:07.0991 0x1678 [ B6C2FA7F5E5BC1A488A57C6344D29D64, 857245D664CF9ED8121E2087D73F85DA3FED721484DDC6B51AF6A344EC29A27F ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:55:08.0004 0x1678 KSecDD - ok
21:55:08.0022 0x1678 [ FB4397DDCC732DB6A7B33B747C7EB708, AD8B9500AAE12C1507B982B74B86731BE75AFAC7F64538332A380AC43EDEC271 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:55:08.0035 0x1678 KSecPkg - ok
21:55:08.0053 0x1678 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:55:08.0082 0x1678 ksthunk - ok
21:55:08.0112 0x1678 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
21:55:08.0150 0x1678 KtmRm - ok
21:55:08.0173 0x1678 [ F2B22DE6E0C4553D80C502635B573CC0, B5A3FCD3DC4D7994D7B3E8C699672EF4963BED7BC3AEEF072BCA77AD0954E29F ] L8042Kbd C:\Windows\system32\DRIVERS\L8042Kbd.sys
21:55:08.0182 0x1678 L8042Kbd - ok
21:55:08.0212 0x1678 [ E78B48BA32E4F623CC8EBE80EAD9FA89, CD427D167059B377D01C574009CF6A2575B09A9C6C40C50C0AEA49208A33E40D ] L8042mou C:\Windows\system32\DRIVERS\L8042mou.Sys
21:55:08.0223 0x1678 L8042mou - ok
21:55:08.0269 0x1678 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
21:55:08.0303 0x1678 LanmanServer - ok
21:55:08.0329 0x1678 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:55:08.0361 0x1678 LanmanWorkstation - ok
21:55:08.0467 0x1678 [ 7447F069CE66633DAFA0B2DEEE7AF5BA, 9349A8BE5C08D178FBB55AF7BBF6801E7631A55DC8FA9FA6469E202D0C5B0CC4 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
21:55:08.0501 0x1678 LBTServ - ok
21:55:08.0528 0x1678 [ 0A7D6ED578D85F0C35353424EE3F5245, F1915D92519AB7146AAFD090DEDC6A98CFC19D8BD0960481B2397EFA5D53855C ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
21:55:08.0540 0x1678 LHidFilt - ok
21:55:08.0565 0x1678 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:55:08.0603 0x1678 lltdio - ok
21:55:08.0638 0x1678 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:55:08.0701 0x1678 lltdsvc - ok
21:55:08.0712 0x1678 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:55:08.0741 0x1678 lmhosts - ok
21:55:08.0768 0x1678 [ 6542E2E6DB58118FBB1B82A68CE3AFF9, DFA36382F45282FE1161819F7F2316BA2DDC7E705A2A031626C803092E861F5A ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
21:55:08.0778 0x1678 LMouFilt - ok
21:55:08.0801 0x1678 [ A4A7E16A35E895F46095644F54AA4EF8, E2CF5B13DCE7DD38CB938C6B19882878459CC2DEC30D606798C1849B3AE2029A ] LMouKE C:\Windows\system32\DRIVERS\LMouKE.Sys
21:55:08.0812 0x1678 LMouKE - ok
21:55:08.0838 0x1678 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:55:08.0851 0x1678 LSI_FC - ok
21:55:08.0864 0x1678 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:55:08.0876 0x1678 LSI_SAS - ok
21:55:08.0887 0x1678 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:55:08.0898 0x1678 LSI_SAS2 - ok
21:55:08.0908 0x1678 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:55:08.0920 0x1678 LSI_SCSI - ok
21:55:08.0932 0x1678 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
21:55:08.0963 0x1678 luafv - ok
21:55:08.0992 0x1678 [ DA3494DF01C62D821911ED91CE5E1642, 6656DFB1F932A5BFAE4D5673DD817B3F70A0FDD6023B3DE6F8FB512D9995C8F0 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
21:55:09.0002 0x1678 LUsbFilt - ok
21:55:09.0027 0x1678 [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
21:55:09.0036 0x1678 LVPr2M64 - ok
21:55:09.0042 0x1678 [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
21:55:09.0050 0x1678 LVPr2Mon - ok
21:55:09.0087 0x1678 [ A35679E56E78091E1042A2D7ADBF2958, F2282B697DCDD5767F65D99FEA374D3757C6133D42BD5A9C582C217619213290 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
21:55:09.0122 0x1678 LVPrcS64 - ok
21:55:09.0150 0x1678 [ A401CFF74982D8DF851F20307C806073, 1D7BA90C9E77FAAE59F60AB5310EC41D9C5B98F1F9A89A3CDB9169E6DEF565DA ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
21:55:09.0173 0x1678 LVRS64 - ok
21:55:09.0350 0x1678 [ 13384CB5F5813E65F31078D6ABFAAF38, A6E7374C15CAECC273197BF62F8F926BA30E9509270A8470756F4710E1DEA126 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
21:55:09.0482 0x1678 LVUVC64 - ok
21:55:09.0521 0x1678 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:55:09.0534 0x1678 Mcx2Svc - ok
21:55:09.0543 0x1678 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:55:09.0554 0x1678 megasas - ok
21:55:09.0583 0x1678 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:55:09.0600 0x1678 MegaSR - ok
21:55:09.0614 0x1678 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
21:55:09.0644 0x1678 MMCSS - ok
21:55:09.0659 0x1678 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
21:55:09.0688 0x1678 Modem - ok
21:55:09.0705 0x1678 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:55:09.0718 0x1678 monitor - ok
21:55:09.0750 0x1678 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:55:09.0761 0x1678 mouclass - ok
21:55:09.0771 0x1678 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:55:09.0782 0x1678 mouhid - ok
21:55:09.0807 0x1678 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:55:09.0819 0x1678 mountmgr - ok
21:55:09.0904 0x1678 [ 63282F5EB7E5BFB58FD1EC93C6ADB457, 25096C4AE319E854153C75DCEC0A67A63F6B05FDD0B49D4D373724B3BF55D665 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:55:09.0936 0x1678 MozillaMaintenance - ok
21:55:09.0955 0x1678 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
21:55:09.0972 0x1678 mpio - ok
21:55:09.0995 0x1678 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:55:10.0030 0x1678 mpsdrv - ok
21:55:10.0081 0x1678 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:55:10.0130 0x1678 MpsSvc - ok
21:55:10.0155 0x1678 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:55:10.0179 0x1678 MRxDAV - ok
21:55:10.0202 0x1678 [ ACEC16415275E1AD6F7983EF472810E3, E5017E157954F6C21AA66233FF2C1A6B1FF3E4685F26648A8A21F2B9718DD97C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:55:10.0230 0x1678 mrxsmb - ok
21:55:10.0252 0x1678 [ 0F276F2F2018296FABC7BD2BCCAAB40B, 378A36F7282EE9FFEC8A1D5783ECD0A428E0215B1774AAA166C5AA09B3C636F7 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:55:10.0269 0x1678 mrxsmb10 - ok
21:55:10.0284 0x1678 [ 1D4B7972375052F5B7877A6FD9BE33A0, B3FD235F6FE975F1869436ED1215913F0E8EB1123BB252FD221C35AB1121C3F5 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:55:10.0297 0x1678 mrxsmb20 - ok
21:55:10.0329 0x1678 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
21:55:10.0339 0x1678 msahci - ok
21:55:10.0365 0x1678 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:55:10.0378 0x1678 msdsm - ok
21:55:10.0388 0x1678 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
21:55:10.0403 0x1678 MSDTC - ok
21:55:10.0442 0x1678 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:55:10.0471 0x1678 Msfs - ok
21:55:10.0483 0x1678 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:55:10.0511 0x1678 mshidkmdf - ok
21:55:10.0528 0x1678 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:55:10.0538 0x1678 msisadrv - ok
21:55:10.0564 0x1678 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:55:10.0597 0x1678 MSiSCSI - ok
21:55:10.0601 0x1678 msiserver - ok
21:55:10.0620 0x1678 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:55:10.0648 0x1678 MSKSSRV - ok
21:55:10.0657 0x1678 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:55:10.0686 0x1678 MSPCLOCK - ok
21:55:10.0692 0x1678 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:55:10.0720 0x1678 MSPQM - ok
21:55:10.0755 0x1678 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:55:10.0774 0x1678 MsRPC - ok
21:55:10.0797 0x1678 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:55:10.0808 0x1678 mssmbios - ok
21:55:10.0830 0x1678 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:55:10.0858 0x1678 MSTEE - ok
21:55:10.0873 0x1678 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:55:10.0883 0x1678 MTConfig - ok
21:55:10.0896 0x1678 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
21:55:10.0907 0x1678 Mup - ok
21:55:10.0925 0x1678 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
21:55:10.0965 0x1678 napagent - ok
21:55:11.0003 0x1678 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:55:11.0024 0x1678 NativeWifiP - ok
21:55:11.0064 0x1678 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:55:11.0099 0x1678 NDIS - ok
21:55:11.0114 0x1678 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:55:11.0143 0x1678 NdisCap - ok
21:55:11.0171 0x1678 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:55:11.0199 0x1678 NdisTapi - ok
21:55:11.0226 0x1678 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:55:11.0254 0x1678 Ndisuio - ok
21:55:11.0282 0x1678 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:55:11.0313 0x1678 NdisWan - ok
21:55:11.0341 0x1678 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:55:11.0369 0x1678 NDProxy - ok
21:55:11.0495 0x1678 [ 7D2633295EB6FF2B938185874884059D, B3A4E52ABCB2E2720D8ADB0B68C222D4AB98E838D40B6A731D15EB1D6C9DEA15 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
21:55:11.0532 0x1678 Nero BackItUp Scheduler 4.0 - ok
21:55:11.0562 0x1678 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:55:11.0591 0x1678 NetBIOS - ok
21:55:11.0618 0x1678 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:55:11.0652 0x1678 NetBT - ok
21:55:11.0661 0x1678 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] Netlogon C:\Windows\system32\lsass.exe
21:55:11.0671 0x1678 Netlogon - ok
21:55:11.0703 0x1678 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
21:55:11.0741 0x1678 Netman - ok
21:55:11.0783 0x1678 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:55:11.0799 0x1678 NetMsmqActivator - ok
21:55:11.0805 0x1678 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:55:11.0820 0x1678 NetPipeActivator - ok
21:55:11.0856 0x1678 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
21:55:11.0896 0x1678 netprofm - ok
21:55:11.0911 0x1678 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:55:11.0926 0x1678 NetTcpActivator - ok
21:55:11.0932 0x1678 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:55:11.0947 0x1678 NetTcpPortSharing - ok
21:55:11.0973 0x1678 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:55:11.0984 0x1678 nfrd960 - ok
21:55:12.0009 0x1678 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
21:55:12.0034 0x1678 NlaSvc - ok
21:55:12.0063 0x1678 [ 907B5E1E4A592E5EDC5E4CCBDE4863C2, 7A3FA5B779CBBED46CA81328951B71352E4FC60153A91965877834EC7C6F0074 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
21:55:12.0092 0x1678 nmwcd - ok
21:55:12.0124 0x1678 [ 41C1AC1F3613435EB32D67BCB80A5FA5, 93A313BC4A7FA2FC3372CFBF2D76F417007B4A82455092724D3B0B6FA5A88F23 ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
21:55:12.0169 0x1678 nmwcdc - ok
21:55:12.0196 0x1678 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:55:12.0225 0x1678 Npfs - ok
21:55:12.0251 0x1678 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
21:55:12.0280 0x1678 nsi - ok
21:55:12.0289 0x1678 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:55:12.0317 0x1678 nsiproxy - ok
21:55:12.0415 0x1678 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:55:12.0469 0x1678 Ntfs - ok
21:55:12.0479 0x1678 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
21:55:12.0507 0x1678 Null - ok
21:55:12.0532 0x1678 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:55:12.0546 0x1678 nvraid - ok
21:55:12.0579 0x1678 [ E58D81FB8616D0CB55C1E36AA0B213C9, D83F78615889A466ADE2BFEF7AB357C0D31B7FA9A1A52668DED32A51FEFA87B5 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
21:55:12.0589 0x1678 nvsmu - ok
21:55:12.0611 0x1678 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:55:12.0625 0x1678 nvstor - ok
21:55:12.0642 0x1678 [ 1E45F96342429D63DC30E0D9117DA3D8, 3D6DB9514594377CACFD766F0153B8DCF51DDF4172864DAF589CB1EE480D2027 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
21:55:12.0655 0x1678 nvstor64 - ok
21:55:12.0683 0x1678 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:55:12.0696 0x1678 nv_agp - ok
21:55:12.0770 0x1678 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:55:12.0799 0x1678 odserv - ok
21:55:12.0816 0x1678 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:55:12.0828 0x1678 ohci1394 - ok
21:55:12.0852 0x1678 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:55:12.0864 0x1678 ose - ok
21:55:12.0900 0x1678 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:55:12.0947 0x1678 p2pimsvc - ok
21:55:12.0977 0x1678 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
21:55:13.0001 0x1678 p2psvc - ok
21:55:13.0046 0x1678 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:55:13.0080 0x1678 Parport - ok
21:55:13.0110 0x1678 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:55:13.0125 0x1678 partmgr - ok
21:55:13.0158 0x1678 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:55:13.0180 0x1678 PcaSvc - ok
21:55:13.0225 0x1678 [ BC0018C2D29F655188A0ED3FA94FDB24, BCF7F2CA5E30F569AEB69049BA3C196982C72EA7264CFBA59D7123041BA96E5A ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
21:55:13.0240 0x1678 pccsmcfd - ok
21:55:13.0253 0x1678 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
21:55:13.0268 0x1678 pci - ok
21:55:13.0317 0x1678 [ B0B1F1F117B9AA14ECE9DF979176520F, FA59D95935639AF910C07874B962D0B66E252C5BA66D5A387B87916EB9F0EEE6 ] PciDumpr C:\Program Files (x86)\Common Files\T-Com\DSLCheck\PciDumpr.sys
21:55:13.0326 0x1678 PciDumpr - detected UnsignedFile.Multi.Generic ( 1 )
21:55:17.0741 0x1678 Detect skipped due to KSN trusted
21:55:17.0741 0x1678 PciDumpr - ok
21:55:17.0765 0x1678 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
21:55:17.0792 0x1678 pciide - ok
21:55:17.0826 0x1678 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:55:17.0850 0x1678 pcmcia - ok
21:55:17.0859 0x1678 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
21:55:17.0870 0x1678 pcw - ok
21:55:17.0930 0x1678 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:55:17.0968 0x1678 PEAUTH - ok
21:55:18.0049 0x1678 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:55:18.0102 0x1678 PeerDistSvc - ok
21:55:18.0161 0x1678 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:55:18.0196 0x1678 PerfHost - ok
21:55:18.0280 0x1678 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
21:55:18.0344 0x1678 pla - ok
21:55:18.0389 0x1678 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:55:18.0416 0x1678 PlugPlay - ok
21:55:18.0427 0x1678 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:55:18.0438 0x1678 PNRPAutoReg - ok
21:55:18.0456 0x1678 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:55:18.0460 0x11e0 Object required for P2P: [ 63282F5EB7E5BFB58FD1EC93C6ADB457 ] MozillaMaintenance
21:55:18.0474 0x1678 PNRPsvc - ok
21:55:18.0538 0x1678 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:55:18.0585 0x1678 PolicyAgent - ok
21:55:18.0609 0x1678 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
21:55:18.0642 0x1678 Power - ok
21:55:18.0681 0x1678 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:55:18.0711 0x1678 PptpMiniport - ok
21:55:18.0731 0x1678 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:55:18.0743 0x1678 Processor - ok
21:55:18.0771 0x1678 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
21:55:18.0790 0x1678 ProfSvc - ok
21:55:18.0802 0x1678 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] ProtectedStorage C:\Windows\system32\lsass.exe
21:55:18.0813 0x1678 ProtectedStorage - ok
21:55:18.0840 0x1678 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:55:18.0871 0x1678 Psched - ok
21:55:18.0879 0x1678 qkseeService - ok
21:55:18.0931 0x1678 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:55:18.0981 0x1678 ql2300 - ok
21:55:18.0994 0x1678 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:55:19.0007 0x1678 ql40xx - ok
21:55:19.0033 0x1678 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
21:55:19.0053 0x1678 QWAVE - ok
21:55:19.0065 0x1678 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:55:19.0079 0x1678 QWAVEdrv - ok
21:55:19.0101 0x1678 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:55:19.0129 0x1678 RasAcd - ok
21:55:19.0162 0x1678 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:55:19.0192 0x1678 RasAgileVpn - ok
21:55:19.0209 0x1678 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
21:55:19.0241 0x1678 RasAuto - ok
21:55:19.0266 0x1678 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:55:19.0297 0x1678 Rasl2tp - ok
21:55:19.0320 0x1678 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
21:55:19.0357 0x1678 RasMan - ok
21:55:19.0371 0x1678 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:55:19.0401 0x1678 RasPppoe - ok
21:55:19.0426 0x1678 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:55:19.0457 0x1678 RasSstp - ok
21:55:19.0488 0x1678 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:55:19.0523 0x1678 rdbss - ok
21:55:19.0533 0x1678 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:55:19.0546 0x1678 rdpbus - ok
21:55:19.0556 0x1678 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:55:19.0585 0x1678 RDPCDD - ok
21:55:19.0611 0x1678 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:55:19.0625 0x1678 RDPDR - ok
21:55:19.0641 0x1678 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:55:19.0669 0x1678 RDPENCDD - ok
21:55:19.0681 0x1678 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:55:19.0710 0x1678 RDPREFMP - ok
21:55:19.0803 0x1678 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:55:19.0834 0x1678 RdpVideoMiniport - ok
21:55:19.0870 0x1678 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:55:19.0896 0x1678 RDPWD - ok
21:55:19.0929 0x1678 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:55:19.0944 0x1678 rdyboost - ok
21:55:19.0967 0x1678 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:55:19.0998 0x1678 RemoteAccess - ok
21:55:20.0022 0x1678 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:55:20.0055 0x1678 RemoteRegistry - ok
21:55:20.0065 0x1678 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:55:20.0095 0x1678 RpcEptMapper - ok
21:55:20.0103 0x1678 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
21:55:20.0114 0x1678 RpcLocator - ok
21:55:20.0155 0x1678 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
21:55:20.0176 0x1678 RpcSs - ok
21:55:20.0212 0x1678 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:55:20.0242 0x1678 rspndr - ok
21:55:20.0273 0x1678 [ B49DC435AE3695BAC5623DD94B05732D, D63160B09385ED31C2A479ADC5AFCA483906F38598874972025D680BDB45ECA0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:55:20.0299 0x1678 RTL8167 - ok
21:55:20.0324 0x1678 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:55:20.0340 0x1678 s3cap - ok
21:55:20.0352 0x1678 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] SamSs C:\Windows\system32\lsass.exe
21:55:20.0362 0x1678 SamSs - ok
21:55:20.0379 0x1678 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:55:20.0392 0x1678 sbp2port - ok
21:55:20.0420 0x1678 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:55:20.0454 0x1678 SCardSvr - ok
21:55:20.0477 0x1678 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:55:20.0505 0x1678 scfilter - ok
21:55:20.0555 0x1678 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
21:55:20.0603 0x1678 Schedule - ok
21:55:20.0631 0x1678 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:55:20.0660 0x1678 SCPolicySvc - ok
21:55:20.0675 0x1678 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:55:20.0698 0x1678 SDRSVC - ok
21:55:20.0720 0x1678 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:55:20.0741 0x1678 secdrv - ok
21:55:20.0769 0x1678 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
21:55:20.0785 0x1678 seclogon - ok
21:55:21.0056 0x11e0 Object send P2P result: true
21:55:21.0144 0x1678 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
21:55:21.0175 0x1678 SENS - ok
21:55:21.0186 0x1678 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:55:21.0207 0x1678 SensrSvc - ok
21:55:21.0233 0x1678 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:55:21.0257 0x1678 Serenum - ok
21:55:21.0277 0x1678 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:55:21.0297 0x1678 Serial - ok
21:55:21.0327 0x1678 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:55:21.0338 0x1678 sermouse - ok
21:55:21.0420 0x1678 [ 8C1F87F5FDD92229D1754B98F073913F, DF97A2B8C337E80998E93934CC616AD46A8853232AEB6EF456ABC5C174A3C301 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
21:55:21.0446 0x1678 ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
21:55:31.0543 0x1678 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
21:55:34.0715 0x1678 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
21:55:34.0756 0x1678 SessionEnv - ok
21:55:34.0777 0x1678 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:55:34.0791 0x1678 sffdisk - ok
21:55:34.0803 0x1678 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:55:34.0814 0x1678 sffp_mmc - ok
21:55:34.0828 0x1678 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:55:34.0841 0x1678 sffp_sd - ok
21:55:34.0861 0x1678 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:55:34.0871 0x1678 sfloppy - ok
21:55:34.0909 0x1678 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:55:34.0947 0x1678 SharedAccess - ok
21:55:34.0974 0x1678 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:55:35.0011 0x1678 ShellHWDetection - ok
21:55:35.0023 0x1678 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:55:35.0034 0x1678 SiSRaid2 - ok
21:55:35.0047 0x1678 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:55:35.0059 0x1678 SiSRaid4 - ok
21:55:35.0078 0x1678 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:55:35.0109 0x1678 Smb - ok
21:55:35.0139 0x1678 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:55:35.0150 0x1678 SNMPTRAP - ok
21:55:35.0176 0x1678 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
21:55:35.0186 0x1678 spldr - ok
21:55:35.0224 0x1678 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
21:55:35.0259 0x1678 Spooler - ok
21:55:35.0406 0x1678 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
21:55:35.0525 0x1678 sppsvc - ok
21:55:35.0555 0x1678 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:55:35.0586 0x1678 sppuinotify - ok
21:55:35.0621 0x1678 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:55:35.0648 0x1678 srv - ok
21:55:35.0670 0x1678 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:55:35.0690 0x1678 srv2 - ok
21:55:35.0709 0x1678 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:55:35.0722 0x1678 srvnet - ok
21:55:35.0740 0x1678 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:55:35.0774 0x1678 SSDPSRV - ok
21:55:35.0792 0x1678 [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
21:55:35.0802 0x1678 SSPORT - ok
21:55:35.0833 0x1678 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:55:35.0864 0x1678 SstpSvc - ok
21:55:35.0880 0x1678 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:55:35.0890 0x1678 stexstor - ok
21:55:35.0940 0x1678 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
21:55:35.0970 0x1678 stisvc - ok
21:55:35.0996 0x1678 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:55:36.0007 0x1678 storflt - ok
21:55:36.0026 0x1678 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
21:55:36.0040 0x1678 StorSvc - ok
21:55:36.0051 0x1678 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:55:36.0062 0x1678 storvsc - ok
21:55:36.0073 0x1678 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
21:55:36.0083 0x1678 swenum - ok
21:55:36.0120 0x1678 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
21:55:36.0163 0x1678 swprv - ok
21:55:36.0266 0x1678 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
21:55:36.0333 0x1678 SysMain - ok
21:55:36.0364 0x1678 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:55:36.0380 0x1678 TabletInputService - ok
21:55:36.0404 0x1678 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
21:55:36.0440 0x1678 TapiSrv - ok
21:55:36.0538 0x1678 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:55:36.0598 0x1678 Tcpip - ok
21:55:36.0647 0x1678 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:55:36.0699 0x1678 TCPIP6 - ok
21:55:36.0728 0x1678 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:55:36.0739 0x1678 tcpipreg - ok
21:55:36.0767 0x1678 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:55:36.0796 0x1678 TDPIPE - ok
21:55:36.0870 0x1678 [ 1226A953D4FDBDFD570DA5CEE66EAA55, 640922152493057519198A55373A82CD1C7DCF0C219F4ECE7D2C30363FFA1E86 ] TDslMgrService D:\Programme\DSL-Manager\DslMgrSvc.exe
21:55:36.0882 0x1678 TDslMgrService - detected UnsignedFile.Multi.Generic ( 1 )
21:55:40.0707 0x1678 Detect skipped due to KSN trusted
21:55:40.0707 0x1678 TDslMgrService - ok
21:55:40.0736 0x1678 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:55:40.0767 0x1678 TDTCP - ok
21:55:40.0795 0x1678 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:55:40.0812 0x1678 tdx - ok
21:55:41.0073 0x1678 [ 2AA61246A5B813C1B12BCCFAA6F23DD8, 74EE3DB839A0F4BC781294803281DB2248D013B8808FF05F2EE9597C14C6FEED ] TeamViewer D:\Programme\TeamViewer\TeamViewer_Service.exe
21:55:41.0231 0x1678 TeamViewer - ok
21:55:41.0277 0x1678 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
21:55:41.0309 0x1678 TermDD - ok
21:55:41.0356 0x1678 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
21:55:41.0391 0x1678 TermService - ok
21:55:41.0411 0x1678 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
21:55:41.0427 0x1678 Themes - ok
21:55:41.0445 0x1678 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
21:55:41.0475 0x1678 THREADORDER - ok
21:55:41.0544 0x1678 [ 0FE2FC59C0B9A3CA3EC2B18E1CCCF2DD, 26AE50F2263DDDE3C6678566E2B198966CE870DF4B254F2D655752F742F63C12 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
21:55:41.0576 0x1678 TomTomHOMEService - ok
21:55:41.0593 0x1678 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
21:55:41.0628 0x1678 TrkWks - ok
21:55:41.0676 0x1678 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:55:41.0729 0x1678 TrustedInstaller - ok
21:55:41.0760 0x1678 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:55:41.0771 0x1678 tssecsrv - ok
21:55:41.0812 0x1678 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:55:41.0830 0x1678 TsUsbFlt - ok
21:55:41.0931 0x1678 [ 2D6CE9EBBA184B84722C964A8DF46799, 7FFFCF97C0EB50F44EF2600B2EE2E2CA688C554FD696BCA6DB0A7F8A79EFFF76 ] TuneUp.Defrag C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
21:55:41.0963 0x1678 TuneUp.Defrag - ok
21:55:42.0049 0x1678 [ 48E96687AF5FD4A622466FE3BCD09E67, 937B120BEE12EC9C31353C8EEFB041FCF6EFD2D276D5DB7311402B9B78E28F72 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
21:55:42.0094 0x1678 TuneUp.UtilitiesSvc - ok
21:55:42.0118 0x1678 [ DCC94C51D27C7EC0DADECA8F64C94FCF, 90C978C2284C9BDE3EFA1124616D824E0C361C388293FA22DBC8C3B70C920574 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
21:55:42.0127 0x1678 TuneUpUtilitiesDrv - ok
21:55:42.0166 0x1678 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:55:42.0196 0x1678 tunnel - ok
21:55:42.0221 0x1678 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:55:42.0232 0x1678 uagp35 - ok
21:55:42.0268 0x1678 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:55:42.0303 0x1678 udfs - ok
21:55:42.0331 0x1678 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:55:42.0344 0x1678 UI0Detect - ok
21:55:42.0357 0x1678 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:55:42.0368 0x1678 uliagpkx - ok
21:55:42.0403 0x1678 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
21:55:42.0415 0x1678 umbus - ok
21:55:42.0428 0x1678 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:55:42.0438 0x1678 UmPass - ok
21:55:42.0458 0x1678 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
21:55:42.0474 0x1678 UmRdpService - ok
21:55:42.0500 0x1678 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
21:55:42.0538 0x1678 upnphost - ok
21:55:42.0571 0x1678 [ 4E93C8496359E97830C75AC36393654D, D0482257B019512D77484D92E4DEFEFE4FED53CB440ACB7AA879D6FD0574FA9A ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
21:55:42.0591 0x1678 upperdev - ok
21:55:42.0620 0x1678 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:55:42.0639 0x1678 usbaudio - ok
21:55:42.0664 0x1678 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:55:42.0676 0x1678 usbccgp - ok
21:55:42.0700 0x1678 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:55:42.0722 0x1678 usbcir - ok
21:55:42.0734 0x1678 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:55:42.0745 0x1678 usbehci - ok
21:55:42.0773 0x1678 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:55:42.0792 0x1678 usbhub - ok
21:55:42.0799 0x1678 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:55:42.0809 0x1678 usbohci - ok
21:55:42.0826 0x1678 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:55:42.0839 0x1678 usbprint - ok
21:55:42.0866 0x1678 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
21:55:42.0886 0x1678 usbscan - ok
21:55:42.0903 0x1678 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\drivers\usbser.sys
21:55:42.0917 0x1678 usbser - ok
21:55:42.0938 0x1678 [ 8844CB19A37B65E27049D4A7786726A9, 4D772174A320F02E2F87BDF8C6EBBFDE04C9763D3C21FE9557DE938521508A59 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
21:55:42.0958 0x1678 UsbserFilt - ok
21:55:42.0982 0x1678 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
21:55:42.0998 0x1678 USBSTOR - ok
21:55:43.0027 0x1678 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:55:43.0037 0x1678 usbuhci - ok
21:55:43.0064 0x1678 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:55:43.0078 0x1678 usbvideo - ok
21:55:43.0099 0x1678 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
21:55:43.0128 0x1678 UxSms - ok
21:55:43.0163 0x1678 [ 0FC48F15FF31DD1EEB85A7A4FD6FD043, 043C2123CBD489F4A2039A81181693E659BD69C852A381BEF118E5D995F7A946 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
21:55:43.0172 0x1678 UxTuneUp - ok
21:55:43.0185 0x1678 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] VaultSvc C:\Windows\system32\lsass.exe
21:55:43.0195 0x1678 VaultSvc - ok
21:55:43.0210 0x1678 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:55:43.0221 0x1678 vdrvroot - ok
21:55:43.0252 0x1678 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
21:55:43.0294 0x1678 vds - ok
21:55:43.0313 0x1678 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:55:43.0326 0x1678 vga - ok
21:55:43.0331 0x1678 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:55:43.0359 0x1678 VgaSave - ok
21:55:43.0381 0x1678 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:55:43.0397 0x1678 vhdmp - ok
21:55:43.0420 0x1678 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
21:55:43.0430 0x1678 viaide - ok
21:55:43.0449 0x1678 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:55:43.0464 0x1678 vmbus - ok
21:55:43.0479 0x1678 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:55:43.0489 0x1678 VMBusHID - ok
21:55:43.0503 0x1678 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:55:43.0515 0x1678 volmgr - ok
21:55:43.0543 0x1678 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:55:43.0563 0x1678 volmgrx - ok
21:55:43.0585 0x1678 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:55:43.0602 0x1678 volsnap - ok
21:55:43.0623 0x1678 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:55:43.0637 0x1678 vsmraid - ok
21:55:43.0702 0x1678 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
21:55:43.0772 0x1678 VSS - ok
21:55:43.0784 0x1678 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:55:43.0797 0x1678 vwifibus - ok
21:55:43.0827 0x1678 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:55:43.0842 0x1678 vwififlt - ok
21:55:43.0883 0x1678 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
21:55:43.0922 0x1678 W32Time - ok
21:55:43.0935 0x1678 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:55:43.0946 0x1678 WacomPen - ok
21:55:43.0975 0x1678 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:55:44.0004 0x1678 WANARP - ok
21:55:44.0009 0x1678 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:55:44.0037 0x1678 Wanarpv6 - ok
21:55:44.0107 0x1678 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:55:44.0158 0x1678 WatAdminSvc - ok
21:55:44.0217 0x1678 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
21:55:44.0275 0x1678 wbengine - ok
21:55:44.0311 0x1678 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:55:44.0330 0x1678 WbioSrvc - ok
21:55:44.0363 0x1678 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:55:44.0387 0x1678 wcncsvc - ok
21:55:44.0396 0x1678 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:55:44.0407 0x1678 WcsPlugInService - ok
21:55:44.0436 0x1678 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:55:44.0446 0x1678 Wd - ok
21:55:44.0492 0x1678 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:55:44.0525 0x1678 Wdf01000 - ok
21:55:44.0545 0x1678 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:55:44.0566 0x1678 WdiServiceHost - ok
21:55:44.0571 0x1678 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:55:44.0584 0x1678 WdiSystemHost - ok
21:55:44.0626 0x1678 WdMan - ok
21:55:44.0648 0x1678 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
21:55:44.0672 0x1678 WebClient - ok
21:55:44.0699 0x1678 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:55:44.0735 0x1678 Wecsvc - ok
21:55:44.0751 0x1678 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:55:44.0782 0x1678 wercplsupport - ok
21:55:44.0796 0x1678 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
21:55:44.0834 0x1678 WerSvc - ok
21:55:44.0866 0x1678 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:55:44.0895 0x1678 WfpLwf - ok
21:55:44.0904 0x1678 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:55:44.0914 0x1678 WIMMount - ok
21:55:44.0939 0x1678 WinDefend - ok
21:55:44.0953 0x1678 WinHttpAutoProxySvc - ok
21:55:44.0994 0x1678 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:55:45.0028 0x1678 Winmgmt - ok
21:55:45.0109 0x1678 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
21:55:45.0182 0x1678 WinRM - ok
21:55:45.0230 0x1678 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
21:55:45.0243 0x1678 WinUsb - ok
21:55:45.0288 0x1678 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:55:45.0322 0x1678 Wlansvc - ok
21:55:45.0345 0x1678 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:55:45.0367 0x1678 WmiAcpi - ok
21:55:45.0394 0x1678 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:55:45.0410 0x1678 wmiApSrv - ok
21:55:45.0436 0x1678 WMPNetworkSvc - ok
21:55:45.0551 0x1678 [ 495284CF894336E9512ED7C9ACB3548E, 55D05E94B96F67C50662C4695267CB18994112D086CAED2E493469C7F133F2BE ] WOTUpdater C:\Users\Florian\AppData\LocalLow\WOT\IE\WOTUpdater.exe
21:55:45.0567 0x1678 WOTUpdater - detected UnsignedFile.Multi.Generic ( 1 )
21:55:54.0381 0x1678 Detect skipped due to KSN trusted
21:55:54.0382 0x1678 WOTUpdater - ok
21:55:54.0406 0x1678 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:55:54.0420 0x1678 WPCSvc - ok
21:55:54.0447 0x1678 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:55:54.0465 0x1678 WPDBusEnum - ok
21:55:54.0494 0x1678 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:55:54.0523 0x1678 ws2ifsl - ok
21:55:54.0537 0x1678 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
21:55:54.0553 0x1678 wscsvc - ok
21:55:54.0557 0x1678 WSearch - ok
21:55:54.0681 0x1678 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
21:55:54.0756 0x1678 wuauserv - ok
21:55:54.0783 0x1678 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:55:54.0800 0x1678 WudfPf - ok
21:55:54.0824 0x1678 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:55:54.0838 0x1678 WUDFRd - ok
21:55:54.0848 0x1678 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:55:54.0860 0x1678 wudfsvc - ok
21:55:54.0889 0x1678 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:55:54.0917 0x1678 WwanSvc - ok
21:55:54.0934 0x1678 ================ Scan global ===============================
21:55:54.0961 0x1678 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
21:55:54.0985 0x1678 [ 841BF993597DCD498247684B5D3AE845, B80FDDE2F36F7DC9BCE253FFE0148C918DC3DD4357F37761B364DE7B887239EA ] C:\Windows\system32\winsrv.dll
21:55:54.0998 0x1678 [ 841BF993597DCD498247684B5D3AE845, B80FDDE2F36F7DC9BCE253FFE0148C918DC3DD4357F37761B364DE7B887239EA ] C:\Windows\system32\winsrv.dll
21:55:55.0023 0x1678 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:55:55.0072 0x1678 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
21:55:55.0088 0x1678 [ Global ] - ok
21:55:55.0088 0x1678 ================ Scan MBR ==================================
21:55:55.0097 0x1678 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:55:55.0401 0x1678 \Device\Harddisk0\DR0 - ok
21:55:55.0404 0x1678 ================ Scan VBR ==================================
21:55:55.0425 0x1678 [ 61FCAA32FAE9DB380BAEA9444AAB20D4 ] \Device\Harddisk0\DR0\Partition1
21:55:55.0490 0x1678 \Device\Harddisk0\DR0\Partition1 - ok
21:55:55.0506 0x1678 [ E3E5A808C463D0A55C6B7228ACF8A29F ] \Device\Harddisk0\DR0\Partition2
21:55:55.0547 0x1678 \Device\Harddisk0\DR0\Partition2 - ok
21:55:55.0566 0x1678 [ 1F10FAEF5E6F85087F1EF77FDF23D506 ] \Device\Harddisk0\DR0\Partition3
21:55:55.0568 0x1678 \Device\Harddisk0\DR0\Partition3 - ok
21:55:55.0589 0x1678 [ 653EAE94600EF7885E13B8A44A825A4B ] \Device\Harddisk0\DR0\Partition4
21:55:55.0591 0x1678 \Device\Harddisk0\DR0\Partition4 - ok
21:55:55.0591 0x1678 ================ Scan generic autorun ======================
21:55:55.0903 0x1678 [ 08E5D3F98F80E5B7A2E965DFD42C4D21, EC4CE007E5B082CCC071B0C71CF6A5B9B479D794E90ECD93CA613ADDF8A6CB09 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:55:56.0116 0x1678 RtHDVCpl - ok
21:55:56.0242 0x1678 [ 9E5C525E4DC341980D1697C814BE3E43, 8696919240BBF644F0B9948878B4C7F948C53817D8EF15032841024348D8E859 ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
21:55:56.0291 0x1678 EvtMgr6 - ok
21:55:56.0332 0x1678 [ BDBC72B396A524BCEF23F0DB4870C4F8, E44C8E182FF61DBADB4F0BF3DB2D7B46A3EB8324108E56381CA3BA327CA322E3 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
21:55:56.0339 0x1678 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
21:56:03.0705 0x1678 Detect skipped due to KSN trusted
21:56:03.0705 0x1678 StartCCC - ok
21:56:03.0706 0x1678 Waiting for KSN requests completion. In queue: 11
21:56:04.0706 0x1678 Waiting for KSN requests completion. In queue: 11
21:56:05.0706 0x1678 Waiting for KSN requests completion. In queue: 11
21:56:06.0727 0x1678 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.16.273 ), 0x41000 ( enabled : updated )
21:56:06.0732 0x1678 Win FW state via NFP2: enabled ( trusted )
21:56:09.0178 0x1678 ============================================================
21:56:09.0178 0x1678 Scan finished
21:56:09.0178 0x1678 ============================================================
21:56:09.0201 0x1788 Detected object count: 1
21:56:09.0201 0x1788 Actual detected object count: 1
21:56:42.0253 0x1788 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:42.0253 0x1788 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
15.04.2016, 21:00
| #5 |
| | TDSS KillerCode:
ATTFilter 21:54:08.0434 0x0ed0 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
21:54:12.0611 0x0ed0 ============================================================
21:54:12.0611 0x0ed0 Current date / time: 2016/04/15 21:54:12.0611
21:54:12.0611 0x0ed0 SystemInfo:
21:54:12.0611 0x0ed0
21:54:12.0611 0x0ed0 OS Version: 6.1.7601 ServicePack: 1.0
21:54:12.0611 0x0ed0 Product type: Workstation
21:54:12.0612 0x0ed0 ComputerName: FLORIAN-PC
21:54:12.0612 0x0ed0 UserName: Florian
21:54:12.0612 0x0ed0 Windows directory: C:\Windows
21:54:12.0612 0x0ed0 System windows directory: C:\Windows
21:54:12.0612 0x0ed0 Running under WOW64
21:54:12.0612 0x0ed0 Processor architecture: Intel x64
21:54:12.0612 0x0ed0 Number of processors: 4
21:54:12.0612 0x0ed0 Page size: 0x1000
21:54:12.0612 0x0ed0 Boot type: Normal boot
21:54:12.0612 0x0ed0 ============================================================
21:54:16.0082 0x0ed0 KLMD registered as C:\Windows\system32\drivers\05360176.sys
21:54:16.0326 0x0ed0 System UUID: {D68389A8-64DE-8436-DEB4-9C7DF45E0366}
21:54:16.0709 0x0ed0 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:54:16.0725 0x0ed0 ============================================================
21:54:16.0725 0x0ed0 \Device\Harddisk0\DR0:
21:54:16.0725 0x0ed0 MBR partitions:
21:54:16.0725 0x0ed0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:54:16.0725 0x0ed0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x30D0E000
21:54:16.0725 0x0ed0 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x30D40800, BlocksNum 0x20F58000
21:54:16.0725 0x0ed0 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x51C98800, BlocksNum 0x22A6D800
21:54:16.0725 0x0ed0 ============================================================
21:54:16.0745 0x0ed0 C: <-> \Device\Harddisk0\DR0\Partition2
21:54:16.0776 0x0ed0 D: <-> \Device\Harddisk0\DR0\Partition3
21:54:16.0810 0x0ed0 E: <-> \Device\Harddisk0\DR0\Partition4
21:54:16.0811 0x0ed0 ============================================================
21:54:16.0811 0x0ed0 Initialize success
21:54:16.0811 0x0ed0 ============================================================
21:54:26.0526 0x1678 ============================================================
21:54:26.0526 0x1678 Scan started
21:54:26.0526 0x1678 Mode: Manual; SigCheck; TDLFS;
21:54:26.0526 0x1678 ============================================================
21:54:26.0527 0x1678 KSN ping started
21:54:44.0683 0x1678 KSN ping finished: true
21:54:45.0446 0x1678 ================ Scan system memory ========================
21:54:45.0446 0x1678 System memory - ok
21:54:45.0447 0x1678 ================ Scan services =============================
21:54:45.0601 0x1678 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:54:45.0649 0x1678 1394ohci - ok
21:54:45.0675 0x1678 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:54:45.0692 0x1678 ACPI - ok
21:54:45.0703 0x1678 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:54:45.0715 0x1678 AcpiPmi - ok
21:54:45.0802 0x1678 [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:54:45.0838 0x1678 AdobeARMservice - ok
21:54:45.0951 0x1678 [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:54:45.0978 0x1678 AdobeFlashPlayerUpdateSvc - ok
21:54:46.0052 0x1678 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:54:46.0083 0x1678 adp94xx - ok
21:54:46.0113 0x1678 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:54:46.0130 0x1678 adpahci - ok
21:54:46.0141 0x1678 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:54:46.0154 0x1678 adpu320 - ok
21:54:46.0186 0x1678 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:54:46.0197 0x1678 AeLookupSvc - ok
21:54:46.0263 0x1678 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
21:54:46.0298 0x1678 AFD - ok
21:54:46.0333 0x1678 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
21:54:46.0344 0x1678 agp440 - ok
21:54:46.0368 0x1678 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
21:54:46.0381 0x1678 ALG - ok
21:54:46.0414 0x1678 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
21:54:46.0423 0x1678 aliide - ok
21:54:46.0464 0x1678 [ 0D3E12216D6F956F05B0B555D53D7ABB, B640E50E96E709B2413A71A72ECAF7A7420F27FF1264E335187342D75EDF3700 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:54:46.0480 0x1678 AMD External Events Utility - ok
21:54:46.0499 0x1678 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
21:54:46.0509 0x1678 amdide - ok
21:54:46.0533 0x1678 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:54:46.0544 0x1678 AmdK8 - ok
21:54:46.0554 0x1678 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:54:46.0565 0x1678 AmdPPM - ok
21:54:46.0591 0x1678 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:54:46.0603 0x1678 amdsata - ok
21:54:46.0626 0x1678 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:54:46.0640 0x1678 amdsbs - ok
21:54:46.0653 0x1678 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:54:46.0663 0x1678 amdxata - ok
21:54:46.0804 0x1678 [ 37CD9EB03B36D8329F96BA921470DB54, 0CD3BFBA51F84D83E3B208D2BED7CE8E91B447B2037014663EC7CB8E5A925201 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
21:54:46.0846 0x1678 AntiVirMailService - ok
21:54:46.0919 0x1678 [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:54:46.0944 0x1678 AntiVirSchedulerService - ok
21:54:47.0010 0x1678 [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:54:47.0041 0x1678 AntiVirService - ok
21:54:47.0108 0x1678 [ 1F5CC3C23E10290A3FF9CAA74AA30D07, A4F1F3465A5E0A914EE5A4FEF4A6B639956BA04B7145EF68820BC2A15DEE4162 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
21:54:47.0151 0x1678 AntiVirWebService - ok
21:54:47.0190 0x1678 [ A9FB80B0BBA6F765F4E691B7AD4963A7, 06BC740AF47ACECEE3707C433357F872EA0D9F2CA1B9FC2489FA3B421A262EF0 ] AppID C:\Windows\system32\drivers\appid.sys
21:54:47.0222 0x1678 AppID - ok
21:54:47.0234 0x1678 [ C47B6624AF9AEE4146743DCB133A159D, 10D1E6C9F972C3A8CC304F38B0A52818A78D70B4AF71F6E22CE1773397FC2AB4 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:54:47.0250 0x1678 AppIDSvc - ok
21:54:47.0275 0x1678 [ 046E837786271237A76C50F7CE1F5BC6, 10EFAEC9BCEF241B3046DFECA7659E137DF42C975E50B35D841024D44A58BB98 ] Appinfo C:\Windows\System32\appinfo.dll
21:54:47.0286 0x1678 Appinfo - ok
21:54:47.0321 0x1678 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
21:54:47.0335 0x1678 AppMgmt - ok
21:54:47.0381 0x1678 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
21:54:47.0408 0x1678 arc - ok
21:54:47.0426 0x1678 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:54:47.0445 0x1678 arcsas - ok
21:54:47.0529 0x1678 [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:54:47.0575 0x1678 aspnet_state - ok
21:54:47.0609 0x1678 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:54:47.0643 0x1678 AsyncMac - ok
21:54:47.0662 0x1678 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
21:54:47.0672 0x1678 atapi - ok
21:54:47.0706 0x1678 [ 506934DF94E3197F4A1BBE8FBEAB0CCD, 678E16DED6767565DFA03397AA49061029351863904712DAED1862F4A606B41B ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
21:54:47.0718 0x1678 AtiHdmiService - ok
21:54:47.0929 0x1678 [ 79CEB8D4F25CABE69F3762C90F5B06B8, 6E34F1F44A851097EA292FA864AB275226850F92B9C259DC5B89E089223CC15B ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:54:48.0076 0x1678 atikmdag - ok
21:54:48.0154 0x1678 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:54:48.0187 0x1678 AudioEndpointBuilder - ok
21:54:48.0211 0x1678 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:54:48.0235 0x1678 AudioSrv - ok
21:54:48.0283 0x1678 [ 742D578C28F6F58B8B576F91A1D8EB4E, 6C49EC198E67CE40728F0C19CB2BDCB59310BA59324F58E4D456DA2C8CC28BA6 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:54:48.0297 0x1678 avgntflt - ok
21:54:48.0325 0x1678 [ FBC2483AD62FBC8BD76A4254C50874BA, 04398AB0221535DD5D0A1AF6CA107F815CD607E668E2E7887D061FCED7373728 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:54:48.0338 0x1678 avipbb - ok
21:54:48.0383 0x1678 [ 98BB62ABFD17F284C3C5DE40F8266F3C, CD08C737BE9FC32FF98252FCFFCAE779EC6FAB76BF80F0835ACE71F1E155D70D ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
21:54:48.0400 0x1678 Avira.ServiceHost - ok
21:54:48.0443 0x1678 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:54:48.0453 0x1678 avkmgr - ok
21:54:48.0468 0x1678 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
21:54:48.0478 0x1678 avmeject - ok
21:54:48.0492 0x1678 [ 60DDD914D878D04B5B0B1179B67E214D, 56007A7FECAEF7B61F348B67DC11EF27632593462CE3B5166A7B6F02D29BAB4C ] AVMUNET C:\Windows\system32\DRIVERS\avmunet.sys
21:54:48.0496 0x1678 AVMUNET - detected UnsignedFile.Multi.Generic ( 1 )
21:54:49.0983 0x03c8 Object required for P2P: [ 37CD9EB03B36D8329F96BA921470DB54 ] AntiVirMailService
21:54:55.0986 0x1a0c Object required for P2P: [ 98BB62ABFD17F284C3C5DE40F8266F3C ] Avira.ServiceHost
21:54:55.0986 0x1678 Detect skipped due to KSN trusted
21:54:55.0986 0x1678 AVMUNET - ok
21:54:56.0043 0x1678 [ 7FDC860B34BDFFDFCE98622F81F24FA9, 3EF774A7F2EB741633611400161B6D4F642F9357BF6E957E14E70D1645BE6466 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
21:54:56.0073 0x03c8 Object send P2P result: true
21:54:56.0073 0x1678 avnetflt - ok
21:54:56.0117 0x1678 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:54:56.0145 0x1678 AxInstSV - ok
21:54:56.0200 0x1678 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:54:56.0243 0x1678 b06bdrv - ok
21:54:56.0266 0x1678 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:54:56.0283 0x1678 b57nd60a - ok
21:54:56.0325 0x1678 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
21:54:56.0344 0x1678 BDESVC - ok
21:54:56.0353 0x1678 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
21:54:56.0382 0x1678 Beep - ok
21:54:56.0442 0x1678 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
21:54:56.0472 0x1678 BFE - ok
21:54:56.0507 0x1678 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
21:54:56.0558 0x1678 BITS - ok
21:54:56.0590 0x1678 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:54:56.0601 0x1678 blbdrive - ok
21:54:56.0628 0x1678 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:54:56.0651 0x1678 bowser - ok
21:54:56.0664 0x1678 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:54:56.0677 0x1678 BrFiltLo - ok
21:54:56.0684 0x1678 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:54:56.0696 0x1678 BrFiltUp - ok
21:54:56.0719 0x1678 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
21:54:56.0750 0x1678 BridgeMP - ok
21:54:56.0777 0x1678 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
21:54:56.0799 0x1678 Browser - ok
21:54:56.0842 0x1678 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:54:56.0912 0x1678 Brserid - ok
21:54:56.0922 0x1678 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:54:56.0939 0x1678 BrSerWdm - ok
21:54:56.0952 0x1678 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:54:56.0964 0x1678 BrUsbMdm - ok
21:54:56.0971 0x1678 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:54:56.0981 0x1678 BrUsbSer - ok
21:54:57.0068 0x1678 [ 9A873075063B4B9E77E75835158AB60F, DD7A73E0A8117FE9A93F81A32B2FA5D52E0D7D467946D45B188E2DDB1B0E4725 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
21:54:57.0104 0x1678 BstHdAndroidSvc - ok
21:54:57.0156 0x1678 [ D867CC47E487C119F35CF0573B384EBF, 25939FAA0187DA3A0CCB30DE52E91E89C38102B2EDA78826FF0F3395AF0435A5 ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
21:54:57.0182 0x1678 BstHdDrv - ok
21:54:57.0217 0x1678 [ 120A276B3A78BEDEB39E1925405A201D, 7D054B2AB000791D3B9DEB153EE5456FB781CD0FD211973EEED0879749C070FA ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
21:54:57.0240 0x1678 BstHdLogRotatorSvc - ok
21:54:57.0252 0x1678 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:54:57.0266 0x1678 BTHMODEM - ok
21:54:57.0299 0x1678 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
21:54:57.0330 0x1678 bthserv - ok
21:54:57.0358 0x1678 BugreportW - ok
21:54:57.0374 0x1678 catchme - ok
21:54:57.0411 0x1678 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:54:57.0456 0x1678 cdfs - ok
21:54:57.0485 0x1678 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:54:57.0499 0x1678 cdrom - ok
21:54:57.0532 0x1678 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
21:54:57.0561 0x1678 CertPropSvc - ok
21:54:57.0576 0x1678 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:54:57.0589 0x1678 circlass - ok
21:54:57.0623 0x1678 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
21:54:57.0642 0x1678 CLFS - ok
21:54:57.0690 0x1678 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:54:57.0722 0x1678 clr_optimization_v2.0.50727_32 - ok
21:54:57.0737 0x1678 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:54:57.0752 0x1678 clr_optimization_v2.0.50727_64 - ok
21:54:57.0809 0x1678 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:54:57.0828 0x1678 clr_optimization_v4.0.30319_32 - ok
21:54:57.0842 0x1678 [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:54:57.0857 0x1678 clr_optimization_v4.0.30319_64 - ok
21:54:57.0882 0x1678 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:54:57.0893 0x1678 CmBatt - ok
21:54:57.0911 0x1678 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:54:57.0921 0x1678 cmdide - ok
21:54:57.0958 0x1678 [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG C:\Windows\system32\Drivers\cng.sys
21:54:57.0985 0x1678 CNG - ok
21:54:58.0010 0x1678 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:54:58.0020 0x1678 Compbatt - ok
21:54:58.0059 0x1678 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:54:58.0072 0x1678 CompositeBus - ok
21:54:58.0083 0x1678 COMSysApp - ok
21:54:58.0095 0x1678 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:54:58.0105 0x1678 crcdisk - ok
21:54:58.0135 0x1678 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:54:58.0156 0x1678 CryptSvc - ok
21:54:58.0190 0x1678 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
21:54:58.0224 0x1678 CSC - ok
21:54:58.0256 0x1678 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
21:54:58.0284 0x1678 CscService - ok
21:54:58.0331 0x1678 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
21:54:58.0360 0x1678 DcomLaunch - ok
21:54:58.0385 0x1678 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
21:54:58.0421 0x1678 defragsvc - ok
21:54:58.0445 0x1678 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:54:58.0475 0x1678 DfsC - ok
21:54:58.0503 0x1678 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:54:58.0529 0x1678 Dhcp - ok
21:54:58.0553 0x1678 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
21:54:58.0582 0x1678 discache - ok
21:54:58.0596 0x1a0c Object send P2P result: true
21:54:58.0613 0x1678 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
21:54:58.0625 0x1678 Disk - ok
21:54:58.0657 0x1678 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:54:58.0682 0x1678 Dnscache - ok
21:54:58.0713 0x1678 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
21:54:58.0747 0x1678 dot3svc - ok
21:54:58.0775 0x1678 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
21:54:58.0807 0x1678 DPS - ok
21:54:58.0839 0x1678 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:54:58.0858 0x1678 drmkaud - ok
21:54:58.0886 0x1678 [ D52EEB224DF107AAD9059597F0EB95CC, 40BE0E795CE981AB287FE93C509ED7FB11519B9A5173C7AC67D1EFB3E766859D ] DslMNLwf C:\Windows\system32\DRIVERS\dslmnlwf.sys
21:54:58.0895 0x1678 DslMNLwf - ok
21:54:58.0943 0x1678 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:54:58.0978 0x1678 DXGKrnl - ok
21:54:59.0020 0x1678 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
21:54:59.0076 0x1678 EapHost - ok
21:54:59.0181 0x1678 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:54:59.0276 0x1678 ebdrv - ok
21:54:59.0303 0x1678 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] EFS C:\Windows\System32\lsass.exe
21:54:59.0314 0x1678 EFS - ok
21:54:59.0372 0x1678 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:54:59.0400 0x1678 ehRecvr - ok
21:54:59.0433 0x1678 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
21:54:59.0464 0x1678 ehSched - ok
21:54:59.0514 0x1678 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:54:59.0543 0x1678 elxstor - ok
21:54:59.0564 0x1678 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:54:59.0574 0x1678 ErrDev - ok
21:54:59.0621 0x1678 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
21:54:59.0660 0x1678 EventSystem - ok
21:54:59.0680 0x1678 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
21:54:59.0714 0x1678 exfat - ok
21:54:59.0728 0x1678 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:54:59.0762 0x1678 fastfat - ok
21:54:59.0805 0x1678 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
21:54:59.0838 0x1678 Fax - ok
21:54:59.0856 0x1678 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:54:59.0867 0x1678 fdc - ok
21:54:59.0903 0x1678 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
21:54:59.0958 0x1678 fdPHost - ok
21:54:59.0972 0x1678 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
21:55:00.0001 0x1678 FDResPub - ok
21:55:00.0039 0x1678 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:55:00.0067 0x1678 FileInfo - ok
21:55:00.0074 0x1678 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:55:00.0108 0x1678 Filetrace - ok
21:55:00.0119 0x1678 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:55:00.0129 0x1678 flpydisk - ok
21:55:00.0159 0x1678 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:55:00.0176 0x1678 FltMgr - ok
21:55:00.0278 0x1678 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
21:55:00.0332 0x1678 FontCache - ok
21:55:00.0385 0x1678 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:55:00.0411 0x1678 FontCache3.0.0.0 - ok
21:55:00.0440 0x1678 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:55:00.0455 0x1678 FsDepends - ok
21:55:00.0471 0x1678 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:55:00.0484 0x1678 Fs_Rec - ok
21:55:00.0521 0x1678 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:55:00.0543 0x1678 fvevol - ok
21:55:00.0594 0x1678 [ 8A3DB33B2FA1D0CAF7A70256E00EB996, 13F51EEB0088A8891620388843A8C3BA1D1526CF8AF1C5960E167FC4C877563A ] fwlanusb5 C:\Windows\system32\DRIVERS\fwlanusb5.sys
21:55:00.0637 0x1678 fwlanusb5 - ok
21:55:00.0665 0x1678 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:55:00.0676 0x1678 gagp30kx - ok
21:55:00.0715 0x1678 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
21:55:00.0763 0x1678 gpsvc - ok
21:55:00.0864 0x1678 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:55:00.0899 0x1678 gupdate - ok
21:55:00.0915 0x1678 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:55:00.0929 0x1678 gupdatem - ok
21:55:00.0954 0x1678 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:55:00.0970 0x1678 gusvc - ok
21:55:00.0995 0x1678 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:55:01.0008 0x1678 hcw85cir - ok
21:55:01.0047 0x1678 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:55:01.0084 0x1678 HDAudBus - ok
21:55:01.0096 0x1678 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:55:01.0109 0x1678 HidBatt - ok
21:55:01.0121 0x1678 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:55:01.0135 0x1678 HidBth - ok
21:55:01.0150 0x1678 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:55:01.0164 0x1678 HidIr - ok
21:55:01.0188 0x1678 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
21:55:01.0218 0x1678 hidserv - ok
21:55:01.0240 0x1678 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:55:01.0257 0x1678 HidUsb - ok
21:55:01.0281 0x1678 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:55:01.0311 0x1678 hkmsvc - ok
21:55:01.0332 0x1678 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:55:01.0360 0x1678 HomeGroupListener - ok
21:55:01.0386 0x1678 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:55:01.0401 0x1678 HomeGroupProvider - ok
21:55:01.0421 0x1678 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:55:01.0432 0x1678 HpSAMD - ok
21:55:01.0472 0x1678 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:55:01.0508 0x1678 HTTP - ok
21:55:01.0531 0x1678 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:55:01.0541 0x1678 hwpolicy - ok
21:55:01.0563 0x1678 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:55:01.0576 0x1678 i8042prt - ok
21:55:01.0617 0x1678 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:55:01.0638 0x1678 iaStorV - ok
21:55:01.0704 0x1678 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:55:01.0720 0x1678 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
21:55:06.0718 0x1678 Detect skipped due to KSN trusted
21:55:06.0719 0x1678 IDriverT - ok
21:55:06.0810 0x1678 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:55:06.0848 0x1678 idsvc - ok
21:55:06.0867 0x1678 IEEtwCollectorService - ok
21:55:06.0992 0x1678 [ 304EB246AA8035E25693BCFDC85B8C70, 6DD4B3454A491CA0BC028B1D2E390EB16331A0D0E39C9D19DAF8BA810D979ABB ] IhPul C:\Users\Florian\AppData\Roaming\TSv\TSvr.exe
21:55:07.0035 0x1678 IhPul - ok
21:55:07.0063 0x1678 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:55:07.0074 0x1678 iirsp - ok
21:55:07.0111 0x1678 [ 755519F49906B73C1FE9CBBF75E347EA, 20FF0D235478C693AB0708DF040EDA2ED8D4856EFCACD0A0ABD25E49330810FC ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
21:55:07.0140 0x1678 IJPLMSVC - ok
21:55:07.0190 0x1678 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
21:55:07.0224 0x1678 IKEEXT - ok
21:55:07.0349 0x1678 [ EE64207F2F5C20BFE5F73DB2566C4601, 760874FA661EC86B25802BFC03E238EA2DCBB5AFD3444AC5101A0C3AD4D7BED9 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:55:07.0409 0x1678 IntcAzAudAddService - ok
21:55:07.0439 0x1678 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
21:55:07.0449 0x1678 intelide - ok
21:55:07.0484 0x1678 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:55:07.0496 0x1678 intelppm - ok
21:55:07.0520 0x1678 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:55:07.0552 0x1678 IPBusEnum - ok
21:55:07.0572 0x1678 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:55:07.0601 0x1678 IpFilterDriver - ok
21:55:07.0630 0x1678 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:55:07.0655 0x1678 iphlpsvc - ok
21:55:07.0682 0x1678 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:55:07.0694 0x1678 IPMIDRV - ok
21:55:07.0706 0x1678 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:55:07.0737 0x1678 IPNAT - ok
21:55:07.0766 0x1678 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:55:07.0803 0x1678 IRENUM - ok
21:55:07.0826 0x1678 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:55:07.0843 0x1678 isapnp - ok
21:55:07.0869 0x1678 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:55:07.0893 0x1678 iScsiPrt - ok
21:55:07.0902 0x1678 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:55:07.0913 0x1678 kbdclass - ok
21:55:07.0940 0x1678 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:55:07.0951 0x1678 kbdhid - ok
21:55:07.0961 0x1678 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] KeyIso C:\Windows\system32\lsass.exe
21:55:07.0971 0x1678 KeyIso - ok
21:55:07.0991 0x1678 [ B6C2FA7F5E5BC1A488A57C6344D29D64, 857245D664CF9ED8121E2087D73F85DA3FED721484DDC6B51AF6A344EC29A27F ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:55:08.0004 0x1678 KSecDD - ok
21:55:08.0022 0x1678 [ FB4397DDCC732DB6A7B33B747C7EB708, AD8B9500AAE12C1507B982B74B86731BE75AFAC7F64538332A380AC43EDEC271 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:55:08.0035 0x1678 KSecPkg - ok
21:55:08.0053 0x1678 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:55:08.0082 0x1678 ksthunk - ok
21:55:08.0112 0x1678 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
21:55:08.0150 0x1678 KtmRm - ok
21:55:08.0173 0x1678 [ F2B22DE6E0C4553D80C502635B573CC0, B5A3FCD3DC4D7994D7B3E8C699672EF4963BED7BC3AEEF072BCA77AD0954E29F ] L8042Kbd C:\Windows\system32\DRIVERS\L8042Kbd.sys
21:55:08.0182 0x1678 L8042Kbd - ok
21:55:08.0212 0x1678 [ E78B48BA32E4F623CC8EBE80EAD9FA89, CD427D167059B377D01C574009CF6A2575B09A9C6C40C50C0AEA49208A33E40D ] L8042mou C:\Windows\system32\DRIVERS\L8042mou.Sys
21:55:08.0223 0x1678 L8042mou - ok
21:55:08.0269 0x1678 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
21:55:08.0303 0x1678 LanmanServer - ok
21:55:08.0329 0x1678 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:55:08.0361 0x1678 LanmanWorkstation - ok
21:55:08.0467 0x1678 [ 7447F069CE66633DAFA0B2DEEE7AF5BA, 9349A8BE5C08D178FBB55AF7BBF6801E7631A55DC8FA9FA6469E202D0C5B0CC4 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
21:55:08.0501 0x1678 LBTServ - ok
21:55:08.0528 0x1678 [ 0A7D6ED578D85F0C35353424EE3F5245, F1915D92519AB7146AAFD090DEDC6A98CFC19D8BD0960481B2397EFA5D53855C ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
21:55:08.0540 0x1678 LHidFilt - ok
21:55:08.0565 0x1678 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:55:08.0603 0x1678 lltdio - ok
21:55:08.0638 0x1678 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:55:08.0701 0x1678 lltdsvc - ok
21:55:08.0712 0x1678 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:55:08.0741 0x1678 lmhosts - ok
21:55:08.0768 0x1678 [ 6542E2E6DB58118FBB1B82A68CE3AFF9, DFA36382F45282FE1161819F7F2316BA2DDC7E705A2A031626C803092E861F5A ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
21:55:08.0778 0x1678 LMouFilt - ok
21:55:08.0801 0x1678 [ A4A7E16A35E895F46095644F54AA4EF8, E2CF5B13DCE7DD38CB938C6B19882878459CC2DEC30D606798C1849B3AE2029A ] LMouKE C:\Windows\system32\DRIVERS\LMouKE.Sys
21:55:08.0812 0x1678 LMouKE - ok
21:55:08.0838 0x1678 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:55:08.0851 0x1678 LSI_FC - ok
21:55:08.0864 0x1678 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:55:08.0876 0x1678 LSI_SAS - ok
21:55:08.0887 0x1678 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:55:08.0898 0x1678 LSI_SAS2 - ok
21:55:08.0908 0x1678 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:55:08.0920 0x1678 LSI_SCSI - ok
21:55:08.0932 0x1678 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
21:55:08.0963 0x1678 luafv - ok
21:55:08.0992 0x1678 [ DA3494DF01C62D821911ED91CE5E1642, 6656DFB1F932A5BFAE4D5673DD817B3F70A0FDD6023B3DE6F8FB512D9995C8F0 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
21:55:09.0002 0x1678 LUsbFilt - ok
21:55:09.0027 0x1678 [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
21:55:09.0036 0x1678 LVPr2M64 - ok
21:55:09.0042 0x1678 [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
21:55:09.0050 0x1678 LVPr2Mon - ok
21:55:09.0087 0x1678 [ A35679E56E78091E1042A2D7ADBF2958, F2282B697DCDD5767F65D99FEA374D3757C6133D42BD5A9C582C217619213290 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
21:55:09.0122 0x1678 LVPrcS64 - ok
21:55:09.0150 0x1678 [ A401CFF74982D8DF851F20307C806073, 1D7BA90C9E77FAAE59F60AB5310EC41D9C5B98F1F9A89A3CDB9169E6DEF565DA ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
21:55:09.0173 0x1678 LVRS64 - ok
21:55:09.0350 0x1678 [ 13384CB5F5813E65F31078D6ABFAAF38, A6E7374C15CAECC273197BF62F8F926BA30E9509270A8470756F4710E1DEA126 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
21:55:09.0482 0x1678 LVUVC64 - ok
21:55:09.0521 0x1678 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:55:09.0534 0x1678 Mcx2Svc - ok
21:55:09.0543 0x1678 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:55:09.0554 0x1678 megasas - ok
21:55:09.0583 0x1678 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:55:09.0600 0x1678 MegaSR - ok
21:55:09.0614 0x1678 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
21:55:09.0644 0x1678 MMCSS - ok
21:55:09.0659 0x1678 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
21:55:09.0688 0x1678 Modem - ok
21:55:09.0705 0x1678 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:55:09.0718 0x1678 monitor - ok
21:55:09.0750 0x1678 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:55:09.0761 0x1678 mouclass - ok
21:55:09.0771 0x1678 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:55:09.0782 0x1678 mouhid - ok
21:55:09.0807 0x1678 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:55:09.0819 0x1678 mountmgr - ok
21:55:09.0904 0x1678 [ 63282F5EB7E5BFB58FD1EC93C6ADB457, 25096C4AE319E854153C75DCEC0A67A63F6B05FDD0B49D4D373724B3BF55D665 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:55:09.0936 0x1678 MozillaMaintenance - ok
21:55:09.0955 0x1678 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
21:55:09.0972 0x1678 mpio - ok
21:55:09.0995 0x1678 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:55:10.0030 0x1678 mpsdrv - ok
21:55:10.0081 0x1678 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:55:10.0130 0x1678 MpsSvc - ok
21:55:10.0155 0x1678 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:55:10.0179 0x1678 MRxDAV - ok
21:55:10.0202 0x1678 [ ACEC16415275E1AD6F7983EF472810E3, E5017E157954F6C21AA66233FF2C1A6B1FF3E4685F26648A8A21F2B9718DD97C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:55:10.0230 0x1678 mrxsmb - ok
21:55:10.0252 0x1678 [ 0F276F2F2018296FABC7BD2BCCAAB40B, 378A36F7282EE9FFEC8A1D5783ECD0A428E0215B1774AAA166C5AA09B3C636F7 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:55:10.0269 0x1678 mrxsmb10 - ok
21:55:10.0284 0x1678 [ 1D4B7972375052F5B7877A6FD9BE33A0, B3FD235F6FE975F1869436ED1215913F0E8EB1123BB252FD221C35AB1121C3F5 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:55:10.0297 0x1678 mrxsmb20 - ok
21:55:10.0329 0x1678 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
21:55:10.0339 0x1678 msahci - ok
21:55:10.0365 0x1678 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:55:10.0378 0x1678 msdsm - ok
21:55:10.0388 0x1678 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
21:55:10.0403 0x1678 MSDTC - ok
21:55:10.0442 0x1678 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:55:10.0471 0x1678 Msfs - ok
21:55:10.0483 0x1678 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:55:10.0511 0x1678 mshidkmdf - ok
21:55:10.0528 0x1678 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:55:10.0538 0x1678 msisadrv - ok
21:55:10.0564 0x1678 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:55:10.0597 0x1678 MSiSCSI - ok
21:55:10.0601 0x1678 msiserver - ok
21:55:10.0620 0x1678 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:55:10.0648 0x1678 MSKSSRV - ok
21:55:10.0657 0x1678 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:55:10.0686 0x1678 MSPCLOCK - ok
21:55:10.0692 0x1678 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:55:10.0720 0x1678 MSPQM - ok
21:55:10.0755 0x1678 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:55:10.0774 0x1678 MsRPC - ok
21:55:10.0797 0x1678 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:55:10.0808 0x1678 mssmbios - ok
21:55:10.0830 0x1678 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:55:10.0858 0x1678 MSTEE - ok
21:55:10.0873 0x1678 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:55:10.0883 0x1678 MTConfig - ok
21:55:10.0896 0x1678 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
21:55:10.0907 0x1678 Mup - ok
21:55:10.0925 0x1678 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
21:55:10.0965 0x1678 napagent - ok
21:55:11.0003 0x1678 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:55:11.0024 0x1678 NativeWifiP - ok
21:55:11.0064 0x1678 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:55:11.0099 0x1678 NDIS - ok
21:55:11.0114 0x1678 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:55:11.0143 0x1678 NdisCap - ok
21:55:11.0171 0x1678 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:55:11.0199 0x1678 NdisTapi - ok
21:55:11.0226 0x1678 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:55:11.0254 0x1678 Ndisuio - ok
21:55:11.0282 0x1678 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:55:11.0313 0x1678 NdisWan - ok
21:55:11.0341 0x1678 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:55:11.0369 0x1678 NDProxy - ok
21:55:11.0495 0x1678 [ 7D2633295EB6FF2B938185874884059D, B3A4E52ABCB2E2720D8ADB0B68C222D4AB98E838D40B6A731D15EB1D6C9DEA15 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
21:55:11.0532 0x1678 Nero BackItUp Scheduler 4.0 - ok
21:55:11.0562 0x1678 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:55:11.0591 0x1678 NetBIOS - ok
21:55:11.0618 0x1678 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:55:11.0652 0x1678 NetBT - ok
21:55:11.0661 0x1678 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] Netlogon C:\Windows\system32\lsass.exe
21:55:11.0671 0x1678 Netlogon - ok
21:55:11.0703 0x1678 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
21:55:11.0741 0x1678 Netman - ok
21:55:11.0783 0x1678 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:55:11.0799 0x1678 NetMsmqActivator - ok
21:55:11.0805 0x1678 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:55:11.0820 0x1678 NetPipeActivator - ok
21:55:11.0856 0x1678 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
21:55:11.0896 0x1678 netprofm - ok
21:55:11.0911 0x1678 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:55:11.0926 0x1678 NetTcpActivator - ok
21:55:11.0932 0x1678 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:55:11.0947 0x1678 NetTcpPortSharing - ok
21:55:11.0973 0x1678 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:55:11.0984 0x1678 nfrd960 - ok
21:55:12.0009 0x1678 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
21:55:12.0034 0x1678 NlaSvc - ok
21:55:12.0063 0x1678 [ 907B5E1E4A592E5EDC5E4CCBDE4863C2, 7A3FA5B779CBBED46CA81328951B71352E4FC60153A91965877834EC7C6F0074 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
21:55:12.0092 0x1678 nmwcd - ok
21:55:12.0124 0x1678 [ 41C1AC1F3613435EB32D67BCB80A5FA5, 93A313BC4A7FA2FC3372CFBF2D76F417007B4A82455092724D3B0B6FA5A88F23 ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
21:55:12.0169 0x1678 nmwcdc - ok
21:55:12.0196 0x1678 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:55:12.0225 0x1678 Npfs - ok
21:55:12.0251 0x1678 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
21:55:12.0280 0x1678 nsi - ok
21:55:12.0289 0x1678 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:55:12.0317 0x1678 nsiproxy - ok
21:55:12.0415 0x1678 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:55:12.0469 0x1678 Ntfs - ok
21:55:12.0479 0x1678 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
21:55:12.0507 0x1678 Null - ok
21:55:12.0532 0x1678 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:55:12.0546 0x1678 nvraid - ok
21:55:12.0579 0x1678 [ E58D81FB8616D0CB55C1E36AA0B213C9, D83F78615889A466ADE2BFEF7AB357C0D31B7FA9A1A52668DED32A51FEFA87B5 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
21:55:12.0589 0x1678 nvsmu - ok
21:55:12.0611 0x1678 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:55:12.0625 0x1678 nvstor - ok
21:55:12.0642 0x1678 [ 1E45F96342429D63DC30E0D9117DA3D8, 3D6DB9514594377CACFD766F0153B8DCF51DDF4172864DAF589CB1EE480D2027 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
21:55:12.0655 0x1678 nvstor64 - ok
21:55:12.0683 0x1678 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:55:12.0696 0x1678 nv_agp - ok
21:55:12.0770 0x1678 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:55:12.0799 0x1678 odserv - ok
21:55:12.0816 0x1678 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:55:12.0828 0x1678 ohci1394 - ok
21:55:12.0852 0x1678 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:55:12.0864 0x1678 ose - ok
21:55:12.0900 0x1678 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:55:12.0947 0x1678 p2pimsvc - ok
21:55:12.0977 0x1678 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
21:55:13.0001 0x1678 p2psvc - ok
21:55:13.0046 0x1678 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:55:13.0080 0x1678 Parport - ok
21:55:13.0110 0x1678 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:55:13.0125 0x1678 partmgr - ok
21:55:13.0158 0x1678 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:55:13.0180 0x1678 PcaSvc - ok
21:55:13.0225 0x1678 [ BC0018C2D29F655188A0ED3FA94FDB24, BCF7F2CA5E30F569AEB69049BA3C196982C72EA7264CFBA59D7123041BA96E5A ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
21:55:13.0240 0x1678 pccsmcfd - ok
21:55:13.0253 0x1678 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
21:55:13.0268 0x1678 pci - ok
21:55:13.0317 0x1678 [ B0B1F1F117B9AA14ECE9DF979176520F, FA59D95935639AF910C07874B962D0B66E252C5BA66D5A387B87916EB9F0EEE6 ] PciDumpr C:\Program Files (x86)\Common Files\T-Com\DSLCheck\PciDumpr.sys
21:55:13.0326 0x1678 PciDumpr - detected UnsignedFile.Multi.Generic ( 1 )
21:55:17.0741 0x1678 Detect skipped due to KSN trusted
21:55:17.0741 0x1678 PciDumpr - ok
21:55:17.0765 0x1678 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
21:55:17.0792 0x1678 pciide - ok
21:55:17.0826 0x1678 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:55:17.0850 0x1678 pcmcia - ok
21:55:17.0859 0x1678 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
21:55:17.0870 0x1678 pcw - ok
21:55:17.0930 0x1678 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:55:17.0968 0x1678 PEAUTH - ok
21:55:18.0049 0x1678 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:55:18.0102 0x1678 PeerDistSvc - ok
21:55:18.0161 0x1678 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:55:18.0196 0x1678 PerfHost - ok
21:55:18.0280 0x1678 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
21:55:18.0344 0x1678 pla - ok
21:55:18.0389 0x1678 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:55:18.0416 0x1678 PlugPlay - ok
21:55:18.0427 0x1678 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:55:18.0438 0x1678 PNRPAutoReg - ok
21:55:18.0456 0x1678 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:55:18.0460 0x11e0 Object required for P2P: [ 63282F5EB7E5BFB58FD1EC93C6ADB457 ] MozillaMaintenance
21:55:18.0474 0x1678 PNRPsvc - ok
21:55:18.0538 0x1678 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:55:18.0585 0x1678 PolicyAgent - ok
21:55:18.0609 0x1678 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
21:55:18.0642 0x1678 Power - ok
21:55:18.0681 0x1678 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:55:18.0711 0x1678 PptpMiniport - ok
21:55:18.0731 0x1678 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:55:18.0743 0x1678 Processor - ok
21:55:18.0771 0x1678 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
21:55:18.0790 0x1678 ProfSvc - ok
21:55:18.0802 0x1678 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] ProtectedStorage C:\Windows\system32\lsass.exe
21:55:18.0813 0x1678 ProtectedStorage - ok
21:55:18.0840 0x1678 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:55:18.0871 0x1678 Psched - ok
21:55:18.0879 0x1678 qkseeService - ok
21:55:18.0931 0x1678 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:55:18.0981 0x1678 ql2300 - ok
21:55:18.0994 0x1678 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:55:19.0007 0x1678 ql40xx - ok
21:55:19.0033 0x1678 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
21:55:19.0053 0x1678 QWAVE - ok
21:55:19.0065 0x1678 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:55:19.0079 0x1678 QWAVEdrv - ok
21:55:19.0101 0x1678 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:55:19.0129 0x1678 RasAcd - ok
21:55:19.0162 0x1678 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:55:19.0192 0x1678 RasAgileVpn - ok
21:55:19.0209 0x1678 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
21:55:19.0241 0x1678 RasAuto - ok
21:55:19.0266 0x1678 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:55:19.0297 0x1678 Rasl2tp - ok
21:55:19.0320 0x1678 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
21:55:19.0357 0x1678 RasMan - ok
21:55:19.0371 0x1678 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:55:19.0401 0x1678 RasPppoe - ok
21:55:19.0426 0x1678 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:55:19.0457 0x1678 RasSstp - ok
21:55:19.0488 0x1678 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:55:19.0523 0x1678 rdbss - ok
21:55:19.0533 0x1678 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:55:19.0546 0x1678 rdpbus - ok
21:55:19.0556 0x1678 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:55:19.0585 0x1678 RDPCDD - ok
21:55:19.0611 0x1678 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:55:19.0625 0x1678 RDPDR - ok
21:55:19.0641 0x1678 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:55:19.0669 0x1678 RDPENCDD - ok
21:55:19.0681 0x1678 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:55:19.0710 0x1678 RDPREFMP - ok
21:55:19.0803 0x1678 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:55:19.0834 0x1678 RdpVideoMiniport - ok
21:55:19.0870 0x1678 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:55:19.0896 0x1678 RDPWD - ok
21:55:19.0929 0x1678 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:55:19.0944 0x1678 rdyboost - ok
21:55:19.0967 0x1678 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:55:19.0998 0x1678 RemoteAccess - ok
21:55:20.0022 0x1678 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:55:20.0055 0x1678 RemoteRegistry - ok
21:55:20.0065 0x1678 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:55:20.0095 0x1678 RpcEptMapper - ok
21:55:20.0103 0x1678 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
21:55:20.0114 0x1678 RpcLocator - ok
21:55:20.0155 0x1678 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
21:55:20.0176 0x1678 RpcSs - ok
21:55:20.0212 0x1678 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:55:20.0242 0x1678 rspndr - ok
21:55:20.0273 0x1678 [ B49DC435AE3695BAC5623DD94B05732D, D63160B09385ED31C2A479ADC5AFCA483906F38598874972025D680BDB45ECA0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:55:20.0299 0x1678 RTL8167 - ok
21:55:20.0324 0x1678 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:55:20.0340 0x1678 s3cap - ok
21:55:20.0352 0x1678 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] SamSs C:\Windows\system32\lsass.exe
21:55:20.0362 0x1678 SamSs - ok
21:55:20.0379 0x1678 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:55:20.0392 0x1678 sbp2port - ok
21:55:20.0420 0x1678 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:55:20.0454 0x1678 SCardSvr - ok
21:55:20.0477 0x1678 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:55:20.0505 0x1678 scfilter - ok
21:55:20.0555 0x1678 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
21:55:20.0603 0x1678 Schedule - ok
21:55:20.0631 0x1678 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:55:20.0660 0x1678 SCPolicySvc - ok
21:55:20.0675 0x1678 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:55:20.0698 0x1678 SDRSVC - ok
21:55:20.0720 0x1678 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:55:20.0741 0x1678 secdrv - ok
21:55:20.0769 0x1678 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
21:55:20.0785 0x1678 seclogon - ok
21:55:21.0056 0x11e0 Object send P2P result: true
21:55:21.0144 0x1678 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
21:55:21.0175 0x1678 SENS - ok
21:55:21.0186 0x1678 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:55:21.0207 0x1678 SensrSvc - ok
21:55:21.0233 0x1678 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:55:21.0257 0x1678 Serenum - ok
21:55:21.0277 0x1678 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:55:21.0297 0x1678 Serial - ok
21:55:21.0327 0x1678 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:55:21.0338 0x1678 sermouse - ok
21:55:21.0420 0x1678 [ 8C1F87F5FDD92229D1754B98F073913F, DF97A2B8C337E80998E93934CC616AD46A8853232AEB6EF456ABC5C174A3C301 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
21:55:21.0446 0x1678 ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
21:55:31.0543 0x1678 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
21:55:34.0715 0x1678 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
21:55:34.0756 0x1678 SessionEnv - ok
21:55:34.0777 0x1678 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:55:34.0791 0x1678 sffdisk - ok
21:55:34.0803 0x1678 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:55:34.0814 0x1678 sffp_mmc - ok
21:55:34.0828 0x1678 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:55:34.0841 0x1678 sffp_sd - ok
21:55:34.0861 0x1678 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:55:34.0871 0x1678 sfloppy - ok
21:55:34.0909 0x1678 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:55:34.0947 0x1678 SharedAccess - ok
21:55:34.0974 0x1678 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:55:35.0011 0x1678 ShellHWDetection - ok
21:55:35.0023 0x1678 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:55:35.0034 0x1678 SiSRaid2 - ok
21:55:35.0047 0x1678 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:55:35.0059 0x1678 SiSRaid4 - ok
21:55:35.0078 0x1678 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:55:35.0109 0x1678 Smb - ok
21:55:35.0139 0x1678 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:55:35.0150 0x1678 SNMPTRAP - ok
21:55:35.0176 0x1678 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
21:55:35.0186 0x1678 spldr - ok
21:55:35.0224 0x1678 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
21:55:35.0259 0x1678 Spooler - ok
21:55:35.0406 0x1678 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
21:55:35.0525 0x1678 sppsvc - ok
21:55:35.0555 0x1678 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:55:35.0586 0x1678 sppuinotify - ok
21:55:35.0621 0x1678 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:55:35.0648 0x1678 srv - ok
21:55:35.0670 0x1678 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:55:35.0690 0x1678 srv2 - ok
21:55:35.0709 0x1678 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:55:35.0722 0x1678 srvnet - ok
21:55:35.0740 0x1678 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:55:35.0774 0x1678 SSDPSRV - ok
21:55:35.0792 0x1678 [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
21:55:35.0802 0x1678 SSPORT - ok
21:55:35.0833 0x1678 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:55:35.0864 0x1678 SstpSvc - ok
21:55:35.0880 0x1678 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:55:35.0890 0x1678 stexstor - ok
21:55:35.0940 0x1678 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
21:55:35.0970 0x1678 stisvc - ok
21:55:35.0996 0x1678 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:55:36.0007 0x1678 storflt - ok
21:55:36.0026 0x1678 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
21:55:36.0040 0x1678 StorSvc - ok
21:55:36.0051 0x1678 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:55:36.0062 0x1678 storvsc - ok
21:55:36.0073 0x1678 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
21:55:36.0083 0x1678 swenum - ok
21:55:36.0120 0x1678 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
21:55:36.0163 0x1678 swprv - ok
21:55:36.0266 0x1678 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
21:55:36.0333 0x1678 SysMain - ok
21:55:36.0364 0x1678 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:55:36.0380 0x1678 TabletInputService - ok
21:55:36.0404 0x1678 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
21:55:36.0440 0x1678 TapiSrv - ok
21:55:36.0538 0x1678 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:55:36.0598 0x1678 Tcpip - ok
21:55:36.0647 0x1678 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:55:36.0699 0x1678 TCPIP6 - ok
21:55:36.0728 0x1678 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:55:36.0739 0x1678 tcpipreg - ok
21:55:36.0767 0x1678 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:55:36.0796 0x1678 TDPIPE - ok
21:55:36.0870 0x1678 [ 1226A953D4FDBDFD570DA5CEE66EAA55, 640922152493057519198A55373A82CD1C7DCF0C219F4ECE7D2C30363FFA1E86 ] TDslMgrService D:\Programme\DSL-Manager\DslMgrSvc.exe
21:55:36.0882 0x1678 TDslMgrService - detected UnsignedFile.Multi.Generic ( 1 )
21:55:40.0707 0x1678 Detect skipped due to KSN trusted
21:55:40.0707 0x1678 TDslMgrService - ok
21:55:40.0736 0x1678 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:55:40.0767 0x1678 TDTCP - ok
21:55:40.0795 0x1678 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:55:40.0812 0x1678 tdx - ok
21:55:41.0073 0x1678 [ 2AA61246A5B813C1B12BCCFAA6F23DD8, 74EE3DB839A0F4BC781294803281DB2248D013B8808FF05F2EE9597C14C6FEED ] TeamViewer D:\Programme\TeamViewer\TeamViewer_Service.exe
21:55:41.0231 0x1678 TeamViewer - ok
21:55:41.0277 0x1678 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
21:55:41.0309 0x1678 TermDD - ok
21:55:41.0356 0x1678 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
21:55:41.0391 0x1678 TermService - ok
21:55:41.0411 0x1678 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
21:55:41.0427 0x1678 Themes - ok
21:55:41.0445 0x1678 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
21:55:41.0475 0x1678 THREADORDER - ok
21:55:41.0544 0x1678 [ 0FE2FC59C0B9A3CA3EC2B18E1CCCF2DD, 26AE50F2263DDDE3C6678566E2B198966CE870DF4B254F2D655752F742F63C12 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
21:55:41.0576 0x1678 TomTomHOMEService - ok
21:55:41.0593 0x1678 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
21:55:41.0628 0x1678 TrkWks - ok
21:55:41.0676 0x1678 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:55:41.0729 0x1678 TrustedInstaller - ok
21:55:41.0760 0x1678 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:55:41.0771 0x1678 tssecsrv - ok
21:55:41.0812 0x1678 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:55:41.0830 0x1678 TsUsbFlt - ok
21:55:41.0931 0x1678 [ 2D6CE9EBBA184B84722C964A8DF46799, 7FFFCF97C0EB50F44EF2600B2EE2E2CA688C554FD696BCA6DB0A7F8A79EFFF76 ] TuneUp.Defrag C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
21:55:41.0963 0x1678 TuneUp.Defrag - ok
21:55:42.0049 0x1678 [ 48E96687AF5FD4A622466FE3BCD09E67, 937B120BEE12EC9C31353C8EEFB041FCF6EFD2D276D5DB7311402B9B78E28F72 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
21:55:42.0094 0x1678 TuneUp.UtilitiesSvc - ok
21:55:42.0118 0x1678 [ DCC94C51D27C7EC0DADECA8F64C94FCF, 90C978C2284C9BDE3EFA1124616D824E0C361C388293FA22DBC8C3B70C920574 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
21:55:42.0127 0x1678 TuneUpUtilitiesDrv - ok
21:55:42.0166 0x1678 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:55:42.0196 0x1678 tunnel - ok
21:55:42.0221 0x1678 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:55:42.0232 0x1678 uagp35 - ok
21:55:42.0268 0x1678 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:55:42.0303 0x1678 udfs - ok
21:55:42.0331 0x1678 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:55:42.0344 0x1678 UI0Detect - ok
21:55:42.0357 0x1678 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:55:42.0368 0x1678 uliagpkx - ok
21:55:42.0403 0x1678 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
21:55:42.0415 0x1678 umbus - ok
21:55:42.0428 0x1678 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:55:42.0438 0x1678 UmPass - ok
21:55:42.0458 0x1678 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
21:55:42.0474 0x1678 UmRdpService - ok
21:55:42.0500 0x1678 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
21:55:42.0538 0x1678 upnphost - ok
21:55:42.0571 0x1678 [ 4E93C8496359E97830C75AC36393654D, D0482257B019512D77484D92E4DEFEFE4FED53CB440ACB7AA879D6FD0574FA9A ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
21:55:42.0591 0x1678 upperdev - ok
21:55:42.0620 0x1678 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:55:42.0639 0x1678 usbaudio - ok
21:55:42.0664 0x1678 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:55:42.0676 0x1678 usbccgp - ok
21:55:42.0700 0x1678 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:55:42.0722 0x1678 usbcir - ok
21:55:42.0734 0x1678 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:55:42.0745 0x1678 usbehci - ok
21:55:42.0773 0x1678 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:55:42.0792 0x1678 usbhub - ok
21:55:42.0799 0x1678 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:55:42.0809 0x1678 usbohci - ok
21:55:42.0826 0x1678 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:55:42.0839 0x1678 usbprint - ok
21:55:42.0866 0x1678 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
21:55:42.0886 0x1678 usbscan - ok
21:55:42.0903 0x1678 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\drivers\usbser.sys
21:55:42.0917 0x1678 usbser - ok
21:55:42.0938 0x1678 [ 8844CB19A37B65E27049D4A7786726A9, 4D772174A320F02E2F87BDF8C6EBBFDE04C9763D3C21FE9557DE938521508A59 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
21:55:42.0958 0x1678 UsbserFilt - ok
21:55:42.0982 0x1678 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
21:55:42.0998 0x1678 USBSTOR - ok
21:55:43.0027 0x1678 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:55:43.0037 0x1678 usbuhci - ok
21:55:43.0064 0x1678 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:55:43.0078 0x1678 usbvideo - ok
21:55:43.0099 0x1678 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
21:55:43.0128 0x1678 UxSms - ok
21:55:43.0163 0x1678 [ 0FC48F15FF31DD1EEB85A7A4FD6FD043, 043C2123CBD489F4A2039A81181693E659BD69C852A381BEF118E5D995F7A946 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
21:55:43.0172 0x1678 UxTuneUp - ok
21:55:43.0185 0x1678 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] VaultSvc C:\Windows\system32\lsass.exe
21:55:43.0195 0x1678 VaultSvc - ok
21:55:43.0210 0x1678 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:55:43.0221 0x1678 vdrvroot - ok
21:55:43.0252 0x1678 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
21:55:43.0294 0x1678 vds - ok
21:55:43.0313 0x1678 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:55:43.0326 0x1678 vga - ok
21:55:43.0331 0x1678 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:55:43.0359 0x1678 VgaSave - ok
21:55:43.0381 0x1678 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:55:43.0397 0x1678 vhdmp - ok
21:55:43.0420 0x1678 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
21:55:43.0430 0x1678 viaide - ok
21:55:43.0449 0x1678 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:55:43.0464 0x1678 vmbus - ok
21:55:43.0479 0x1678 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:55:43.0489 0x1678 VMBusHID - ok
21:55:43.0503 0x1678 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:55:43.0515 0x1678 volmgr - ok
21:55:43.0543 0x1678 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:55:43.0563 0x1678 volmgrx - ok
21:55:43.0585 0x1678 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:55:43.0602 0x1678 volsnap - ok
21:55:43.0623 0x1678 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:55:43.0637 0x1678 vsmraid - ok
21:55:43.0702 0x1678 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
21:55:43.0772 0x1678 VSS - ok
21:55:43.0784 0x1678 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:55:43.0797 0x1678 vwifibus - ok
21:55:43.0827 0x1678 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:55:43.0842 0x1678 vwififlt - ok
21:55:43.0883 0x1678 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
21:55:43.0922 0x1678 W32Time - ok
21:55:43.0935 0x1678 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:55:43.0946 0x1678 WacomPen - ok
21:55:43.0975 0x1678 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:55:44.0004 0x1678 WANARP - ok
21:55:44.0009 0x1678 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:55:44.0037 0x1678 Wanarpv6 - ok
21:55:44.0107 0x1678 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:55:44.0158 0x1678 WatAdminSvc - ok
21:55:44.0217 0x1678 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
21:55:44.0275 0x1678 wbengine - ok
21:55:44.0311 0x1678 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:55:44.0330 0x1678 WbioSrvc - ok
21:55:44.0363 0x1678 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:55:44.0387 0x1678 wcncsvc - ok
21:55:44.0396 0x1678 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:55:44.0407 0x1678 WcsPlugInService - ok
21:55:44.0436 0x1678 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:55:44.0446 0x1678 Wd - ok
21:55:44.0492 0x1678 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:55:44.0525 0x1678 Wdf01000 - ok
21:55:44.0545 0x1678 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:55:44.0566 0x1678 WdiServiceHost - ok
21:55:44.0571 0x1678 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:55:44.0584 0x1678 WdiSystemHost - ok
21:55:44.0626 0x1678 WdMan - ok
21:55:44.0648 0x1678 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
21:55:44.0672 0x1678 WebClient - ok
21:55:44.0699 0x1678 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:55:44.0735 0x1678 Wecsvc - ok
21:55:44.0751 0x1678 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:55:44.0782 0x1678 wercplsupport - ok
21:55:44.0796 0x1678 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
21:55:44.0834 0x1678 WerSvc - ok
21:55:44.0866 0x1678 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:55:44.0895 0x1678 WfpLwf - ok
21:55:44.0904 0x1678 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:55:44.0914 0x1678 WIMMount - ok
21:55:44.0939 0x1678 WinDefend - ok
21:55:44.0953 0x1678 WinHttpAutoProxySvc - ok
21:55:44.0994 0x1678 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:55:45.0028 0x1678 Winmgmt - ok
21:55:45.0109 0x1678 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
21:55:45.0182 0x1678 WinRM - ok
21:55:45.0230 0x1678 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
21:55:45.0243 0x1678 WinUsb - ok
21:55:45.0288 0x1678 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:55:45.0322 0x1678 Wlansvc - ok
21:55:45.0345 0x1678 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:55:45.0367 0x1678 WmiAcpi - ok
21:55:45.0394 0x1678 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:55:45.0410 0x1678 wmiApSrv - ok
21:55:45.0436 0x1678 WMPNetworkSvc - ok
21:55:45.0551 0x1678 [ 495284CF894336E9512ED7C9ACB3548E, 55D05E94B96F67C50662C4695267CB18994112D086CAED2E493469C7F133F2BE ] WOTUpdater C:\Users\Florian\AppData\LocalLow\WOT\IE\WOTUpdater.exe
21:55:45.0567 0x1678 WOTUpdater - detected UnsignedFile.Multi.Generic ( 1 )
21:55:54.0381 0x1678 Detect skipped due to KSN trusted
21:55:54.0382 0x1678 WOTUpdater - ok
21:55:54.0406 0x1678 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:55:54.0420 0x1678 WPCSvc - ok
21:55:54.0447 0x1678 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:55:54.0465 0x1678 WPDBusEnum - ok
21:55:54.0494 0x1678 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:55:54.0523 0x1678 ws2ifsl - ok
21:55:54.0537 0x1678 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
21:55:54.0553 0x1678 wscsvc - ok
21:55:54.0557 0x1678 WSearch - ok
21:55:54.0681 0x1678 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
21:55:54.0756 0x1678 wuauserv - ok
21:55:54.0783 0x1678 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:55:54.0800 0x1678 WudfPf - ok
21:55:54.0824 0x1678 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:55:54.0838 0x1678 WUDFRd - ok
21:55:54.0848 0x1678 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:55:54.0860 0x1678 wudfsvc - ok
21:55:54.0889 0x1678 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:55:54.0917 0x1678 WwanSvc - ok
21:55:54.0934 0x1678 ================ Scan global ===============================
21:55:54.0961 0x1678 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
21:55:54.0985 0x1678 [ 841BF993597DCD498247684B5D3AE845, B80FDDE2F36F7DC9BCE253FFE0148C918DC3DD4357F37761B364DE7B887239EA ] C:\Windows\system32\winsrv.dll
21:55:54.0998 0x1678 [ 841BF993597DCD498247684B5D3AE845, B80FDDE2F36F7DC9BCE253FFE0148C918DC3DD4357F37761B364DE7B887239EA ] C:\Windows\system32\winsrv.dll
21:55:55.0023 0x1678 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:55:55.0072 0x1678 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
21:55:55.0088 0x1678 [ Global ] - ok
21:55:55.0088 0x1678 ================ Scan MBR ==================================
21:55:55.0097 0x1678 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:55:55.0401 0x1678 \Device\Harddisk0\DR0 - ok
21:55:55.0404 0x1678 ================ Scan VBR ==================================
21:55:55.0425 0x1678 [ 61FCAA32FAE9DB380BAEA9444AAB20D4 ] \Device\Harddisk0\DR0\Partition1
21:55:55.0490 0x1678 \Device\Harddisk0\DR0\Partition1 - ok
21:55:55.0506 0x1678 [ E3E5A808C463D0A55C6B7228ACF8A29F ] \Device\Harddisk0\DR0\Partition2
21:55:55.0547 0x1678 \Device\Harddisk0\DR0\Partition2 - ok
21:55:55.0566 0x1678 [ 1F10FAEF5E6F85087F1EF77FDF23D506 ] \Device\Harddisk0\DR0\Partition3
21:55:55.0568 0x1678 \Device\Harddisk0\DR0\Partition3 - ok
21:55:55.0589 0x1678 [ 653EAE94600EF7885E13B8A44A825A4B ] \Device\Harddisk0\DR0\Partition4
21:55:55.0591 0x1678 \Device\Harddisk0\DR0\Partition4 - ok
21:55:55.0591 0x1678 ================ Scan generic autorun ======================
21:55:55.0903 0x1678 [ 08E5D3F98F80E5B7A2E965DFD42C4D21, EC4CE007E5B082CCC071B0C71CF6A5B9B479D794E90ECD93CA613ADDF8A6CB09 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:55:56.0116 0x1678 RtHDVCpl - ok
21:55:56.0242 0x1678 [ 9E5C525E4DC341980D1697C814BE3E43, 8696919240BBF644F0B9948878B4C7F948C53817D8EF15032841024348D8E859 ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
21:55:56.0291 0x1678 EvtMgr6 - ok
21:55:56.0332 0x1678 [ BDBC72B396A524BCEF23F0DB4870C4F8, E44C8E182FF61DBADB4F0BF3DB2D7B46A3EB8324108E56381CA3BA327CA322E3 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
21:55:56.0339 0x1678 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
21:56:03.0705 0x1678 Detect skipped due to KSN trusted
21:56:03.0705 0x1678 StartCCC - ok
21:56:03.0706 0x1678 Waiting for KSN requests completion. In queue: 11
21:56:04.0706 0x1678 Waiting for KSN requests completion. In queue: 11
21:56:05.0706 0x1678 Waiting for KSN requests completion. In queue: 11
21:56:06.0727 0x1678 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.16.273 ), 0x41000 ( enabled : updated )
21:56:06.0732 0x1678 Win FW state via NFP2: enabled ( trusted )
21:56:09.0178 0x1678 ============================================================
21:56:09.0178 0x1678 Scan finished
21:56:09.0178 0x1678 ============================================================
21:56:09.0201 0x1788 Detected object count: 1
21:56:09.0201 0x1788 Actual detected object count: 1
21:56:42.0253 0x1788 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:42.0253 0x1788 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
16.04.2016, 15:33
| #6 | |
| /// TB-Ausbilder | Probleme TR/Crypt.ZPACK.Gen9' Servus, Zukünftig bitte beachten: Zitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter. Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
16.04.2016, 16:47
| #7 |
| | Probleme TR/Crypt.ZPACK.Gen9' [CODE]adw logAdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.111 - Bericht erstellt am 16/04/2016 um 16:01:02
# Aktualisiert am 14/04/2016 von Xplode
# Datenbank : 2016-04-15.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Florian - FLORIAN-PC
# Gestartet von : C:\Users\Florian\Desktop\adwcleaner5111.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
Dienst gefunden : IhPul
Dienst gefunden : WdMan
Dienst gefunden : qkseeService
Dienst gefunden : BugreportW
***** [ Ordner ] *****
Ordner gefunden : C:\Program Files (x86)\WinZipper
Ordner gefunden : C:\Program Files (x86)\QQBrowser
Ordner gefunden : C:\Program Files (x86)\WinTsks
Ordner gefunden : C:\Program Files (x86)\SpeedSearchesbnd
Ordner gefunden : C:\Users\Florian\AppData\Roaming\eCyber
Ordner gefunden : C:\Users\Florian\AppData\Roaming\TSv
Ordner gefunden : C:\Users\Florian\AppData\Roaming\WinZiper
***** [ Dateien ] *****
Datei gefunden : C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\extensions\linky@gemal.dk.xpi
***** [ DLL ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
Geplante Aufgabe gefunden : Browser Updater Task(Core)
Geplante Aufgabe gefunden : WinTsks
***** [ Registrierungsdatenbank ] *****
Schlüssel gefunden : HKCU\Software\madFlac
Schlüssel gefunden : HKLM\SOFTWARE\hdcode
Schlüssel gefunden : HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\Software\madFlac
***** [ Internetbrowser ] *****
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [3002 Bytes] - [09/04/2016 23:19:03]
C:\AdwCleaner\AdwCleaner[R0].txt - [1358 Bytes] - [31/05/2015 14:08:35]
C:\AdwCleaner\AdwCleaner[R1].txt - [1121 Bytes] - [16/08/2015 19:11:17]
C:\AdwCleaner\AdwCleaner[R2].txt - [1122 Bytes] - [16/08/2015 19:12:32]
C:\AdwCleaner\AdwCleaner[R3].txt - [3134 Bytes] - [17/09/2015 20:08:16]
C:\AdwCleaner\AdwCleaner[S0].txt - [1373 Bytes] - [31/05/2015 14:11:54]
C:\AdwCleaner\AdwCleaner[S1].txt - [5318 Bytes] - [17/09/2015 20:10:30]
C:\AdwCleaner\AdwCleaner[S2].txt - [2115 Bytes] - [16/04/2016 16:01:02]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2188 Bytes] ##########
Code:
ATTFilter mbam log Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 16.04.2016 Suchlaufzeit: 16:57 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.04.16.03 Rootkit-Datenbank: v2016.04.09.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Florian Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 387490 Abgelaufene Zeit: 27 Min., 23 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter jrt logJRT Logfile: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
durchgeführt von Florian (Administrator) auf FLORIAN-PC (16-04-2016 17:40:39)
Gestartet von C:\Users\Florian\Desktop
Geladene Profile: Florian (Verfügbare Profile: Florian)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
(TeamViewer GmbH) D:\Programme\TeamViewer\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
() C:\Users\Florian\AppData\LocalLow\WOT\IE\WOTUpdater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() D:\Programme\RegCleaner\RegCleanr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\FdmBrowserHelper.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-06] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1609296 2010-06-26] (Logitech, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [696320 2011-11-18] ()
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-24] (AVM Berlin)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2010-05-13]
ShortcutTarget: DSL-Manager.lnk -> D:\Programme\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2010-05-13]
ShortcutTarget: DSL-Manager.lnk -> D:\Programme\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224 2015-01-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\napinsp.dll"
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424 2013-10-10] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\winrnr.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{46A21199-6841-4D64-908B-2AC9386B247B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5F378C25-B3F5-4DAF-881C-E32CBBD8EF12}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2977951965-3881512990-2941591932-1001 -> DefaultScope {5867B61C-0F3F-4E79-BBEB-AC6A84A7813C} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2977951965-3881512990-2941591932-1001 -> {5867B61C-0F3F-4E79-BBEB-AC6A84A7813C} URL = hxxp://www.google.de/search?q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-29] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2016-03-16] (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-29] (Oracle Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870
FF Homepage: hxxp://www.t-online.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-11-14] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll [Keine Datei]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-11-14] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> D:\Multimediaprogramme\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> D:\Multimediaprogramme\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-07-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-07-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-07-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-07-18] (Apple Inc.)
FF SearchPlugin: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\searchplugins\ebay-kleinanzeigen-.xml [2014-08-23]
FF SearchPlugin: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\searchplugins\myvideo.xml [2014-08-16]
FF SearchPlugin: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\searchplugins\youtube.xml [2014-08-16]
FF Extension: Avira Browser Safety - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\abs@avira.com [2016-04-13]
FF Extension: German Dictionary - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-01-18]
FF Extension: Block site - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2015-06-04]
FF Extension: Add to Search Bar - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\add-to-searchbox@maltekraus.de.xpi [2014-08-16]
FF Extension: Classic Theme Restorer - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-08-16]
FF Extension: Snap Links Plus - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\snaplinks@snaplinks.mozdev.org.xpi [2016-02-06]
FF Extension: Video DownloadHelper - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-29]
FF Extension: Hide Tab Bar With One Tab - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\{e5bbc237-c99b-4ced-a061-0be27703295f}.xpi [2014-08-16]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-04-14]
FF HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files (x86)\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager extension - C:\Program Files (x86)\Free Download Manager\Firefox\Extension [2016-04-05]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nphjeokkkbngjpiofnfpnafjeofjomfb] - C:\Users\Florian\AppData\LocalLow\WOT\CHROME\WOT.crx [2012-01-12]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-08] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-06-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-19] (BlueStack Systems, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [Datei ist nicht signiert]
S3 TDslMgrService; D:\Programme\DSL-Manager\DslMgrSvc.exe [307200 2008-10-23] (T-Systems Enterprise Services GmbH) [Datei ist nicht signiert]
R2 TeamViewer; D:\Programme\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2010-10-27] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1403200 2010-09-30] (TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WOTUpdater; C:\Users\Florian\AppData\LocalLow\WOT\IE\WOTUpdater.exe [18432 2012-01-12] () [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-08] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-08] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-08-24] (AVM Berlin)
S3 AVMUNET; C:\Windows\System32\DRIVERS\avmunet.sys [30208 2006-11-07] (AVM GmbH) [Datei ist nicht signiert]
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-06-19] (BlueStack Systems)
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-24] (AVM GmbH)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 PciDumpr; C:\Program Files (x86)\Common Files\T-Com\DSLCheck\PciDumpr.sys [2144 2001-01-26] () [Datei ist nicht signiert]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2010-02-24] (TuneUp Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-16 17:40 - 2016-04-16 17:42 - 00020400 _____ C:\Users\Florian\Desktop\FRST.txt
2016-04-16 17:40 - 2015-09-17 20:27 - 02191360 _____ (Farbar) C:\Users\Florian\Desktop\FRST64.exe
2016-04-16 17:34 - 2016-04-16 17:34 - 00002152 _____ C:\Users\Florian\Desktop\JRT.txt
2016-04-16 17:28 - 2016-03-15 22:46 - 01610352 _____ (Malwarebytes) C:\Users\Florian\Desktop\JRT.exe
2016-04-16 17:27 - 2016-04-16 17:27 - 00001210 _____ C:\Users\Florian\Desktop\mbam.txt
2016-04-16 16:45 - 2016-04-16 16:44 - 00002251 _____ C:\Users\Florian\Desktop\AdwCleaner[S2].txt
2016-04-16 16:42 - 2016-04-15 18:33 - 03670016 _____ C:\Users\Florian\Desktop\adwcleaner5111.exe
2016-04-16 16:29 - 2016-04-16 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Einsatzstellenverwaltung
2016-04-14 17:11 - 2016-03-31 21:25 - 00394952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-14 17:11 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-14 17:11 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-14 17:11 - 2016-03-31 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-14 17:11 - 2016-03-31 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-04-14 17:11 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-14 17:11 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-14 17:11 - 2016-03-31 02:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-04-14 17:11 - 2016-03-31 02:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-14 17:11 - 2016-03-31 02:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-04-14 17:11 - 2016-03-31 02:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-04-14 17:11 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-14 17:11 - 2016-03-31 02:22 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-14 17:11 - 2016-03-31 02:21 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-04-14 17:11 - 2016-03-31 02:19 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-14 17:11 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-14 17:11 - 2016-03-31 02:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-04-14 17:11 - 2016-03-31 02:17 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-14 17:11 - 2016-03-31 02:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-04-14 17:11 - 2016-03-31 02:11 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-14 17:11 - 2016-03-31 02:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-14 17:11 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-14 17:11 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-04-14 17:11 - 2016-03-31 02:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-14 17:11 - 2016-03-31 01:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-04-14 17:11 - 2016-03-31 01:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-04-14 17:11 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-14 17:11 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-14 17:11 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-14 17:11 - 2016-03-31 01:53 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-04-14 17:11 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-04-14 17:11 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-04-14 17:11 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-04-14 17:11 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-04-14 17:11 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-14 17:11 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-04-14 17:11 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-04-14 17:11 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-04-14 17:11 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-14 17:11 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-04-14 17:11 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-14 17:11 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-04-14 17:11 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-14 17:11 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-14 17:11 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-14 17:11 - 2016-03-31 01:42 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-04-14 17:11 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-14 17:11 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-04-14 17:11 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-14 17:11 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-04-14 17:11 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-04-14 17:11 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-04-14 17:11 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-14 17:11 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-14 17:11 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-14 17:11 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-04-14 17:11 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-14 17:11 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-14 17:11 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-14 17:11 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-04-14 17:11 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-14 17:11 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-14 17:11 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-14 17:11 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-14 17:11 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-14 17:11 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-14 16:23 - 2016-04-14 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-13 20:08 - 2016-03-18 01:04 - 05551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-13 20:08 - 2016-03-18 01:04 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-13 20:08 - 2016-03-18 01:04 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-13 20:08 - 2016-03-18 01:04 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-13 20:08 - 2016-03-18 01:01 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 20:08 - 2016-03-18 01:01 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-13 20:08 - 2016-03-18 00:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-13 20:08 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 20:08 - 2016-03-18 00:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-04-13 20:08 - 2016-03-18 00:54 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-13 20:08 - 2016-03-18 00:54 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-13 20:08 - 2016-03-18 00:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-13 20:08 - 2016-03-18 00:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-13 20:08 - 2016-03-18 00:53 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 20:08 - 2016-03-18 00:53 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-13 20:08 - 2016-03-18 00:53 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-13 20:08 - 2016-03-18 00:53 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-04-13 20:08 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-04-13 20:08 - 2016-03-18 00:33 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-04-13 20:08 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-04-13 20:08 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-04-13 20:08 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-04-13 20:08 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-04-13 20:08 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-04-13 20:08 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-04-13 20:08 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-13 20:08 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-04-13 20:08 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-04-13 20:08 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-04-13 20:08 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-04-13 20:08 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-13 20:08 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 20:08 - 2016-03-17 23:53 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-13 20:08 - 2016-03-17 23:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-13 20:08 - 2016-03-17 23:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-13 20:08 - 2016-03-17 23:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-13 20:08 - 2016-03-17 23:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-13 20:08 - 2016-03-17 23:43 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-13 20:08 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-04-13 20:08 - 2016-03-17 23:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-13 20:08 - 2016-03-17 23:37 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-13 20:08 - 2016-03-17 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-13 20:08 - 2016-03-17 23:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-13 20:08 - 2016-03-17 23:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-13 20:08 - 2016-03-17 23:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-04-13 20:08 - 2016-03-17 23:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-04-13 20:08 - 2016-03-17 23:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-04-13 20:08 - 2016-03-17 23:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-04-13 20:08 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-04-13 20:08 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 20:08 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 20:08 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 20:08 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 20:02 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 20:02 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-13 20:02 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-13 20:02 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-04-13 19:41 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 19:41 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 19:41 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-13 19:03 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 19:03 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-13 19:03 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-13 19:03 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-13 18:49 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-13 18:49 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-13 18:49 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-13 18:49 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-13 18:49 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-13 18:49 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-13 18:49 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-13 18:49 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-13 18:43 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-13 18:43 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-04-09 22:50 - 2016-04-09 22:50 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-05 22:54 - 2016-04-05 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
2016-04-05 22:54 - 2016-04-05 23:05 - 00000000 ____D C:\Program Files (x86)\Free Download Manager
2016-04-05 19:46 - 2016-04-05 22:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-26 15:07 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-03-26 15:07 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-03-26 15:07 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-03-26 15:07 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-26 15:07 - 2016-02-01 21:08 - 00114624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-26 15:07 - 2016-02-01 20:59 - 03243008 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-26 15:07 - 2016-02-01 20:59 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-03-26 15:07 - 2016-02-01 20:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-03-26 15:07 - 2016-02-01 20:56 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-26 15:07 - 2016-02-01 20:56 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-26 15:07 - 2016-02-01 20:49 - 02364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-03-26 15:07 - 2016-02-01 20:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-03-26 15:07 - 2016-02-01 20:49 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-03-26 15:07 - 2016-02-01 20:45 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-26 15:07 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-03-26 15:06 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-16 17:41 - 2014-06-29 18:52 - 01339707 _____ C:\Windows\WindowsUpdate.log
2016-04-16 17:40 - 2015-05-31 14:15 - 00000000 ____D C:\FRST
2016-04-16 17:35 - 2014-10-05 19:31 - 01087488 _____ C:\Windows\PFRO.log
2016-04-16 17:35 - 2014-10-05 01:00 - 21638394 _____ C:\Windows\setupact.log
2016-04-16 17:35 - 2012-07-08 02:26 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-16 17:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-16 17:27 - 2010-05-09 13:35 - 00000000 ____D C:\Users\Florian
2016-04-16 17:25 - 2012-12-03 00:26 - 00000000 ____D C:\Users\Florian\.BH
2016-04-16 17:14 - 2010-05-12 21:21 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{61D97D25-2BEF-4AEC-A94F-510529E28523}
2016-04-16 17:09 - 2012-03-25 13:34 - 00000000 ____D C:\Users\Florian\Feuerwehr und BRK
2016-04-16 16:56 - 2012-07-08 02:26 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-16 16:51 - 2014-08-24 22:03 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-16 16:46 - 2012-08-15 18:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-16 16:44 - 2015-05-31 14:08 - 00000000 ____D C:\AdwCleaner
2016-04-16 16:44 - 2014-12-14 01:15 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-16 16:42 - 2014-08-17 12:56 - 00019968 _____ C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-16 16:41 - 2013-11-17 22:27 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-04-16 16:18 - 2009-07-14 19:58 - 00699432 _____ C:\Windows\system32\perfh007.dat
2016-04-16 16:18 - 2009-07-14 19:58 - 00149572 _____ C:\Windows\system32\perfc007.dat
2016-04-16 16:18 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-16 16:16 - 2009-07-14 06:45 - 00026384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-16 16:16 - 2009-07-14 06:45 - 00026384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-16 15:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-04-15 22:40 - 2012-03-25 13:31 - 00054573 _____ C:\Users\Florian\Fahrtenbuch.ods
2016-04-15 22:38 - 2015-11-17 21:28 - 00065452 _____ C:\Users\Florian\Einausgaben.ods
2016-04-15 21:38 - 2010-05-13 17:52 - 01071616 ___SH C:\Users\Florian\Thumbs.db
2016-04-15 18:31 - 2012-09-09 17:34 - 00000000 ____D C:\Users\Florian\AppData\Local\CrashDumps
2016-04-15 16:18 - 2012-05-05 16:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-14 21:51 - 2009-07-14 06:45 - 00679312 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-14 18:37 - 2014-12-12 16:12 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-14 17:24 - 2010-05-09 15:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-04-14 17:23 - 2013-07-18 15:49 - 00000000 ____D C:\Windows\system32\MRT
2016-04-14 17:16 - 2010-05-13 15:03 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-12 20:52 - 2012-03-25 13:34 - 00000000 ____D C:\Users\Florian\Briefe
2016-04-12 20:42 - 2011-12-20 20:18 - 00000099 _____ C:\Users\Public\LMDebug.log
2016-04-12 20:40 - 2015-12-23 22:33 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Free Download Manager
2016-04-10 14:31 - 2010-05-14 00:41 - 00000000 ____D C:\Users\Florian\AppData\Roaming\VSO
2016-04-10 00:46 - 2016-03-05 14:49 - 00001865 _____ C:\Users\Public\Desktop\P-touch Editor 5.1.lnk
2016-04-10 00:46 - 2016-02-28 00:27 - 00001462 _____ C:\Users\Public\Desktop\LibreOffice 5.0.lnk
2016-04-10 00:46 - 2015-12-25 13:36 - 00001098 _____ C:\Users\Florian\Desktop\Free Doanloadmanager.lnk
2016-04-10 00:46 - 2015-09-13 16:19 - 00001104 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2016-04-10 00:46 - 2015-09-09 19:07 - 00000676 _____ C:\Users\Public\Desktop\IrfanView.lnk
2016-04-10 00:46 - 2015-05-31 17:20 - 00000691 _____ C:\Users\Public\Desktop\dm-Fotowelt.lnk
2016-04-10 00:46 - 2015-05-16 01:20 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-10 00:46 - 2015-05-16 01:20 - 00002041 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-04-10 00:46 - 2015-04-08 19:09 - 00001633 _____ C:\Users\Florian\Desktop\Avira.lnk
2016-04-10 00:46 - 2014-12-28 17:20 - 00000683 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2016-04-10 00:46 - 2014-12-28 17:20 - 00000683 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2016-04-10 00:46 - 2014-12-28 16:37 - 00000669 _____ C:\Users\Florian\Desktop\teXXas.lnk
2016-04-10 00:46 - 2014-12-16 21:43 - 00000684 _____ C:\Users\Florian\Desktop\VSO Image Resizer.lnk
2016-04-10 00:46 - 2014-11-23 16:26 - 00001244 _____ C:\Users\Florian\Desktop\mbar.exe -.lnk
2016-04-10 00:46 - 2014-08-13 01:18 - 00001618 _____ C:\Users\Public\Desktop\Logitech Webcam Software .lnk
2016-04-10 00:46 - 2014-08-11 03:34 - 00001067 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-04-10 00:46 - 2014-03-23 19:54 - 00002206 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-04-10 00:46 - 2013-09-03 21:57 - 00001801 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2016-04-10 00:46 - 2013-01-12 04:41 - 00001103 _____ C:\Users\Florian\Desktop\Smart Panel.lnk
2016-04-10 00:46 - 2012-12-04 10:32 - 00001410 _____ C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Windows installieren.lnk
2016-04-10 00:46 - 2012-12-03 00:26 - 00000786 _____ C:\Users\Florian\Desktop\BilderHerunterlader.lnk
2016-04-10 00:46 - 2012-04-15 21:11 - 00002084 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-04-10 00:46 - 2012-01-29 01:11 - 00001686 _____ C:\Users\Florian\Desktop\PhotoStudio.lnk
2016-04-10 00:46 - 2012-01-14 20:40 - 00001865 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-10 00:46 - 2012-01-14 20:40 - 00001859 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-10 00:46 - 2011-11-24 18:56 - 00000946 _____ C:\Users\Public\Desktop\Top50 V5 Viewer.lnk
2016-04-10 00:46 - 2011-10-08 22:32 - 00001744 _____ C:\Users\Public\Desktop\Nokia PC Suite.lnk
2016-04-10 00:46 - 2011-07-17 16:21 - 00002204 _____ C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
2016-04-10 00:46 - 2010-11-07 23:34 - 00000673 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-10 00:46 - 2010-10-26 20:55 - 00002736 _____ C:\Users\Public\Desktop\Nero StartSmart.lnk
2016-04-10 00:46 - 2010-05-30 04:04 - 00000632 _____ C:\Users\Florian\Desktop\RegCleaner.lnk
2016-04-10 00:46 - 2010-05-14 14:59 - 00000737 _____ C:\Users\Florian\Desktop\Cefic ERICards Offline.lnk
2016-04-10 00:46 - 2010-05-14 13:50 - 00002169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities.lnk
2016-04-10 00:46 - 2010-05-14 13:50 - 00002163 _____ C:\Users\Public\Desktop\TuneUp Utilities.lnk
2016-04-10 00:46 - 2010-05-13 23:29 - 00000623 _____ C:\Users\Public\Desktop\LingoPad.lnk
2016-04-10 00:46 - 2010-05-13 20:54 - 00001143 _____ C:\Users\Florian\Desktop\Fahrtenbuch.lnk
2016-04-10 00:46 - 2010-05-12 20:06 - 00001816 _____ C:\Users\Florian\Desktop\Microsoft Office - Verknüpfung.lnk
2016-04-10 00:46 - 2010-05-10 19:07 - 00002093 _____ C:\Users\Public\Desktop\MP Navigator EX 2.0.lnk
2016-04-10 00:46 - 2010-05-09 13:48 - 00001425 _____ C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-10 00:46 - 2010-05-09 13:48 - 00001379 _____ C:\Users\Florian\Desktop\Internet Explorer (64-bit).lnk
2016-04-10 00:46 - 2010-05-09 13:35 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-04-10 00:46 - 2010-05-09 13:35 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-04-10 00:46 - 2010-05-09 12:42 - 00001179 _____ C:\Users\Public\Desktop\SpeedCommander.lnk
2016-04-10 00:46 - 2009-07-14 07:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-04-10 00:46 - 2009-07-14 06:57 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-10 00:46 - 2009-07-14 06:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-04-10 00:46 - 2009-07-14 06:57 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-04-10 00:46 - 2009-07-14 06:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-04-10 00:46 - 2009-07-14 06:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-04-10 00:46 - 2009-07-14 06:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-04-10 00:45 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\Performance
2016-04-09 20:13 - 2016-03-12 20:57 - 00000000 ____D C:\Users\Florian\Downloads\PSNV
2016-04-09 18:02 - 2012-10-31 20:42 - 00000000 ____D C:\Users\Florian\AppData\Roaming\vlc
2016-04-07 20:49 - 2012-08-15 18:45 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-07 20:49 - 2012-03-30 14:31 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-07 20:49 - 2012-01-14 20:03 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-01 22:34 - 2012-03-25 13:34 - 00000000 ____D C:\Users\Florian\Verzeichnisse
2016-03-31 19:52 - 2014-01-06 03:51 - 00026204 _____ C:\Users\Florian\Haus Zählerstände Haus.ods
2016-03-29 15:39 - 2015-11-21 23:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-29 15:39 - 2010-05-13 22:39 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-29 15:38 - 2015-11-21 23:21 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-03-29 15:38 - 2015-08-30 13:31 - 00000000 ____D C:\Users\Florian\.oracle_jre_usage
2016-03-21 18:44 - 2012-03-25 13:34 - 00000000 ____D C:\Users\Florian\Internet
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2010-05-28 19:58 - 2013-05-12 22:00 - 0000192 _____ () C:\Users\Florian\AppData\Roaming\default.rss
2010-05-28 19:58 - 2010-05-28 19:58 - 0000000 _____ () C:\Users\Florian\AppData\Roaming\downloads.m3u
2014-08-17 12:56 - 2016-04-16 16:42 - 0019968 _____ () C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-07-02 22:31 - 2010-07-02 22:32 - 0000333 _____ () C:\ProgramData\hpzinstall.log
2015-02-10 18:48 - 2015-02-10 18:48 - 0000366 _____ () C:\ProgramData\UpdStartupLog.log
Einige Dateien in TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-29 16:29
==================== Ende von FRST.txt ============================
|
|
16.04.2016, 16:50
| #8 |
| | Probleme TR/Crypt.ZPACK.Gen9' [CODE]frst log FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
durchgeführt von Florian (Administrator) auf FLORIAN-PC (16-04-2016 17:40:39)
Gestartet von C:\Users\Florian\Desktop
Geladene Profile: Florian (Verfügbare Profile: Florian)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
(TeamViewer GmbH) D:\Programme\TeamViewer\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
() C:\Users\Florian\AppData\LocalLow\WOT\IE\WOTUpdater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() D:\Programme\RegCleaner\RegCleanr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\FdmBrowserHelper.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-06] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1609296 2010-06-26] (Logitech, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [696320 2011-11-18] ()
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-24] (AVM Berlin)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2010-05-13]
ShortcutTarget: DSL-Manager.lnk -> D:\Programme\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2010-05-13]
ShortcutTarget: DSL-Manager.lnk -> D:\Programme\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224 2015-01-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\napinsp.dll"
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424 2013-10-10] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\winrnr.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{46A21199-6841-4D64-908B-2AC9386B247B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5F378C25-B3F5-4DAF-881C-E32CBBD8EF12}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2977951965-3881512990-2941591932-1001 -> DefaultScope {5867B61C-0F3F-4E79-BBEB-AC6A84A7813C} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2977951965-3881512990-2941591932-1001 -> {5867B61C-0F3F-4E79-BBEB-AC6A84A7813C} URL = hxxp://www.google.de/search?q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-29] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2016-03-16] (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-29] (Oracle Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870
FF Homepage: hxxp://www.t-online.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-11-14] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll [Keine Datei]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-11-14] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> D:\Multimediaprogramme\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> D:\Multimediaprogramme\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-07-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-07-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-07-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-07-18] (Apple Inc.)
FF SearchPlugin: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\searchplugins\ebay-kleinanzeigen-.xml [2014-08-23]
FF SearchPlugin: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\searchplugins\myvideo.xml [2014-08-16]
FF SearchPlugin: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\searchplugins\youtube.xml [2014-08-16]
FF Extension: Avira Browser Safety - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\abs@avira.com [2016-04-13]
FF Extension: German Dictionary - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-01-18]
FF Extension: Block site - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2015-06-04]
FF Extension: Add to Search Bar - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\add-to-searchbox@maltekraus.de.xpi [2014-08-16]
FF Extension: Classic Theme Restorer - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-08-16]
FF Extension: Snap Links Plus - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\snaplinks@snaplinks.mozdev.org.xpi [2016-02-06]
FF Extension: Video DownloadHelper - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-29]
FF Extension: Hide Tab Bar With One Tab - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\{e5bbc237-c99b-4ced-a061-0be27703295f}.xpi [2014-08-16]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-04-14]
FF HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files (x86)\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager extension - C:\Program Files (x86)\Free Download Manager\Firefox\Extension [2016-04-05]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nphjeokkkbngjpiofnfpnafjeofjomfb] - C:\Users\Florian\AppData\LocalLow\WOT\CHROME\WOT.crx [2012-01-12]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-08] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-06-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-19] (BlueStack Systems, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [Datei ist nicht signiert]
S3 TDslMgrService; D:\Programme\DSL-Manager\DslMgrSvc.exe [307200 2008-10-23] (T-Systems Enterprise Services GmbH) [Datei ist nicht signiert]
R2 TeamViewer; D:\Programme\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2010-10-27] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1403200 2010-09-30] (TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WOTUpdater; C:\Users\Florian\AppData\LocalLow\WOT\IE\WOTUpdater.exe [18432 2012-01-12] () [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-08] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-08] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-08-24] (AVM Berlin)
S3 AVMUNET; C:\Windows\System32\DRIVERS\avmunet.sys [30208 2006-11-07] (AVM GmbH) [Datei ist nicht signiert]
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-06-19] (BlueStack Systems)
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-24] (AVM GmbH)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 PciDumpr; C:\Program Files (x86)\Common Files\T-Com\DSLCheck\PciDumpr.sys [2144 2001-01-26] () [Datei ist nicht signiert]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2010-02-24] (TuneUp Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-16 17:40 - 2016-04-16 17:42 - 00020400 _____ C:\Users\Florian\Desktop\FRST.txt
2016-04-16 17:40 - 2015-09-17 20:27 - 02191360 _____ (Farbar) C:\Users\Florian\Desktop\FRST64.exe
2016-04-16 17:34 - 2016-04-16 17:34 - 00002152 _____ C:\Users\Florian\Desktop\JRT.txt
2016-04-16 17:28 - 2016-03-15 22:46 - 01610352 _____ (Malwarebytes) C:\Users\Florian\Desktop\JRT.exe
2016-04-16 17:27 - 2016-04-16 17:27 - 00001210 _____ C:\Users\Florian\Desktop\mbam.txt
2016-04-16 16:45 - 2016-04-16 16:44 - 00002251 _____ C:\Users\Florian\Desktop\AdwCleaner[S2].txt
2016-04-16 16:42 - 2016-04-15 18:33 - 03670016 _____ C:\Users\Florian\Desktop\adwcleaner5111.exe
2016-04-16 16:29 - 2016-04-16 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Einsatzstellenverwaltung
2016-04-14 17:11 - 2016-03-31 21:25 - 00394952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-14 17:11 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-14 17:11 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-14 17:11 - 2016-03-31 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-14 17:11 - 2016-03-31 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-04-14 17:11 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-14 17:11 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-14 17:11 - 2016-03-31 02:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-04-14 17:11 - 2016-03-31 02:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-14 17:11 - 2016-03-31 02:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-04-14 17:11 - 2016-03-31 02:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-04-14 17:11 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-14 17:11 - 2016-03-31 02:22 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-14 17:11 - 2016-03-31 02:21 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-04-14 17:11 - 2016-03-31 02:19 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-14 17:11 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-14 17:11 - 2016-03-31 02:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-04-14 17:11 - 2016-03-31 02:17 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-14 17:11 - 2016-03-31 02:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-04-14 17:11 - 2016-03-31 02:11 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-14 17:11 - 2016-03-31 02:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-14 17:11 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-14 17:11 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-04-14 17:11 - 2016-03-31 02:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-14 17:11 - 2016-03-31 01:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-04-14 17:11 - 2016-03-31 01:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-04-14 17:11 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-14 17:11 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-14 17:11 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-14 17:11 - 2016-03-31 01:53 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-04-14 17:11 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-04-14 17:11 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-04-14 17:11 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-04-14 17:11 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-04-14 17:11 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-14 17:11 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-04-14 17:11 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-04-14 17:11 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-04-14 17:11 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-14 17:11 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-04-14 17:11 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-14 17:11 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-04-14 17:11 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-14 17:11 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-14 17:11 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-14 17:11 - 2016-03-31 01:42 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-04-14 17:11 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-14 17:11 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-04-14 17:11 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-14 17:11 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-04-14 17:11 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-04-14 17:11 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-04-14 17:11 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-14 17:11 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-14 17:11 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-14 17:11 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-04-14 17:11 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-14 17:11 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-14 17:11 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-14 17:11 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-04-14 17:11 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-14 17:11 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-14 17:11 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-14 17:11 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-14 17:11 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-14 17:11 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-14 16:23 - 2016-04-14 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-13 20:08 - 2016-03-18 01:04 - 05551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-13 20:08 - 2016-03-18 01:04 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-13 20:08 - 2016-03-18 01:04 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-13 20:08 - 2016-03-18 01:04 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-13 20:08 - 2016-03-18 01:01 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 20:08 - 2016-03-18 01:01 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-13 20:08 - 2016-03-18 00:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-13 20:08 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 20:08 - 2016-03-18 00:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-04-13 20:08 - 2016-03-18 00:54 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-13 20:08 - 2016-03-18 00:54 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-13 20:08 - 2016-03-18 00:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-13 20:08 - 2016-03-18 00:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-13 20:08 - 2016-03-18 00:53 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 20:08 - 2016-03-18 00:53 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-13 20:08 - 2016-03-18 00:53 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-13 20:08 - 2016-03-18 00:53 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-04-13 20:08 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-04-13 20:08 - 2016-03-18 00:33 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-04-13 20:08 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-04-13 20:08 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-04-13 20:08 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-04-13 20:08 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-04-13 20:08 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-04-13 20:08 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-04-13 20:08 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-13 20:08 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-04-13 20:08 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-04-13 20:08 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-04-13 20:08 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-04-13 20:08 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-13 20:08 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 20:08 - 2016-03-17 23:53 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-13 20:08 - 2016-03-17 23:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-13 20:08 - 2016-03-17 23:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-13 20:08 - 2016-03-17 23:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-13 20:08 - 2016-03-17 23:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-13 20:08 - 2016-03-17 23:43 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-13 20:08 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-04-13 20:08 - 2016-03-17 23:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-13 20:08 - 2016-03-17 23:37 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-13 20:08 - 2016-03-17 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-13 20:08 - 2016-03-17 23:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-13 20:08 - 2016-03-17 23:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-13 20:08 - 2016-03-17 23:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-04-13 20:08 - 2016-03-17 23:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-04-13 20:08 - 2016-03-17 23:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-04-13 20:08 - 2016-03-17 23:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-04-13 20:08 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-04-13 20:08 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 20:08 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 20:08 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 20:08 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 20:02 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 20:02 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-13 20:02 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-13 20:02 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-04-13 19:41 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 19:41 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 19:41 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-13 19:03 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 19:03 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-13 19:03 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-13 19:03 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-13 18:49 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-13 18:49 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-13 18:49 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-13 18:49 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-13 18:49 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-13 18:49 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-13 18:49 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-13 18:49 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-13 18:43 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-13 18:43 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-04-09 22:50 - 2016-04-09 22:50 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-05 22:54 - 2016-04-05 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
2016-04-05 22:54 - 2016-04-05 23:05 - 00000000 ____D C:\Program Files (x86)\Free Download Manager
2016-04-05 19:46 - 2016-04-05 22:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-26 15:07 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-03-26 15:07 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-03-26 15:07 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-03-26 15:07 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-26 15:07 - 2016-02-01 21:08 - 00114624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-26 15:07 - 2016-02-01 20:59 - 03243008 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-26 15:07 - 2016-02-01 20:59 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-03-26 15:07 - 2016-02-01 20:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-03-26 15:07 - 2016-02-01 20:56 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-26 15:07 - 2016-02-01 20:56 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-26 15:07 - 2016-02-01 20:49 - 02364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-03-26 15:07 - 2016-02-01 20:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-03-26 15:07 - 2016-02-01 20:49 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-03-26 15:07 - 2016-02-01 20:45 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-26 15:07 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-03-26 15:06 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-16 17:41 - 2014-06-29 18:52 - 01339707 _____ C:\Windows\WindowsUpdate.log
2016-04-16 17:40 - 2015-05-31 14:15 - 00000000 ____D C:\FRST
2016-04-16 17:35 - 2014-10-05 19:31 - 01087488 _____ C:\Windows\PFRO.log
2016-04-16 17:35 - 2014-10-05 01:00 - 21638394 _____ C:\Windows\setupact.log
2016-04-16 17:35 - 2012-07-08 02:26 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-16 17:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-16 17:27 - 2010-05-09 13:35 - 00000000 ____D C:\Users\Florian
2016-04-16 17:25 - 2012-12-03 00:26 - 00000000 ____D C:\Users\Florian\.BH
2016-04-16 17:14 - 2010-05-12 21:21 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{61D97D25-2BEF-4AEC-A94F-510529E28523}
2016-04-16 17:09 - 2012-03-25 13:34 - 00000000 ____D C:\Users\Florian\Feuerwehr und BRK
2016-04-16 16:56 - 2012-07-08 02:26 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-16 16:51 - 2014-08-24 22:03 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-16 16:46 - 2012-08-15 18:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-16 16:44 - 2015-05-31 14:08 - 00000000 ____D C:\AdwCleaner
2016-04-16 16:44 - 2014-12-14 01:15 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-16 16:42 - 2014-08-17 12:56 - 00019968 _____ C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-16 16:41 - 2013-11-17 22:27 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-04-16 16:18 - 2009-07-14 19:58 - 00699432 _____ C:\Windows\system32\perfh007.dat
2016-04-16 16:18 - 2009-07-14 19:58 - 00149572 _____ C:\Windows\system32\perfc007.dat
2016-04-16 16:18 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-16 16:16 - 2009-07-14 06:45 - 00026384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-16 16:16 - 2009-07-14 06:45 - 00026384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-16 15:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-04-15 22:40 - 2012-03-25 13:31 - 00054573 _____ C:\Users\Florian\Fahrtenbuch.ods
2016-04-15 22:38 - 2015-11-17 21:28 - 00065452 _____ C:\Users\Florian\Einausgaben.ods
2016-04-15 21:38 - 2010-05-13 17:52 - 01071616 ___SH C:\Users\Florian\Thumbs.db
2016-04-15 18:31 - 2012-09-09 17:34 - 00000000 ____D C:\Users\Florian\AppData\Local\CrashDumps
2016-04-15 16:18 - 2012-05-05 16:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-14 21:51 - 2009-07-14 06:45 - 00679312 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-14 18:37 - 2014-12-12 16:12 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-14 17:24 - 2010-05-09 15:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-04-14 17:23 - 2013-07-18 15:49 - 00000000 ____D C:\Windows\system32\MRT
2016-04-14 17:16 - 2010-05-13 15:03 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-12 20:52 - 2012-03-25 13:34 - 00000000 ____D C:\Users\Florian\Briefe
2016-04-12 20:42 - 2011-12-20 20:18 - 00000099 _____ C:\Users\Public\LMDebug.log
2016-04-12 20:40 - 2015-12-23 22:33 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Free Download Manager
2016-04-10 14:31 - 2010-05-14 00:41 - 00000000 ____D C:\Users\Florian\AppData\Roaming\VSO
2016-04-10 00:46 - 2016-03-05 14:49 - 00001865 _____ C:\Users\Public\Desktop\P-touch Editor 5.1.lnk
2016-04-10 00:46 - 2016-02-28 00:27 - 00001462 _____ C:\Users\Public\Desktop\LibreOffice 5.0.lnk
2016-04-10 00:46 - 2015-12-25 13:36 - 00001098 _____ C:\Users\Florian\Desktop\Free Doanloadmanager.lnk
2016-04-10 00:46 - 2015-09-13 16:19 - 00001104 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2016-04-10 00:46 - 2015-09-09 19:07 - 00000676 _____ C:\Users\Public\Desktop\IrfanView.lnk
2016-04-10 00:46 - 2015-05-31 17:20 - 00000691 _____ C:\Users\Public\Desktop\dm-Fotowelt.lnk
2016-04-10 00:46 - 2015-05-16 01:20 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-10 00:46 - 2015-05-16 01:20 - 00002041 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-04-10 00:46 - 2015-04-08 19:09 - 00001633 _____ C:\Users\Florian\Desktop\Avira.lnk
2016-04-10 00:46 - 2014-12-28 17:20 - 00000683 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2016-04-10 00:46 - 2014-12-28 17:20 - 00000683 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2016-04-10 00:46 - 2014-12-28 16:37 - 00000669 _____ C:\Users\Florian\Desktop\teXXas.lnk
2016-04-10 00:46 - 2014-12-16 21:43 - 00000684 _____ C:\Users\Florian\Desktop\VSO Image Resizer.lnk
2016-04-10 00:46 - 2014-11-23 16:26 - 00001244 _____ C:\Users\Florian\Desktop\mbar.exe -.lnk
2016-04-10 00:46 - 2014-08-13 01:18 - 00001618 _____ C:\Users\Public\Desktop\Logitech Webcam Software .lnk
2016-04-10 00:46 - 2014-08-11 03:34 - 00001067 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-04-10 00:46 - 2014-03-23 19:54 - 00002206 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-04-10 00:46 - 2013-09-03 21:57 - 00001801 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2016-04-10 00:46 - 2013-01-12 04:41 - 00001103 _____ C:\Users\Florian\Desktop\Smart Panel.lnk
2016-04-10 00:46 - 2012-12-04 10:32 - 00001410 _____ C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Windows installieren.lnk
2016-04-10 00:46 - 2012-12-03 00:26 - 00000786 _____ C:\Users\Florian\Desktop\BilderHerunterlader.lnk
2016-04-10 00:46 - 2012-04-15 21:11 - 00002084 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-04-10 00:46 - 2012-01-29 01:11 - 00001686 _____ C:\Users\Florian\Desktop\PhotoStudio.lnk
2016-04-10 00:46 - 2012-01-14 20:40 - 00001865 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-10 00:46 - 2012-01-14 20:40 - 00001859 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-10 00:46 - 2011-11-24 18:56 - 00000946 _____ C:\Users\Public\Desktop\Top50 V5 Viewer.lnk
2016-04-10 00:46 - 2011-10-08 22:32 - 00001744 _____ C:\Users\Public\Desktop\Nokia PC Suite.lnk
2016-04-10 00:46 - 2011-07-17 16:21 - 00002204 _____ C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
2016-04-10 00:46 - 2010-11-07 23:34 - 00000673 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-10 00:46 - 2010-10-26 20:55 - 00002736 _____ C:\Users\Public\Desktop\Nero StartSmart.lnk
2016-04-10 00:46 - 2010-05-30 04:04 - 00000632 _____ C:\Users\Florian\Desktop\RegCleaner.lnk
2016-04-10 00:46 - 2010-05-14 14:59 - 00000737 _____ C:\Users\Florian\Desktop\Cefic ERICards Offline.lnk
2016-04-10 00:46 - 2010-05-14 13:50 - 00002169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities.lnk
2016-04-10 00:46 - 2010-05-14 13:50 - 00002163 _____ C:\Users\Public\Desktop\TuneUp Utilities.lnk
2016-04-10 00:46 - 2010-05-13 23:29 - 00000623 _____ C:\Users\Public\Desktop\LingoPad.lnk
2016-04-10 00:46 - 2010-05-13 20:54 - 00001143 _____ C:\Users\Florian\Desktop\Fahrtenbuch.lnk
2016-04-10 00:46 - 2010-05-12 20:06 - 00001816 _____ C:\Users\Florian\Desktop\Microsoft Office - Verknüpfung.lnk
2016-04-10 00:46 - 2010-05-10 19:07 - 00002093 _____ C:\Users\Public\Desktop\MP Navigator EX 2.0.lnk
2016-04-10 00:46 - 2010-05-09 13:48 - 00001425 _____ C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-10 00:46 - 2010-05-09 13:48 - 00001379 _____ C:\Users\Florian\Desktop\Internet Explorer (64-bit).lnk
2016-04-10 00:46 - 2010-05-09 13:35 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-04-10 00:46 - 2010-05-09 13:35 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-04-10 00:46 - 2010-05-09 12:42 - 00001179 _____ C:\Users\Public\Desktop\SpeedCommander.lnk
2016-04-10 00:46 - 2009-07-14 07:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-04-10 00:46 - 2009-07-14 06:57 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-10 00:46 - 2009-07-14 06:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-04-10 00:46 - 2009-07-14 06:57 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-04-10 00:46 - 2009-07-14 06:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-04-10 00:46 - 2009-07-14 06:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-04-10 00:46 - 2009-07-14 06:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-04-10 00:45 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\Performance
2016-04-09 20:13 - 2016-03-12 20:57 - 00000000 ____D C:\Users\Florian\Downloads\PSNV
2016-04-09 18:02 - 2012-10-31 20:42 - 00000000 ____D C:\Users\Florian\AppData\Roaming\vlc
2016-04-07 20:49 - 2012-08-15 18:45 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-07 20:49 - 2012-03-30 14:31 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-07 20:49 - 2012-01-14 20:03 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-01 22:34 - 2012-03-25 13:34 - 00000000 ____D C:\Users\Florian\Verzeichnisse
2016-03-31 19:52 - 2014-01-06 03:51 - 00026204 _____ C:\Users\Florian\Haus Zählerstände Haus.ods
2016-03-29 15:39 - 2015-11-21 23:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-29 15:39 - 2010-05-13 22:39 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-29 15:38 - 2015-11-21 23:21 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-03-29 15:38 - 2015-08-30 13:31 - 00000000 ____D C:\Users\Florian\.oracle_jre_usage
2016-03-21 18:44 - 2012-03-25 13:34 - 00000000 ____D C:\Users\Florian\Internet
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2010-05-28 19:58 - 2013-05-12 22:00 - 0000192 _____ () C:\Users\Florian\AppData\Roaming\default.rss
2010-05-28 19:58 - 2010-05-28 19:58 - 0000000 _____ () C:\Users\Florian\AppData\Roaming\downloads.m3u
2014-08-17 12:56 - 2016-04-16 16:42 - 0019968 _____ () C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-07-02 22:31 - 2010-07-02 22:32 - 0000333 _____ () C:\ProgramData\hpzinstall.log
2015-02-10 18:48 - 2015-02-10 18:48 - 0000366 _____ () C:\ProgramData\UpdStartupLog.log
Einige Dateien in TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-29 16:29
==================== Ende von FRST.txt ============================
[CODE]Addition.txtFRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:15-09-2015
durchgeführt von Florian (2016-04-16 17:42:40)
Gestartet von C:\Users\Florian\Desktop
Windows 7 Professional Service Pack 1 (X64) (2010-05-09 11:47:54)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2977951965-3881512990-2941591932-500 - Administrator - Disabled)
Florian (S-1-5-21-2977951965-3881512990-2941591932-1001 - Administrator - Enabled) => C:\Users\Florian
Gast (S-1-5-21-2977951965-3881512990-2941591932-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2977951965-3881512990-2941591932-1004 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version: - ArcSoft)
ATI AVIVO64 Codecs (Version: 10.10.0.40918 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{B85D868D-1415-FDA5-8DB9-D4D457080885}) (Version: 3.0.745.0 - ATI Technologies, Inc.)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
Audiograbber MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
AVM FRITZ!Box AddOn (IE) (x64) (HKLM\...\{EC3671D7-98AC-4951-8FFD-5556BE066137}) (Version: 1.7.0 - AVM Berlin)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
BilderHerunterlader 3.6.6 (HKLM-x32\...\BilderHerunterlader) (Version: - )
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{9D84E30F-6757-4A56-BCB5-51ADE3AE8631}) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
Brother P-touch Editor 5.1 (HKLM-x32\...\{39270390-A851-4E4B-94A9-D5C468216ED3}) (Version: 5.1.0500 - Brother Industries, Ltd.)
Brother P-touch Update Software (HKLM-x32\...\{42036760-2DA4-43C4-A48A-9F90A0F1FA0E}) (Version: 1.0.0060 - Brother Industries, Ltd.)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Canon iP3300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3300) (Version: - )
Canon iP3300 Benutzerregistrierung (HKLM-x32\...\Canon iP3300 Benutzerregistrierung) (Version: - )
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
CanoScan LiDE 200 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4807) (Version: - )
ccc-core-static (x32 Version: 2009.0918.2132.36825 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
CDex extraction audio (HKLM-x32\...\CDex) (Version: - )
Cefic ERICards Offline (Remove only) (HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\...\Ericards.NET) (Version: 3.6.0.0 - Pharox Automatisering B.V.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2312.02 - CyberLink Corp.)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 6.0.4 - CEWE Stiftung u Co. KGaA)
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
DSL-Manager (HKLM-x32\...\{90A455A7-0FC8-4508-B7FA-8F135B8F041A}) (Version: - )
Einsatzstellenverwaltung (HKLM-x32\...\{2E430614-135D-47F8-A6BB-5095871A0C14}_is1) (Version: 1.1.1 - )
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Geogrid®-Viewer (x32 Version: 6.30.0000 - EADS Deutschland GmbH) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.114.0 - ATI Technologies Inc.) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Inkjet Printer/Scanner Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
LibreOffice 5.0.5.2 (HKLM-x32\...\{43D862C3-739D-4FF6-91C0-25612368CC81}) (Version: 5.0.5.2 - The Document Foundation)
Logitech Motion Detector Gadget (HKLM\...\{5FCF5515-4CC4-4812-8C9A-755336AB85F8}) (Version: 1.00.1082 - Ihr Firmenname)
Logitech SetPoint 6.15 (HKLM\...\SP6) (Version: 6.15.25 - Logitech)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Menu Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
Mozilla Thunderbird 38.7.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.7.2 (x86 de)) (Version: 38.7.2 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{EBFC96E5-4409-426E-88B7-650ADB342E78}) (Version: 8.0.50727.42 - The Firebird Project)
MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 (HKLM-x32\...\{e0b22685-7d0a-4754-91a5-71a010985185}) (Version: - Nero AG)
NHL™ 09 (HKLM-x32\...\{827B97A9-B347-4110-9F89-37AF2B758F94}) (Version: 2.0.1.0 - Electronic Arts)
Nokia Connectivity Cable Driver (HKLM-x32\...\{2D99A593-C841-43A7-B7C9-D6F3AE70B756}) (Version: 7.1.45.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.62.1 - Nokia)
Nokia PC Suite (x32 Version: 7.1.62.1 - Nokia) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{C373F7C4-05D2-4047-96D1-6AF30661C6AA}) (Version: 11.4.21.0 - Nokia)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5953 - Realtek Semiconductor Corp.)
Samsung SCX-3200 Series (HKLM-x32\...\Samsung SCX-3200 Series) (Version: __VERSION__ - Samsung Electronics Co., Ltd.)
SoundTrax (x32 Version: 4.4.37.1 - Nero AG) Hidden
SpeedCommander 10 (HKLM-x32\...\SpeedCommander 10) (Version: 10.0 - SpeedProject)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
teXXas (HKLM-x32\...\{F3DCD04C-BE9C-408C-BC8C-B77AF972DBC2}) (Version: 1 - metaspinner net GmbH)
TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Top50 V5 Viewer (HKLM-x32\...\{6594F5B0-350C-42AC-A613-F980B88BDB64}) (Version: 6.30.0000 - EADS Deutschland GmbH)
TuneUp Utilities (HKLM-x32\...\TuneUp Utilities) (Version: 9.0.4700.21 - TuneUp Software)
TuneUp Utilities (x32 Version: 9.0.4700.21 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 9.0.4700.21 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows-Treiberpaket - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
26-03-2016 15:08:00 Windows Update
03-04-2016 17:51:40 Geplanter Prüfpunkt
09-04-2016 23:05:33 JRT Pre-Junkware Removal
09-04-2016 23:26:05 JRT Pre-Junkware Removal
14-04-2016 17:12:17 Windows Update
16-04-2016 17:33:11 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2012-02-03 14:46 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {3501A96D-7D76-49A6-89C1-9D4CC5A594BD} - System32\Tasks\{6CC98E2B-9BE5-462B-B369-42069058EAD6} => Firefox.exe
Task: {456917AC-305D-4750-9A8A-97CE3358DACB} - System32\Tasks\{F44ECDBE-298A-40D7-98D3-C0FF3FE1E600} => Firefox.exe
Task: {5FD73834-A7DE-4B77-B7F2-A9210C61A21F} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {601D5388-3E87-4821-B528-5EAAB4552D9E} - System32\Tasks\{C549D747-D157-44A3-B17F-90B8555BB588} => Firefox.exe
Task: {6AACC338-2AEB-415A-AA0F-6EECC5CE3888} - System32\Tasks\{17CD3FDE-47B6-4A20-B087-66B52DE14763} => pcalua.exe -a "C:\Users\Florian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\67QQDUW5\Firefox%20Setup%203.6.3[1].exe" -d C:\Users\Florian\Desktop
Task: {72E115C5-3CFC-4168-B3C3-D857A10673FA} - System32\Tasks\{8BDA699B-E140-4568-84AA-41BE9AA72E88} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
Task: {827EDDF5-D8A3-4686-8C59-C02451199847} - System32\Tasks\{749E0A3A-4B7C-4FE9-8938-E83057C9F759} => Firefox.exe
Task: {9AFD6482-4085-46DA-846A-924CE896EEED} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-04-04] (Microsoft Corporation)
Task: {9EB6674B-35E0-4123-9297-50E920CF9ADB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A0B7EF38-F73B-4138-8877-B6807C9F13FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A49D49B1-54EF-4D1C-A80E-13C0679F0D60} - System32\Tasks\{B27A2FA5-871D-43E6-959B-C24082C225B7} => pcalua.exe -a C:\Users\Florian\AppData\Local\Temp\jre-8u60-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {A4B1FEF0-AC9E-458B-A51E-B56A120387D9} - System32\Tasks\{55D49C19-D136-4A82-BB84-2687B47C5BF1} => C:\Program Files (x86)\Skype\Phone\Skype.exe
Task: {AA24DB11-CA45-423B-BCC5-855FF7D8B0F4} - System32\Tasks\{ED1502EC-54FB-4E08-A6C0-E820F96C49B8} => Firefox.exe
Task: {AFD7E2E9-2406-488E-B25F-A63F88F68986} - System32\Tasks\Amazon Music Helper => C:\Users\Florian\AppData\Local\Amazon Music\Amazon Music Helper.exe
Task: {B1BC65B8-59E2-46BC-99F4-A0CC526EA5C8} - System32\Tasks\{8A8F8A70-821C-407C-81ED-A9EE9E8BA180} => Firefox.exe hxxp://ui.skype.com/ui/0/4.2.0.155.259/de/abandoninstall?source=lightinstaller&page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;ienotdefaultbrowser2
Task: {B37247B5-5BD7-40C4-9D77-6C7F85F15DF1} - System32\Tasks\{A805A452-D41C-4266-AE6F-CEBC6B821C20} => D:\Programme\Nettalk6\Nettalk.exe
Task: {D9DE150F-7E85-41AD-8A1C-D828CD6ABA37} - System32\Tasks\CCleanerSkipUAC => D:\Programme\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {DE071E9B-54DC-424D-A665-E50F611ED24C} - System32\Tasks\{DCBA626F-B7C2-4F6F-A3F9-2EF5298B50F1} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
Task: {EF24CC43-F11C-4642-9E0D-DC1B69C83436} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {F00DBBA9-811A-4C49-B924-3DB7864C713E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {F2BD1B92-FC98-4834-A091-8B040C1021E2} - System32\Tasks\{6A91AEF7-FE4B-4F0C-A8BF-51DB259DA302} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-01-12 04:54 - 2006-02-23 12:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2011-04-14 03:41 - 2011-04-14 03:41 - 00034304 _____ () C:\Windows\System32\ssb3ml6.dll
2011-04-14 03:40 - 2011-04-14 04:40 - 00968192 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\ssb3mdu.dll
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () D:\Programme\FileZilla FTP Client\fzshellext_64.dll
2013-03-09 19:36 - 2011-11-18 12:22 - 00696320 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2013-03-09 19:36 - 2009-11-19 11:15 - 00306688 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2012-01-12 12:23 - 2012-01-12 12:23 - 00018432 _____ () C:\Users\Florian\AppData\LocalLow\WOT\IE\WOTUpdater.exe
2009-08-28 16:08 - 2009-08-28 16:08 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-05-09 13:38 - 2010-05-09 13:38 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-05-30 04:04 - 2010-05-30 04:04 - 00773632 _____ () D:\Programme\RegCleaner\RegCleanr.exe
2016-04-07 20:49 - 2016-04-07 20:49 - 19403968 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll
2014-09-06 18:44 - 2014-09-06 18:44 - 00035328 _____ () D:\Programme\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () D:\Programme\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () D:\Programme\FileZilla FTP Client\libstdc++-6.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: QuickTime Task => "D:\Multimediaprogramme\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{E5948720-B8D6-4ED3-B47F-1AFEDB415AA6}D:\multimediaprogramme\winamp\winamp.exe] => (Allow) D:\multimediaprogramme\winamp\winamp.exe
FirewallRules: [UDP Query User{56DD4C5A-C883-4E08-AF52-375D5A2908FC}D:\multimediaprogramme\winamp\winamp.exe] => (Allow) D:\multimediaprogramme\winamp\winamp.exe
FirewallRules: [{76E0C865-777C-4504-9C6A-AF8A653A0E39}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [TCP Query User{D753B374-D945-4A8F-8C3C-87E76CB922FD}D:\programme\filezilla ftp client\filezilla.exe] => (Allow) D:\programme\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{872A5183-5A00-44B5-A009-A81A28819095}D:\programme\filezilla ftp client\filezilla.exe] => (Allow) D:\programme\filezilla ftp client\filezilla.exe
FirewallRules: [{43F4A700-4296-449B-817F-39ED1CC5C158}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{BED8EC39-0A3F-48FA-A26D-B39180EC8985}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{3D77DDA7-F34B-4053-A85E-40B11F5BCCF2}] => (Allow) LPort=10322
FirewallRules: [{C1753386-2CC7-4375-A877-1998D3FBEDDC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{A44098AF-A4C6-4FBC-8660-D0278BEAD038}C:\program files (x86)\java\jre6\launch4j-tmp\ffm.exe] => (Allow) C:\program files (x86)\java\jre6\launch4j-tmp\ffm.exe
FirewallRules: [UDP Query User{783591B1-989A-4286-B9E1-06630C693AC4}C:\program files (x86)\java\jre6\launch4j-tmp\ffm.exe] => (Allow) C:\program files (x86)\java\jre6\launch4j-tmp\ffm.exe
FirewallRules: [TCP Query User{6D35A44B-DF4D-4ECF-A042-70ACDB0594DE}C:\program files\java\jre6\launch4j-tmp\ffm.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\ffm.exe
FirewallRules: [UDP Query User{D9EFEE21-124F-485C-ADF6-F471E94C3DCC}C:\program files\java\jre6\launch4j-tmp\ffm.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\ffm.exe
FirewallRules: [TCP Query User{539AA981-7F26-4D11-8F51-BB0E08DB1E1D}D:\multimediaprogramme\k-lite codec pack\media player classic\mpc-hc.exe] => (Allow) D:\multimediaprogramme\k-lite codec pack\media player classic\mpc-hc.exe
FirewallRules: [UDP Query User{3BF76468-5C52-4B2E-906C-379A4808338E}D:\multimediaprogramme\k-lite codec pack\media player classic\mpc-hc.exe] => (Allow) D:\multimediaprogramme\k-lite codec pack\media player classic\mpc-hc.exe
FirewallRules: [{F3E3340A-09ED-415A-9D69-999DABA6D722}] => (Allow) F:\fsetup.exe
FirewallRules: [{4B3E6583-2402-450B-8B66-3403B89A2188}] => (Allow) F:\fsetup.exe
FirewallRules: [{3981521D-D430-42D0-B40C-2273E8B4D8F2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F4F2AED0-4844-4D0E-B055-8244C85E7091}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7B153A05-8D17-4205-8B08-DAB3B07AEB59}] => (Allow) D:\Multimediaprogramme\Winamp\winamp.exe
FirewallRules: [{58DB1A85-233D-4DAF-8215-7EC0E75BB11A}] => (Allow) D:\Multimediaprogramme\Winamp\winamp.exe
FirewallRules: [{F2F7DF84-35B0-44CC-8C45-4327AC725A90}] => (Allow) LPort=49167
FirewallRules: [{1DA9FD06-4467-4B1B-8682-15DFED9C1063}] => (Allow) LPort=5000
FirewallRules: [TCP Query User{306072D2-B2D8-45C1-B8E9-A5F6F1408FE5}D:\multimediaprogramme\vlc\vlc.exe] => (Block) D:\multimediaprogramme\vlc\vlc.exe
FirewallRules: [UDP Query User{6692AE2D-63F4-4306-BB80-0443B5910AE6}D:\multimediaprogramme\vlc\vlc.exe] => (Block) D:\multimediaprogramme\vlc\vlc.exe
FirewallRules: [{BE2BA043-F600-436B-97EC-DC5850F7C0C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AF2F48C3-CF8E-4A7E-9110-D0956C7182C6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{93B0E5FE-F24B-407C-8189-AC74C874AB45}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9020114B-8B5B-422A-A967-E5EBCB194373}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{7E88D983-C887-4AD2-829A-55380B0140AF}] => (Allow) D:\Programme\TeamViewer\TeamViewer.exe
FirewallRules: [{2EDE3AB8-6031-4436-8584-8CF9349AB204}] => (Allow) D:\Programme\TeamViewer\TeamViewer.exe
FirewallRules: [{F632A110-A0B2-4F8F-9164-7C8515A0DAF7}] => (Allow) D:\Programme\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{72B18DF3-4E01-458A-882F-6D7128F1ADAB}] => (Allow) D:\Programme\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EC8CA683-542D-42C6-91DD-3898AB9AA484}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5CE63752-E130-4DF8-92A2-A5D0B90E282F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{6AD824F9-676C-48C1-B53D-0CA08EC3946C}D:\programme\einsatzstellenverwaltung\einsatzstellenverwaltung server.exe] => (Allow) D:\programme\einsatzstellenverwaltung\einsatzstellenverwaltung server.exe
FirewallRules: [UDP Query User{CD0AAA2A-E2C7-41D5-AE1F-0721AEB570F8}D:\programme\einsatzstellenverwaltung\einsatzstellenverwaltung server.exe] => (Allow) D:\programme\einsatzstellenverwaltung\einsatzstellenverwaltung server.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (04/16/2016 05:36:13 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (04/16/2016 05:34:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4
Name des fehlerhaften Moduls: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000007af2
ID des fehlerhaften Prozesses: 0x844
Startzeit der fehlerhaften Anwendung: 0xLVPrcSrv.exe0
Pfad der fehlerhaften Anwendung: LVPrcSrv.exe1
Pfad des fehlerhaften Moduls: LVPrcSrv.exe2
Berichtskennung: LVPrcSrv.exe3
Error: (04/16/2016 04:09:23 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (04/16/2016 04:08:02 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (04/16/2016 04:04:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (04/16/2016 12:55:22 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (04/15/2016 06:29:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: soffice.bin, Version: 5.0.5.2, Zeitstempel: 0x56b49618
Name des fehlerhaften Moduls: msci_uno.dll, Version: 5.0.5.2, Zeitstempel: 0x56b47b91
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c224
ID des fehlerhaften Prozesses: 0xeb4
Startzeit der fehlerhaften Anwendung: 0xsoffice.bin0
Pfad der fehlerhaften Anwendung: soffice.bin1
Pfad des fehlerhaften Moduls: soffice.bin2
Berichtskennung: soffice.bin3
Error: (04/15/2016 06:11:02 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (04/15/2016 05:30:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: qkseeSvc.exe, Version: 3.1.0.0, Zeitstempel: 0x570e061e
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000024
ID des fehlerhaften Prozesses: 0x1bc
Startzeit der fehlerhaften Anwendung: 0xqkseeSvc.exe0
Pfad der fehlerhaften Anwendung: qkseeSvc.exe1
Pfad des fehlerhaften Moduls: qkseeSvc.exe2
Berichtskennung: qkseeSvc.exe3
Error: (04/15/2016 04:19:15 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Systemfehler:
=============
Error: (04/16/2016 05:36:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (04/16/2016 05:34:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Process Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/16/2016 04:08:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (04/16/2016 04:04:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (04/16/2016 04:04:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (04/16/2016 04:04:09 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}
Error: (04/16/2016 04:04:09 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
Error: (04/16/2016 04:04:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (04/16/2016 04:04:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (04/16/2016 04:04:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
CodeIntegrity:
===================================
Date: 2012-04-30 01:42:14.389
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:42:14.311
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:42:12.845
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:42:12.767
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:42:10.598
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:42:10.520
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:41:34.141
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:41:34.063
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-02-03 13:45:55.746
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-02-03 13:45:55.684
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: AMD Athlon(tm) II X4 630 Processor
Prozentuale Nutzung des RAM: 56%
Installierter physikalischer RAM: 4095.24 MB
Verfügbarer physikalischer RAM: 1774.6 MB
Summe virtueller Speicher: 8188.67 MB
Verfügbarer virtueller Speicher: 5794.18 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:390.53 GB) (Free:269.76 GB) NTFS
Drive d: (Daten) (Fixed) (Total:263.67 GB) (Free:250.65 GB) NTFS
Drive e: (Medien) (Fixed) (Total:277.21 GB) (Free:247.15 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E274FB94)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=390.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=263.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=277.2 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
16.04.2016, 16:53
| #9 |
| | Probleme TR/Crypt.ZPACK.Gen9' doppelt Geändert von schaule (16.04.2016 um 16:55 Uhr) Grund: doppelt dabei |
|
16.04.2016, 20:06
| #10 |
| /// TB-Ausbilder | Probleme TR/Crypt.ZPACK.Gen9' Servus, wir spüren noch evtl. vorhandene Reste auf: Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit) | SystemLook (64 bit)
|
|
16.04.2016, 20:20
| #11 |
| | Probleme TR/Crypt.ZPACK.Gen9'Code:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 21:16 on 16/04/2016 by Florian
Administrator - Elevation successful
========== regfind ==========
Searching for "WinZipper"
No data found.
Searching for "QQBrowser"
No data found.
Searching for "WinTsks"
No data found.
Searching for "SpeedSearchesbnd"
No data found.
Searching for "eCyber"
No data found.
Searching for "WinZiper"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\winzipersvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\winzipersvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\winzipersvc]
Searching for "qksee"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@="qkseeViewer.ico"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg 2000\UserChoice]
@="qkseeViewer.jpeg"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpeg 2000]
@="qkseeViewer.jpeg"
[HKEY_USERS\S-1-5-21-2977951965-3881512990-2941591932-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@="qkseeViewer.ico"
[HKEY_USERS\S-1-5-21-2977951965-3881512990-2941591932-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg 2000\UserChoice]
@="qkseeViewer.jpeg"
Searching for "WdMan"
No data found.
-= EOF =-
|
|
17.04.2016, 11:01
| #12 |
| /// TB-Ausbilder | Probleme TR/Crypt.ZPACK.Gen9' Servus, wir entfernen die letzten Reste und kontrollieren nochmal alles.  Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\winzipersvc
CMD: reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice" /ve /f
CMD: reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg 2000\UserChoice" /ve /f
CMD: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpeg 2000" /ve /f
Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224 2015-01-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\napinsp.dll"
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424 2013-10-10] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\winrnr.dll"
CMD: type C:\Windows\System32\Tasks\{6CC98E2B-9BE5-462B-B369-42069058EAD6}
CMD: type C:\Windows\System32\Tasks\{F44ECDBE-298A-40D7-98D3-C0FF3FE1E600}
CMD: type C:\Windows\System32\Tasks\{C549D747-D157-44A3-B17F-90B8555BB588}
CMD: type C:\Windows\System32\Tasks\{749E0A3A-4B7C-4FE9-8938-E83057C9F759}
CMD: type C:\Windows\System32\Tasks\{ED1502EC-54FB-4E08-A6C0-E820F96C49B8}
Task: {3501A96D-7D76-49A6-89C1-9D4CC5A594BD} - System32\Tasks\{6CC98E2B-9BE5-462B-B369-42069058EAD6} => Firefox.exe
Task: {456917AC-305D-4750-9A8A-97CE3358DACB} - System32\Tasks\{F44ECDBE-298A-40D7-98D3-C0FF3FE1E600} => Firefox.exe
Task: {601D5388-3E87-4821-B528-5EAAB4552D9E} - System32\Tasks\{C549D747-D157-44A3-B17F-90B8555BB588} => Firefox.exe
Task: {6AACC338-2AEB-415A-AA0F-6EECC5CE3888} - System32\Tasks\{17CD3FDE-47B6-4A20-B087-66B52DE14763} => pcalua.exe -a "C:\Users\Florian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\67QQDUW5\Firefox%20Setup%203.6.3[1].exe" -d C:\Users\Florian\Desktop
Task: {72E115C5-3CFC-4168-B3C3-D857A10673FA} - System32\Tasks\{8BDA699B-E140-4568-84AA-41BE9AA72E88} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
Task: {827EDDF5-D8A3-4686-8C59-C02451199847} - System32\Tasks\{749E0A3A-4B7C-4FE9-8938-E83057C9F759} => Firefox.exe
Task: {AA24DB11-CA45-423B-BCC5-855FF7D8B0F4} - System32\Tasks\{ED1502EC-54FB-4E08-A6C0-E820F96C49B8} => Firefox.exe
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 4
Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
17.04.2016, 21:37
| #13 |
| | die Logdatei des FRST-Fix,Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:15-09-2015
durchgeführt von Florian (2016-04-17 17:12:58) Run:1
Gestartet von C:\Users\Florian\Desktop
Geladene Profile: Florian (Verfügbare Profile: Florian)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\winzipersvc
CMD: reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice" /ve /f
CMD: reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg 2000\UserChoice" /ve /f
CMD: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpeg 2000" /ve /f
Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224 2015-01-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\napinsp.dll"
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424 2013-10-10] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\winrnr.dll"
CMD: type C:\Windows\System32\Tasks\{6CC98E2B-9BE5-462B-B369-42069058EAD6}
CMD: type C:\Windows\System32\Tasks\{F44ECDBE-298A-40D7-98D3-C0FF3FE1E600}
CMD: type C:\Windows\System32\Tasks\{C549D747-D157-44A3-B17F-90B8555BB588}
CMD: type C:\Windows\System32\Tasks\{749E0A3A-4B7C-4FE9-8938-E83057C9F759}
CMD: type C:\Windows\System32\Tasks\{ED1502EC-54FB-4E08-A6C0-E820F96C49B8}
Task: {3501A96D-7D76-49A6-89C1-9D4CC5A594BD} - System32\Tasks\{6CC98E2B-9BE5-462B-B369-42069058EAD6} => Firefox.exe
Task: {456917AC-305D-4750-9A8A-97CE3358DACB} - System32\Tasks\{F44ECDBE-298A-40D7-98D3-C0FF3FE1E600} => Firefox.exe
Task: {601D5388-3E87-4821-B528-5EAAB4552D9E} - System32\Tasks\{C549D747-D157-44A3-B17F-90B8555BB588} => Firefox.exe
Task: {6AACC338-2AEB-415A-AA0F-6EECC5CE3888} - System32\Tasks\{17CD3FDE-47B6-4A20-B087-66B52DE14763} => pcalua.exe -a "C:\Users\Florian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\67QQDUW5\Firefox%20Setup%203.6.3[1].exe" -d C:\Users\Florian\Desktop
Task: {72E115C5-3CFC-4168-B3C3-D857A10673FA} - System32\Tasks\{8BDA699B-E140-4568-84AA-41BE9AA72E88} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
Task: {827EDDF5-D8A3-4686-8C59-C02451199847} - System32\Tasks\{749E0A3A-4B7C-4FE9-8938-E83057C9F759} => Firefox.exe
Task: {AA24DB11-CA45-423B-BCC5-855FF7D8B0F4} - System32\Tasks\{ED1502EC-54FB-4E08-A6C0-E820F96C49B8} => Firefox.exe
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozess erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\winzipersvc => Schlüssel erfolgreich entfernt
========= reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice" /ve /f =========
Der Vorgang wurde erfolgreich beendet.
========= Ende von CMD: =========
========= reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg 2000\UserChoice" /ve /f =========
Der Vorgang wurde erfolgreich beendet.
========= Ende von CMD: =========
========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpeg 2000" /ve /f =========
Der Vorgang wurde erfolgreich beendet.
========= Ende von CMD: =========
Winsock: Catalog5 000000000001\\LibraryPath => erfolgreich wiederhergestellt (%SystemRoot%\system32\NLAapi.dll)
Winsock: Catalog5 000000000002\\LibraryPath => erfolgreich wiederhergestellt (%SystemRoot%\system32\napinsp.dll)
Winsock: Catalog5 000000000003\\LibraryPath => erfolgreich wiederhergestellt (%SystemRoot%\system32\pnrpnsp.dll)
Winsock: Catalog5 000000000004\\LibraryPath => erfolgreich wiederhergestellt (%SystemRoot%\system32\pnrpnsp.dll)
Winsock: Catalog5 000000000005\\LibraryPath => erfolgreich wiederhergestellt (%SystemRoot%\System32\mswsock.dll)
Winsock: Catalog5 000000000006\\LibraryPath => erfolgreich wiederhergestellt (%SystemRoot%\System32\winrnr.dll)
========= type C:\Windows\System32\Tasks\{6CC98E2B-9BE5-462B-B369-42069058EAD6} =========
<?xml version="1.0" encoding="UTF-16"?>
<Task version="1.2" xmlns="hxxp://schemas.microsoft.com/windows/2004/02/mit/task">
<RegistrationInfo />
<Triggers>
<RegistrationTrigger>
<Enabled>true</Enabled>
</RegistrationTrigger>
</Triggers>
<Settings>
<MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>
<DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>
<StopIfGoingOnBatteries>true</StopIfGoingOnBatteries>
<AllowHardTerminate>true</AllowHardTerminate>
<StartWhenAvailable>false</StartWhenAvailable>
<RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>
<IdleSettings>
<Duration>PT10M</Duration>
<WaitTimeout>PT1H</WaitTimeout>
<StopOnIdleEnd>true</StopOnIdleEnd>
<RestartOnIdle>false</RestartOnIdle>
</IdleSettings>
<AllowStartOnDemand>true</AllowStartOnDemand>
<Enabled>true</Enabled>
<Hidden>false</Hidden>
<RunOnlyIfIdle>false</RunOnlyIfIdle>
<WakeToRun>false</WakeToRun>
<ExecutionTimeLimit>PT72H</ExecutionTimeLimit>
<Priority>7</Priority>
</Settings>
<Actions Context="Author">
<Exec>
<Command>C:\Program Files (x86)\Mozilla Firefox\firefox.exe</Command>
</Exec>
</Actions>
<Principals>
<Principal id="Author">
<UserId>Florian-PC\Florian</UserId>
<LogonType>InteractiveToken</LogonType>
<RunLevel>LeastPrivilege</RunLevel>
</Principal>
</Principals>
</Task>
========= Ende von CMD: =========
========= type C:\Windows\System32\Tasks\{F44ECDBE-298A-40D7-98D3-C0FF3FE1E600} =========
<?xml version="1.0" encoding="UTF-16"?>
<Task version="1.2" xmlns="hxxp://schemas.microsoft.com/windows/2004/02/mit/task">
<RegistrationInfo />
<Triggers>
<RegistrationTrigger>
<Enabled>true</Enabled>
</RegistrationTrigger>
</Triggers>
<Settings>
<MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>
<DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>
<StopIfGoingOnBatteries>true</StopIfGoingOnBatteries>
<AllowHardTerminate>true</AllowHardTerminate>
<StartWhenAvailable>false</StartWhenAvailable>
<RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>
<IdleSettings>
<Duration>PT10M</Duration>
<WaitTimeout>PT1H</WaitTimeout>
<StopOnIdleEnd>true</StopOnIdleEnd>
<RestartOnIdle>false</RestartOnIdle>
</IdleSettings>
<AllowStartOnDemand>true</AllowStartOnDemand>
<Enabled>true</Enabled>
<Hidden>false</Hidden>
<RunOnlyIfIdle>false</RunOnlyIfIdle>
<WakeToRun>false</WakeToRun>
<ExecutionTimeLimit>PT72H</ExecutionTimeLimit>
<Priority>7</Priority>
</Settings>
<Actions Context="Author">
<Exec>
<Command>C:\Program Files (x86)\Mozilla Firefox\firefox.exe</Command>
</Exec>
</Actions>
<Principals>
<Principal id="Author">
<UserId>Florian-PC\Florian</UserId>
<LogonType>InteractiveToken</LogonType>
<RunLevel>LeastPrivilege</RunLevel>
</Principal>
</Principals>
</Task>
========= Ende von CMD: =========
========= type C:\Windows\System32\Tasks\{C549D747-D157-44A3-B17F-90B8555BB588} =========
<?xml version="1.0" encoding="UTF-16"?>
<Task version="1.2" xmlns="hxxp://schemas.microsoft.com/windows/2004/02/mit/task">
<RegistrationInfo />
<Triggers>
<RegistrationTrigger>
<Enabled>true</Enabled>
</RegistrationTrigger>
</Triggers>
<Settings>
<MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>
<DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>
<StopIfGoingOnBatteries>true</StopIfGoingOnBatteries>
<AllowHardTerminate>true</AllowHardTerminate>
<StartWhenAvailable>false</StartWhenAvailable>
<RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>
<IdleSettings>
<Duration>PT10M</Duration>
<WaitTimeout>PT1H</WaitTimeout>
<StopOnIdleEnd>true</StopOnIdleEnd>
<RestartOnIdle>false</RestartOnIdle>
</IdleSettings>
<AllowStartOnDemand>true</AllowStartOnDemand>
<Enabled>true</Enabled>
<Hidden>false</Hidden>
<RunOnlyIfIdle>false</RunOnlyIfIdle>
<WakeToRun>false</WakeToRun>
<ExecutionTimeLimit>PT72H</ExecutionTimeLimit>
<Priority>7</Priority>
</Settings>
<Actions Context="Author">
<Exec>
<Command>C:\Program Files (x86)\Mozilla Firefox\firefox.exe</Command>
</Exec>
</Actions>
<Principals>
<Principal id="Author">
<UserId>Florian-PC\Florian</UserId>
<LogonType>InteractiveToken</LogonType>
<RunLevel>LeastPrivilege</RunLevel>
</Principal>
</Principals>
</Task>
========= Ende von CMD: =========
========= type C:\Windows\System32\Tasks\{749E0A3A-4B7C-4FE9-8938-E83057C9F759} =========
<?xml version="1.0" encoding="UTF-16"?>
<Task version="1.2" xmlns="hxxp://schemas.microsoft.com/windows/2004/02/mit/task">
<RegistrationInfo />
<Triggers>
<RegistrationTrigger>
<Enabled>true</Enabled>
</RegistrationTrigger>
</Triggers>
<Settings>
<MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>
<DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>
<StopIfGoingOnBatteries>true</StopIfGoingOnBatteries>
<AllowHardTerminate>true</AllowHardTerminate>
<StartWhenAvailable>false</StartWhenAvailable>
<RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>
<IdleSettings>
<Duration>PT10M</Duration>
<WaitTimeout>PT1H</WaitTimeout>
<StopOnIdleEnd>true</StopOnIdleEnd>
<RestartOnIdle>false</RestartOnIdle>
</IdleSettings>
<AllowStartOnDemand>true</AllowStartOnDemand>
<Enabled>true</Enabled>
<Hidden>false</Hidden>
<RunOnlyIfIdle>false</RunOnlyIfIdle>
<WakeToRun>false</WakeToRun>
<ExecutionTimeLimit>PT72H</ExecutionTimeLimit>
<Priority>7</Priority>
</Settings>
<Actions Context="Author">
<Exec>
<Command>C:\Program Files (x86)\Mozilla Firefox\firefox.exe</Command>
</Exec>
</Actions>
<Principals>
<Principal id="Author">
<UserId>Florian-PC\Florian</UserId>
<LogonType>InteractiveToken</LogonType>
<RunLevel>LeastPrivilege</RunLevel>
</Principal>
</Principals>
</Task>
========= Ende von CMD: =========
========= type C:\Windows\System32\Tasks\{ED1502EC-54FB-4E08-A6C0-E820F96C49B8} =========
<?xml version="1.0" encoding="UTF-16"?>
<Task version="1.2" xmlns="hxxp://schemas.microsoft.com/windows/2004/02/mit/task">
<RegistrationInfo />
<Triggers>
<RegistrationTrigger>
<Enabled>true</Enabled>
</RegistrationTrigger>
</Triggers>
<Settings>
<MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>
<DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>
<StopIfGoingOnBatteries>true</StopIfGoingOnBatteries>
<AllowHardTerminate>true</AllowHardTerminate>
<StartWhenAvailable>false</StartWhenAvailable>
<RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>
<IdleSettings>
<Duration>PT10M</Duration>
<WaitTimeout>PT1H</WaitTimeout>
<StopOnIdleEnd>true</StopOnIdleEnd>
<RestartOnIdle>false</RestartOnIdle>
</IdleSettings>
<AllowStartOnDemand>true</AllowStartOnDemand>
<Enabled>true</Enabled>
<Hidden>false</Hidden>
<RunOnlyIfIdle>false</RunOnlyIfIdle>
<WakeToRun>false</WakeToRun>
<ExecutionTimeLimit>PT72H</ExecutionTimeLimit>
<Priority>7</Priority>
</Settings>
<Actions Context="Author">
<Exec>
<Command>C:\Program Files (x86)\Mozilla Firefox\firefox.exe</Command>
</Exec>
</Actions>
<Principals>
<Principal id="Author">
<UserId>Florian-PC\Florian</UserId>
<LogonType>InteractiveToken</LogonType>
<RunLevel>LeastPrivilege</RunLevel>
</Principal>
</Principals>
</Task>
========= Ende von CMD: =========
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3501A96D-7D76-49A6-89C1-9D4CC5A594BD}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3501A96D-7D76-49A6-89C1-9D4CC5A594BD}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{6CC98E2B-9BE5-462B-B369-42069058EAD6} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6CC98E2B-9BE5-462B-B369-42069058EAD6}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{456917AC-305D-4750-9A8A-97CE3358DACB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{456917AC-305D-4750-9A8A-97CE3358DACB}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{F44ECDBE-298A-40D7-98D3-C0FF3FE1E600} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F44ECDBE-298A-40D7-98D3-C0FF3FE1E600}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{601D5388-3E87-4821-B528-5EAAB4552D9E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{601D5388-3E87-4821-B528-5EAAB4552D9E}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{C549D747-D157-44A3-B17F-90B8555BB588} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C549D747-D157-44A3-B17F-90B8555BB588}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6AACC338-2AEB-415A-AA0F-6EECC5CE3888}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AACC338-2AEB-415A-AA0F-6EECC5CE3888}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{17CD3FDE-47B6-4A20-B087-66B52DE14763} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{17CD3FDE-47B6-4A20-B087-66B52DE14763}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72E115C5-3CFC-4168-B3C3-D857A10673FA}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72E115C5-3CFC-4168-B3C3-D857A10673FA}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{8BDA699B-E140-4568-84AA-41BE9AA72E88} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8BDA699B-E140-4568-84AA-41BE9AA72E88}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{827EDDF5-D8A3-4686-8C59-C02451199847}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{827EDDF5-D8A3-4686-8C59-C02451199847}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{749E0A3A-4B7C-4FE9-8938-E83057C9F759} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{749E0A3A-4B7C-4FE9-8938-E83057C9F759}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA24DB11-CA45-423B-BCC5-855FF7D8B0F4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA24DB11-CA45-423B-BCC5-855FF7D8B0F4}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{ED1502EC-54FB-4E08-A6C0-E820F96C49B8} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ED1502EC-54FB-4E08-A6C0-E820F96C49B8}" => Schlüssel erfolgreich entfernt
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl�sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.
========= Ende von CMD: =========
EmptyTemp: => 144.4 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 17:13:13 ====
Code:
ATTFilter Logdatei von ESET,
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=10d8d356e2e4984f9595ee9df58dec0b
# end=init
# utc_time=2016-04-17 03:39:57
# local_time=2016-04-17 05:39:57 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=41221
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=37126
Update Finalize
Updated modules version: 0
Old modules - delete modules
Update Init
Update Download
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=41221
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=37126
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
Update Init
Update Download
Update Finalize
Updated modules version: 29107
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=10d8d356e2e4984f9595ee9df58dec0b
# end=updated
# utc_time=2016-04-17 05:26:40
# local_time=2016-04-17 07:26:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=10d8d356e2e4984f9595ee9df58dec0b
# engine=29107
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-04-17 07:29:23
# local_time=2016-04-17 09:29:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 100 16657 54806417 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 52621008 212551213 0 0
# scanned=284956
# found=0
# cleaned=0
# scan_time=7362
Code:
ATTFilter Logdatei von HitmanPro, FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
durchgeführt von Florian (Administrator) auf FLORIAN-PC (17-04-2016 22:32:29)
Gestartet von C:\Users\Florian\Desktop
Geladene Profile: Florian (Verfügbare Profile: Florian)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(TeamViewer GmbH) D:\Programme\TeamViewer\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
() C:\Users\Florian\AppData\LocalLow\WOT\IE\WOTUpdater.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
(Nullsoft, Inc.) D:\Multimediaprogramme\Winamp\winamp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\FdmBrowserHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-06] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1609296 2010-06-26] (Logitech, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [696320 2011-11-18] ()
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-24] (AVM Berlin)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2010-05-13]
ShortcutTarget: DSL-Manager.lnk -> D:\Programme\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2010-05-13]
ShortcutTarget: DSL-Manager.lnk -> D:\Programme\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{46A21199-6841-4D64-908B-2AC9386B247B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5F378C25-B3F5-4DAF-881C-E32CBBD8EF12}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2977951965-3881512990-2941591932-1001 -> DefaultScope {5867B61C-0F3F-4E79-BBEB-AC6A84A7813C} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2977951965-3881512990-2941591932-1001 -> {5867B61C-0F3F-4E79-BBEB-AC6A84A7813C} URL = hxxp://www.google.de/search?q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-29] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2016-03-16] (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-29] (Oracle Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870
FF Homepage: hxxp://www.t-online.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-11-14] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll [Keine Datei]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-11-14] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> D:\Multimediaprogramme\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> D:\Multimediaprogramme\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Multimediaprogramme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-07-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-07-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-07-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-07-18] (Apple Inc.)
FF SearchPlugin: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\searchplugins\ebay-kleinanzeigen-.xml [2014-08-23]
FF SearchPlugin: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\searchplugins\myvideo.xml [2014-08-16]
FF SearchPlugin: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\searchplugins\youtube.xml [2014-08-16]
FF Extension: Avira Browser Safety - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\abs@avira.com [2016-04-13]
FF Extension: German Dictionary - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-01-18]
FF Extension: Block site - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2015-06-04]
FF Extension: Add to Search Bar - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\add-to-searchbox@maltekraus.de.xpi [2014-08-16]
FF Extension: Classic Theme Restorer - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-08-16]
FF Extension: Snap Links Plus - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\snaplinks@snaplinks.mozdev.org.xpi [2016-02-06]
FF Extension: Video DownloadHelper - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-29]
FF Extension: Hide Tab Bar With One Tab - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\pzcv1ksp.default-1408203743870\Extensions\{e5bbc237-c99b-4ced-a061-0be27703295f}.xpi [2014-08-16]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-04-14]
FF HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files (x86)\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager extension - C:\Program Files (x86)\Free Download Manager\Firefox\Extension [2016-04-05]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nphjeokkkbngjpiofnfpnafjeofjomfb] - C:\Users\Florian\AppData\LocalLow\WOT\CHROME\WOT.crx [2012-01-12]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-08] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-06-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-19] (BlueStack Systems, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [Datei ist nicht signiert]
S3 TDslMgrService; D:\Programme\DSL-Manager\DslMgrSvc.exe [307200 2008-10-23] (T-Systems Enterprise Services GmbH) [Datei ist nicht signiert]
R2 TeamViewer; D:\Programme\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2010-10-27] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1403200 2010-09-30] (TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WOTUpdater; C:\Users\Florian\AppData\LocalLow\WOT\IE\WOTUpdater.exe [18432 2012-01-12] () [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-08] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-08] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-08-24] (AVM Berlin)
S3 AVMUNET; C:\Windows\System32\DRIVERS\avmunet.sys [30208 2006-11-07] (AVM GmbH) [Datei ist nicht signiert]
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-06-19] (BlueStack Systems)
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-24] (AVM GmbH)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 PciDumpr; C:\Program Files (x86)\Common Files\T-Com\DSLCheck\PciDumpr.sys [2144 2001-01-26] () [Datei ist nicht signiert]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2010-02-24] (TuneUp Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-17 22:32 - 2016-04-17 22:32 - 00038198 _____ C:\Users\Florian\Desktop\HitmanPro_20160417_2232.log
2016-04-17 22:32 - 2016-04-17 22:32 - 00019481 _____ C:\Users\Florian\Desktop\FRST.txt
2016-04-17 22:26 - 2016-04-17 22:32 - 00000000 ____D C:\ProgramData\HitmanPro
2016-04-17 17:38 - 2016-04-17 17:38 - 00000000 ____D C:\Program Files (x86)\ESET
2016-04-17 17:19 - 2016-04-17 17:27 - 11441744 _____ (SurfRight B.V.) C:\Users\Florian\Desktop\HitmanPro_x64.exe
2016-04-17 17:18 - 2016-04-17 17:21 - 02870984 _____ (ESET) C:\Users\Florian\Desktop\esetsmartinstaller_deu.exe
2016-04-17 17:12 - 2015-09-17 20:27 - 02191360 _____ (Farbar) C:\Users\Florian\Desktop\FRST64.exe
2016-04-16 16:29 - 2016-04-16 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Einsatzstellenverwaltung
2016-04-14 17:11 - 2016-03-31 21:25 - 00394952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-14 17:11 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-14 17:11 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-14 17:11 - 2016-03-31 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-14 17:11 - 2016-03-31 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-04-14 17:11 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-14 17:11 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-14 17:11 - 2016-03-31 02:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-04-14 17:11 - 2016-03-31 02:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-14 17:11 - 2016-03-31 02:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-04-14 17:11 - 2016-03-31 02:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-04-14 17:11 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-14 17:11 - 2016-03-31 02:22 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-14 17:11 - 2016-03-31 02:21 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-04-14 17:11 - 2016-03-31 02:19 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-14 17:11 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-14 17:11 - 2016-03-31 02:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-04-14 17:11 - 2016-03-31 02:17 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-14 17:11 - 2016-03-31 02:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-04-14 17:11 - 2016-03-31 02:11 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-14 17:11 - 2016-03-31 02:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-14 17:11 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-14 17:11 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-04-14 17:11 - 2016-03-31 02:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-14 17:11 - 2016-03-31 01:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-04-14 17:11 - 2016-03-31 01:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-04-14 17:11 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-14 17:11 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-14 17:11 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-14 17:11 - 2016-03-31 01:53 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-04-14 17:11 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-04-14 17:11 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-04-14 17:11 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-04-14 17:11 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-04-14 17:11 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-14 17:11 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-04-14 17:11 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-04-14 17:11 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-04-14 17:11 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-14 17:11 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-04-14 17:11 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-14 17:11 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-04-14 17:11 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-14 17:11 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-14 17:11 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-14 17:11 - 2016-03-31 01:42 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-04-14 17:11 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-14 17:11 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-04-14 17:11 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-14 17:11 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-04-14 17:11 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-04-14 17:11 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-04-14 17:11 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-14 17:11 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-14 17:11 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-14 17:11 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-04-14 17:11 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-14 17:11 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-14 17:11 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-14 17:11 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-04-14 17:11 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-14 17:11 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-14 17:11 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-14 17:11 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-14 17:11 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-14 17:11 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-14 16:23 - 2016-04-14 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-13 20:08 - 2016-03-18 01:04 - 05551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-13 20:08 - 2016-03-18 01:04 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-13 20:08 - 2016-03-18 01:04 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-13 20:08 - 2016-03-18 01:04 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-13 20:08 - 2016-03-18 01:01 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 20:08 - 2016-03-18 01:01 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-13 20:08 - 2016-03-18 00:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-13 20:08 - 2016-03-18 00:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-13 20:08 - 2016-03-18 00:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-13 20:08 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 20:08 - 2016-03-18 00:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-04-13 20:08 - 2016-03-18 00:54 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-13 20:08 - 2016-03-18 00:54 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-13 20:08 - 2016-03-18 00:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-13 20:08 - 2016-03-18 00:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-13 20:08 - 2016-03-18 00:53 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 20:08 - 2016-03-18 00:53 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-13 20:08 - 2016-03-18 00:53 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-13 20:08 - 2016-03-18 00:53 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-04-13 20:08 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-04-13 20:08 - 2016-03-18 00:33 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-04-13 20:08 - 2016-03-18 00:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-04-13 20:08 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-04-13 20:08 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-04-13 20:08 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-04-13 20:08 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-04-13 20:08 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-04-13 20:08 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-04-13 20:08 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-13 20:08 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-04-13 20:08 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-04-13 20:08 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-04-13 20:08 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-04-13 20:08 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-13 20:08 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 20:08 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 20:08 - 2016-03-17 23:53 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-13 20:08 - 2016-03-17 23:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-13 20:08 - 2016-03-17 23:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-13 20:08 - 2016-03-17 23:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-13 20:08 - 2016-03-17 23:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-13 20:08 - 2016-03-17 23:43 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-13 20:08 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-04-13 20:08 - 2016-03-17 23:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-13 20:08 - 2016-03-17 23:37 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-13 20:08 - 2016-03-17 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-13 20:08 - 2016-03-17 23:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-13 20:08 - 2016-03-17 23:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-13 20:08 - 2016-03-17 23:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-04-13 20:08 - 2016-03-17 23:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-04-13 20:08 - 2016-03-17 23:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-04-13 20:08 - 2016-03-17 23:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-04-13 20:08 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-04-13 20:08 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 20:08 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 20:08 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 20:08 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 20:02 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 20:02 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-13 20:02 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-13 20:02 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-04-13 19:41 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 19:41 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 19:41 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-13 19:03 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 19:03 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-13 19:03 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-13 19:03 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-13 18:49 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-13 18:49 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-13 18:49 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-13 18:49 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-13 18:49 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-13 18:49 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-13 18:49 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-13 18:49 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-13 18:43 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-13 18:43 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-04-09 22:50 - 2016-04-09 22:50 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-05 22:54 - 2016-04-05 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
2016-04-05 22:54 - 2016-04-05 23:05 - 00000000 ____D C:\Program Files (x86)\Free Download Manager
2016-04-05 19:46 - 2016-04-05 22:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-26 15:07 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-03-26 15:07 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-03-26 15:07 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-03-26 15:07 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-26 15:07 - 2016-02-01 21:08 - 00114624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-26 15:07 - 2016-02-01 20:59 - 03243008 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-26 15:07 - 2016-02-01 20:59 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-03-26 15:07 - 2016-02-01 20:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-03-26 15:07 - 2016-02-01 20:56 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-26 15:07 - 2016-02-01 20:56 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-26 15:07 - 2016-02-01 20:49 - 02364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-03-26 15:07 - 2016-02-01 20:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-03-26 15:07 - 2016-02-01 20:49 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-03-26 15:07 - 2016-02-01 20:45 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-26 15:07 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-03-26 15:06 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-17 22:32 - 2015-05-31 14:15 - 00000000 ____D C:\FRST
2016-04-17 21:56 - 2012-07-08 02:26 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-17 21:46 - 2012-08-15 18:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-17 17:55 - 2010-05-12 21:21 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{61D97D25-2BEF-4AEC-A94F-510529E28523}
2016-04-17 17:22 - 2009-07-14 06:45 - 00026384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-17 17:22 - 2009-07-14 06:45 - 00026384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-17 17:18 - 2014-06-29 18:52 - 01408013 _____ C:\Windows\WindowsUpdate.log
2016-04-17 17:14 - 2014-10-05 19:31 - 01088706 _____ C:\Windows\PFRO.log
2016-04-17 17:14 - 2014-10-05 01:00 - 21675186 _____ C:\Windows\setupact.log
2016-04-17 17:14 - 2012-07-08 02:26 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-17 17:14 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-16 23:13 - 2010-05-09 13:35 - 00000000 ____D C:\Users\Florian
2016-04-16 23:12 - 2011-12-20 20:18 - 00000099 _____ C:\Users\Public\LMDebug.log
2016-04-16 22:50 - 2015-05-31 14:08 - 00000000 ____D C:\AdwCleaner
2016-04-16 22:45 - 2012-12-03 00:26 - 00000000 ____D C:\Users\Florian\.BH
2016-04-16 22:33 - 2012-09-09 17:34 - 00000000 ____D C:\Users\Florian\AppData\Local\CrashDumps
2016-04-16 22:17 - 2009-07-14 19:58 - 00699432 _____ C:\Windows\system32\perfh007.dat
2016-04-16 22:17 - 2009-07-14 19:58 - 00149572 _____ C:\Windows\system32\perfc007.dat
2016-04-16 22:17 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-16 20:58 - 2010-05-14 00:41 - 00000000 ____D C:\Users\Florian\AppData\Roaming\VSO
2016-04-16 17:09 - 2012-03-25 13:34 - 00000000 ____D C:\Users\Florian\Feuerwehr und BRK
2016-04-16 16:51 - 2014-08-24 22:03 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-16 16:44 - 2014-12-14 01:15 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-16 16:42 - 2014-08-17 12:56 - 00019968 _____ C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-16 16:41 - 2013-11-17 22:27 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-04-16 15:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-04-15 22:40 - 2012-03-25 13:31 - 00054573 _____ C:\Users\Florian\Fahrtenbuch.ods
2016-04-15 22:38 - 2015-11-17 21:28 - 00065452 _____ C:\Users\Florian\Einausgaben.ods
2016-04-15 21:38 - 2010-05-13 17:52 - 01071616 ___SH C:\Users\Florian\Thumbs.db
2016-04-15 16:18 - 2012-05-05 16:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-14 21:51 - 2009-07-14 06:45 - 00679312 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-14 18:37 - 2014-12-12 16:12 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-14 17:24 - 2010-05-09 15:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-04-14 17:23 - 2013-07-18 15:49 - 00000000 ____D C:\Windows\system32\MRT
2016-04-14 17:16 - 2010-05-13 15:03 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-12 20:52 - 2012-03-25 13:34 - 00000000 ____D C:\Users\Florian\Briefe
2016-04-12 20:40 - 2015-12-23 22:33 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Free Download Manager
2016-04-10 00:46 - 2016-03-05 14:49 - 00001865 _____ C:\Users\Public\Desktop\P-touch Editor 5.1.lnk
2016-04-10 00:46 - 2016-02-28 00:27 - 00001462 _____ C:\Users\Public\Desktop\LibreOffice 5.0.lnk
2016-04-10 00:46 - 2015-12-25 13:36 - 00001098 _____ C:\Users\Florian\Desktop\Free Doanloadmanager.lnk
2016-04-10 00:46 - 2015-09-13 16:19 - 00001104 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2016-04-10 00:46 - 2015-09-09 19:07 - 00000676 _____ C:\Users\Public\Desktop\IrfanView.lnk
2016-04-10 00:46 - 2015-05-31 17:20 - 00000691 _____ C:\Users\Public\Desktop\dm-Fotowelt.lnk
2016-04-10 00:46 - 2015-05-16 01:20 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-10 00:46 - 2015-05-16 01:20 - 00002041 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-04-10 00:46 - 2015-04-08 19:09 - 00001633 _____ C:\Users\Florian\Desktop\Avira.lnk
2016-04-10 00:46 - 2014-12-28 17:20 - 00000683 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2016-04-10 00:46 - 2014-12-28 17:20 - 00000683 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2016-04-10 00:46 - 2014-12-28 16:37 - 00000669 _____ C:\Users\Florian\Desktop\teXXas.lnk
2016-04-10 00:46 - 2014-12-16 21:43 - 00000684 _____ C:\Users\Florian\Desktop\VSO Image Resizer.lnk
2016-04-10 00:46 - 2014-11-23 16:26 - 00001244 _____ C:\Users\Florian\Desktop\mbar.exe -.lnk
2016-04-10 00:46 - 2014-08-13 01:18 - 00001618 _____ C:\Users\Public\Desktop\Logitech Webcam Software .lnk
2016-04-10 00:46 - 2014-08-11 03:34 - 00001067 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-04-10 00:46 - 2014-03-23 19:54 - 00002206 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-04-10 00:46 - 2013-09-03 21:57 - 00001801 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2016-04-10 00:46 - 2013-01-12 04:41 - 00001103 _____ C:\Users\Florian\Desktop\Smart Panel.lnk
2016-04-10 00:46 - 2012-12-04 10:32 - 00001410 _____ C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Windows installieren.lnk
2016-04-10 00:46 - 2012-12-03 00:26 - 00000786 _____ C:\Users\Florian\Desktop\BilderHerunterlader.lnk
2016-04-10 00:46 - 2012-04-15 21:11 - 00002084 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-04-10 00:46 - 2012-01-29 01:11 - 00001686 _____ C:\Users\Florian\Desktop\PhotoStudio.lnk
2016-04-10 00:46 - 2012-01-14 20:40 - 00001865 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-10 00:46 - 2012-01-14 20:40 - 00001859 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-10 00:46 - 2011-11-24 18:56 - 00000946 _____ C:\Users\Public\Desktop\Top50 V5 Viewer.lnk
2016-04-10 00:46 - 2011-10-08 22:32 - 00001744 _____ C:\Users\Public\Desktop\Nokia PC Suite.lnk
2016-04-10 00:46 - 2011-07-17 16:21 - 00002204 _____ C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
2016-04-10 00:46 - 2010-11-07 23:34 - 00000673 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-10 00:46 - 2010-10-26 20:55 - 00002736 _____ C:\Users\Public\Desktop\Nero StartSmart.lnk
2016-04-10 00:46 - 2010-05-30 04:04 - 00000632 _____ C:\Users\Florian\Desktop\RegCleaner.lnk
2016-04-10 00:46 - 2010-05-14 14:59 - 00000737 _____ C:\Users\Florian\Desktop\Cefic ERICards Offline.lnk
2016-04-10 00:46 - 2010-05-14 13:50 - 00002169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities.lnk
2016-04-10 00:46 - 2010-05-14 13:50 - 00002163 _____ C:\Users\Public\Desktop\TuneUp Utilities.lnk
2016-04-10 00:46 - 2010-05-13 23:29 - 00000623 _____ C:\Users\Public\Desktop\LingoPad.lnk
2016-04-10 00:46 - 2010-05-13 20:54 - 00001143 _____ C:\Users\Florian\Desktop\Fahrtenbuch.lnk
2016-04-10 00:46 - 2010-05-12 20:06 - 00001816 _____ C:\Users\Florian\Desktop\Microsoft Office - Verknüpfung.lnk
2016-04-10 00:46 - 2010-05-10 19:07 - 00002093 _____ C:\Users\Public\Desktop\MP Navigator EX 2.0.lnk
2016-04-10 00:46 - 2010-05-09 13:48 - 00001425 _____ C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-10 00:46 - 2010-05-09 13:48 - 00001379 _____ C:\Users\Florian\Desktop\Internet Explorer (64-bit).lnk
2016-04-10 00:46 - 2010-05-09 13:35 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-04-10 00:46 - 2010-05-09 13:35 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-04-10 00:46 - 2010-05-09 12:42 - 00001179 _____ C:\Users\Public\Desktop\SpeedCommander.lnk
2016-04-10 00:46 - 2009-07-14 07:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-04-10 00:46 - 2009-07-14 06:57 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-10 00:46 - 2009-07-14 06:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-04-10 00:46 - 2009-07-14 06:57 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-04-10 00:46 - 2009-07-14 06:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-04-10 00:46 - 2009-07-14 06:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-04-10 00:46 - 2009-07-14 06:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-04-10 00:45 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\Performance
2016-04-09 20:13 - 2016-03-12 20:57 - 00000000 ____D C:\Users\Florian\Downloads\PSNV
2016-04-09 18:02 - 2012-10-31 20:42 - 00000000 ____D C:\Users\Florian\AppData\Roaming\vlc
2016-04-07 20:49 - 2012-08-15 18:45 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-07 20:49 - 2012-03-30 14:31 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-07 20:49 - 2012-01-14 20:03 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-01 22:34 - 2012-03-25 13:34 - 00000000 ____D C:\Users\Florian\Verzeichnisse
2016-03-31 19:52 - 2014-01-06 03:51 - 00026204 _____ C:\Users\Florian\Haus Zählerstände Haus.ods
2016-03-29 15:39 - 2015-11-21 23:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-29 15:39 - 2010-05-13 22:39 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-29 15:38 - 2015-11-21 23:21 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-03-29 15:38 - 2015-08-30 13:31 - 00000000 ____D C:\Users\Florian\.oracle_jre_usage
2016-03-21 18:44 - 2012-03-25 13:34 - 00000000 ____D C:\Users\Florian\Internet
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2010-05-28 19:58 - 2013-05-12 22:00 - 0000192 _____ () C:\Users\Florian\AppData\Roaming\default.rss
2010-05-28 19:58 - 2010-05-28 19:58 - 0000000 _____ () C:\Users\Florian\AppData\Roaming\downloads.m3u
2014-08-17 12:56 - 2016-04-16 16:42 - 0019968 _____ () C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-07-02 22:31 - 2010-07-02 22:32 - 0000333 _____ () C:\ProgramData\hpzinstall.log
2015-02-10 18:48 - 2015-02-10 18:48 - 0000366 _____ () C:\ProgramData\UpdStartupLog.log
Einige Dateien in TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-29 16:29
==================== Ende von FRST.txt ============================
|
|
17.04.2016, 21:39
| #14 |
| | Probleme TR/Crypt.ZPACK.Gen9' [CODE]addition.txtFRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:15-09-2015
durchgeführt von Florian (2016-04-17 22:33:14)
Gestartet von C:\Users\Florian\Desktop
Windows 7 Professional Service Pack 1 (X64) (2010-05-09 11:47:54)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2977951965-3881512990-2941591932-500 - Administrator - Disabled)
Florian (S-1-5-21-2977951965-3881512990-2941591932-1001 - Administrator - Enabled) => C:\Users\Florian
Gast (S-1-5-21-2977951965-3881512990-2941591932-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2977951965-3881512990-2941591932-1004 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version: - ArcSoft)
ATI AVIVO64 Codecs (Version: 10.10.0.40918 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{B85D868D-1415-FDA5-8DB9-D4D457080885}) (Version: 3.0.745.0 - ATI Technologies, Inc.)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
Audiograbber MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
AVM FRITZ!Box AddOn (IE) (x64) (HKLM\...\{EC3671D7-98AC-4951-8FFD-5556BE066137}) (Version: 1.7.0 - AVM Berlin)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
BilderHerunterlader 3.6.6 (HKLM-x32\...\BilderHerunterlader) (Version: - )
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{9D84E30F-6757-4A56-BCB5-51ADE3AE8631}) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
Brother P-touch Editor 5.1 (HKLM-x32\...\{39270390-A851-4E4B-94A9-D5C468216ED3}) (Version: 5.1.0500 - Brother Industries, Ltd.)
Brother P-touch Update Software (HKLM-x32\...\{42036760-2DA4-43C4-A48A-9F90A0F1FA0E}) (Version: 1.0.0060 - Brother Industries, Ltd.)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Canon iP3300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3300) (Version: - )
Canon iP3300 Benutzerregistrierung (HKLM-x32\...\Canon iP3300 Benutzerregistrierung) (Version: - )
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
CanoScan LiDE 200 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4807) (Version: - )
ccc-core-static (x32 Version: 2009.0918.2132.36825 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
CDex extraction audio (HKLM-x32\...\CDex) (Version: - )
Cefic ERICards Offline (Remove only) (HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\...\Ericards.NET) (Version: 3.6.0.0 - Pharox Automatisering B.V.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2312.02 - CyberLink Corp.)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 6.0.4 - CEWE Stiftung u Co. KGaA)
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
DSL-Manager (HKLM-x32\...\{90A455A7-0FC8-4508-B7FA-8F135B8F041A}) (Version: - )
Einsatzstellenverwaltung (HKLM-x32\...\{2E430614-135D-47F8-A6BB-5095871A0C14}_is1) (Version: 1.1.1 - )
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Geogrid®-Viewer (x32 Version: 6.30.0000 - EADS Deutschland GmbH) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.114.0 - ATI Technologies Inc.) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Inkjet Printer/Scanner Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
LibreOffice 5.0.5.2 (HKLM-x32\...\{43D862C3-739D-4FF6-91C0-25612368CC81}) (Version: 5.0.5.2 - The Document Foundation)
Logitech Motion Detector Gadget (HKLM\...\{5FCF5515-4CC4-4812-8C9A-755336AB85F8}) (Version: 1.00.1082 - Ihr Firmenname)
Logitech SetPoint 6.15 (HKLM\...\SP6) (Version: 6.15.25 - Logitech)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Menu Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
Mozilla Thunderbird 38.7.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.7.2 (x86 de)) (Version: 38.7.2 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{EBFC96E5-4409-426E-88B7-650ADB342E78}) (Version: 8.0.50727.42 - The Firebird Project)
MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 (HKLM-x32\...\{e0b22685-7d0a-4754-91a5-71a010985185}) (Version: - Nero AG)
NHL™ 09 (HKLM-x32\...\{827B97A9-B347-4110-9F89-37AF2B758F94}) (Version: 2.0.1.0 - Electronic Arts)
Nokia Connectivity Cable Driver (HKLM-x32\...\{2D99A593-C841-43A7-B7C9-D6F3AE70B756}) (Version: 7.1.45.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.62.1 - Nokia)
Nokia PC Suite (x32 Version: 7.1.62.1 - Nokia) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{C373F7C4-05D2-4047-96D1-6AF30661C6AA}) (Version: 11.4.21.0 - Nokia)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5953 - Realtek Semiconductor Corp.)
Samsung SCX-3200 Series (HKLM-x32\...\Samsung SCX-3200 Series) (Version: __VERSION__ - Samsung Electronics Co., Ltd.)
SoundTrax (x32 Version: 4.4.37.1 - Nero AG) Hidden
SpeedCommander 10 (HKLM-x32\...\SpeedCommander 10) (Version: 10.0 - SpeedProject)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
teXXas (HKLM-x32\...\{F3DCD04C-BE9C-408C-BC8C-B77AF972DBC2}) (Version: 1 - metaspinner net GmbH)
TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Top50 V5 Viewer (HKLM-x32\...\{6594F5B0-350C-42AC-A613-F980B88BDB64}) (Version: 6.30.0000 - EADS Deutschland GmbH)
TuneUp Utilities (HKLM-x32\...\TuneUp Utilities) (Version: 9.0.4700.21 - TuneUp Software)
TuneUp Utilities (x32 Version: 9.0.4700.21 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 9.0.4700.21 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows-Treiberpaket - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
03-04-2016 17:51:40 Geplanter Prüfpunkt
09-04-2016 23:05:33 JRT Pre-Junkware Removal
09-04-2016 23:26:05 JRT Pre-Junkware Removal
14-04-2016 17:12:17 Windows Update
16-04-2016 17:33:11 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2012-02-03 14:46 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {5FD73834-A7DE-4B77-B7F2-A9210C61A21F} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {9AFD6482-4085-46DA-846A-924CE896EEED} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-04-04] (Microsoft Corporation)
Task: {9EB6674B-35E0-4123-9297-50E920CF9ADB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A0B7EF38-F73B-4138-8877-B6807C9F13FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A49D49B1-54EF-4D1C-A80E-13C0679F0D60} - System32\Tasks\{B27A2FA5-871D-43E6-959B-C24082C225B7} => pcalua.exe -a C:\Users\Florian\AppData\Local\Temp\jre-8u60-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {A4B1FEF0-AC9E-458B-A51E-B56A120387D9} - System32\Tasks\{55D49C19-D136-4A82-BB84-2687B47C5BF1} => C:\Program Files (x86)\Skype\Phone\Skype.exe
Task: {AFD7E2E9-2406-488E-B25F-A63F88F68986} - System32\Tasks\Amazon Music Helper => C:\Users\Florian\AppData\Local\Amazon Music\Amazon Music Helper.exe
Task: {B1BC65B8-59E2-46BC-99F4-A0CC526EA5C8} - System32\Tasks\{8A8F8A70-821C-407C-81ED-A9EE9E8BA180} => Firefox.exe hxxp://ui.skype.com/ui/0/4.2.0.155.259/de/abandoninstall?source=lightinstaller&page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;ienotdefaultbrowser2
Task: {B37247B5-5BD7-40C4-9D77-6C7F85F15DF1} - System32\Tasks\{A805A452-D41C-4266-AE6F-CEBC6B821C20} => D:\Programme\Nettalk6\Nettalk.exe
Task: {D9DE150F-7E85-41AD-8A1C-D828CD6ABA37} - System32\Tasks\CCleanerSkipUAC => D:\Programme\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {DE071E9B-54DC-424D-A665-E50F611ED24C} - System32\Tasks\{DCBA626F-B7C2-4F6F-A3F9-2EF5298B50F1} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
Task: {EF24CC43-F11C-4642-9E0D-DC1B69C83436} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {F00DBBA9-811A-4C49-B924-3DB7864C713E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {F2BD1B92-FC98-4834-A091-8B040C1021E2} - System32\Tasks\{6A91AEF7-FE4B-4F0C-A8BF-51DB259DA302} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-01-12 04:54 - 2006-02-23 12:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2011-04-14 03:41 - 2011-04-14 03:41 - 00034304 _____ () C:\Windows\System32\ssb3ml6.dll
2011-04-14 03:40 - 2011-04-14 04:40 - 00968192 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\ssb3mdu.dll
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () D:\Programme\FileZilla FTP Client\fzshellext_64.dll
2013-03-09 19:36 - 2011-11-18 12:22 - 00696320 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2012-01-12 12:23 - 2012-01-12 12:23 - 00018432 _____ () C:\Users\Florian\AppData\LocalLow\WOT\IE\WOTUpdater.exe
2013-03-09 19:36 - 2009-11-19 11:15 - 00306688 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2009-08-28 16:08 - 2009-08-28 16:08 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-05-09 13:38 - 2010-05-09 13:38 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2016-04-05 22:54 - 2016-03-16 05:24 - 04932688 _____ () C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll
2016-04-05 22:54 - 2015-07-23 16:08 - 00324096 _____ () C:\Program Files (x86)\Free Download Manager\ytparser.dll
2016-04-17 19:35 - 2016-04-17 19:35 - 00037888 _____ () C:\Users\Florian\AppData\Local\Temp\WDE5217.tmp\ombrowser.lng
2013-11-26 17:40 - 2013-11-26 17:40 - 00333824 _____ () D:\multimediaprogramme\winamp\Plugins\freeform\wacs\freetype\freetype.wac
2016-04-05 19:46 - 2016-04-05 19:46 - 00153032 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2016-04-05 19:46 - 2016-04-05 19:46 - 00022472 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2016-04-07 20:49 - 2016-04-07 20:49 - 19403968 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2977951965-3881512990-2941591932-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: QuickTime Task => "D:\Multimediaprogramme\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{E5948720-B8D6-4ED3-B47F-1AFEDB415AA6}D:\multimediaprogramme\winamp\winamp.exe] => (Allow) D:\multimediaprogramme\winamp\winamp.exe
FirewallRules: [UDP Query User{56DD4C5A-C883-4E08-AF52-375D5A2908FC}D:\multimediaprogramme\winamp\winamp.exe] => (Allow) D:\multimediaprogramme\winamp\winamp.exe
FirewallRules: [{76E0C865-777C-4504-9C6A-AF8A653A0E39}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [TCP Query User{D753B374-D945-4A8F-8C3C-87E76CB922FD}D:\programme\filezilla ftp client\filezilla.exe] => (Allow) D:\programme\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{872A5183-5A00-44B5-A009-A81A28819095}D:\programme\filezilla ftp client\filezilla.exe] => (Allow) D:\programme\filezilla ftp client\filezilla.exe
FirewallRules: [{43F4A700-4296-449B-817F-39ED1CC5C158}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{BED8EC39-0A3F-48FA-A26D-B39180EC8985}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{3D77DDA7-F34B-4053-A85E-40B11F5BCCF2}] => (Allow) LPort=10322
FirewallRules: [{C1753386-2CC7-4375-A877-1998D3FBEDDC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{A44098AF-A4C6-4FBC-8660-D0278BEAD038}C:\program files (x86)\java\jre6\launch4j-tmp\ffm.exe] => (Allow) C:\program files (x86)\java\jre6\launch4j-tmp\ffm.exe
FirewallRules: [UDP Query User{783591B1-989A-4286-B9E1-06630C693AC4}C:\program files (x86)\java\jre6\launch4j-tmp\ffm.exe] => (Allow) C:\program files (x86)\java\jre6\launch4j-tmp\ffm.exe
FirewallRules: [TCP Query User{6D35A44B-DF4D-4ECF-A042-70ACDB0594DE}C:\program files\java\jre6\launch4j-tmp\ffm.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\ffm.exe
FirewallRules: [UDP Query User{D9EFEE21-124F-485C-ADF6-F471E94C3DCC}C:\program files\java\jre6\launch4j-tmp\ffm.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\ffm.exe
FirewallRules: [TCP Query User{539AA981-7F26-4D11-8F51-BB0E08DB1E1D}D:\multimediaprogramme\k-lite codec pack\media player classic\mpc-hc.exe] => (Allow) D:\multimediaprogramme\k-lite codec pack\media player classic\mpc-hc.exe
FirewallRules: [UDP Query User{3BF76468-5C52-4B2E-906C-379A4808338E}D:\multimediaprogramme\k-lite codec pack\media player classic\mpc-hc.exe] => (Allow) D:\multimediaprogramme\k-lite codec pack\media player classic\mpc-hc.exe
FirewallRules: [{F3E3340A-09ED-415A-9D69-999DABA6D722}] => (Allow) F:\fsetup.exe
FirewallRules: [{4B3E6583-2402-450B-8B66-3403B89A2188}] => (Allow) F:\fsetup.exe
FirewallRules: [{3981521D-D430-42D0-B40C-2273E8B4D8F2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F4F2AED0-4844-4D0E-B055-8244C85E7091}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7B153A05-8D17-4205-8B08-DAB3B07AEB59}] => (Allow) D:\Multimediaprogramme\Winamp\winamp.exe
FirewallRules: [{58DB1A85-233D-4DAF-8215-7EC0E75BB11A}] => (Allow) D:\Multimediaprogramme\Winamp\winamp.exe
FirewallRules: [{F2F7DF84-35B0-44CC-8C45-4327AC725A90}] => (Allow) LPort=49167
FirewallRules: [{1DA9FD06-4467-4B1B-8682-15DFED9C1063}] => (Allow) LPort=5000
FirewallRules: [TCP Query User{306072D2-B2D8-45C1-B8E9-A5F6F1408FE5}D:\multimediaprogramme\vlc\vlc.exe] => (Block) D:\multimediaprogramme\vlc\vlc.exe
FirewallRules: [UDP Query User{6692AE2D-63F4-4306-BB80-0443B5910AE6}D:\multimediaprogramme\vlc\vlc.exe] => (Block) D:\multimediaprogramme\vlc\vlc.exe
FirewallRules: [{BE2BA043-F600-436B-97EC-DC5850F7C0C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AF2F48C3-CF8E-4A7E-9110-D0956C7182C6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{93B0E5FE-F24B-407C-8189-AC74C874AB45}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9020114B-8B5B-422A-A967-E5EBCB194373}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{7E88D983-C887-4AD2-829A-55380B0140AF}] => (Allow) D:\Programme\TeamViewer\TeamViewer.exe
FirewallRules: [{2EDE3AB8-6031-4436-8584-8CF9349AB204}] => (Allow) D:\Programme\TeamViewer\TeamViewer.exe
FirewallRules: [{F632A110-A0B2-4F8F-9164-7C8515A0DAF7}] => (Allow) D:\Programme\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{72B18DF3-4E01-458A-882F-6D7128F1ADAB}] => (Allow) D:\Programme\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EC8CA683-542D-42C6-91DD-3898AB9AA484}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5CE63752-E130-4DF8-92A2-A5D0B90E282F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{6AD824F9-676C-48C1-B53D-0CA08EC3946C}D:\programme\einsatzstellenverwaltung\einsatzstellenverwaltung server.exe] => (Allow) D:\programme\einsatzstellenverwaltung\einsatzstellenverwaltung server.exe
FirewallRules: [UDP Query User{CD0AAA2A-E2C7-41D5-AE1F-0721AEB570F8}D:\programme\einsatzstellenverwaltung\einsatzstellenverwaltung server.exe] => (Allow) D:\programme\einsatzstellenverwaltung\einsatzstellenverwaltung server.exe
FirewallRules: [TCP Query User{E2007DAB-677E-4F8D-A8E7-504E7B7AFBE9}D:\programme\einsatzstellenverwaltung\einsatzstellenverwaltung.exe] => (Block) D:\programme\einsatzstellenverwaltung\einsatzstellenverwaltung.exe
FirewallRules: [UDP Query User{1F6007FE-A67A-4F39-AD41-8982CFF4C51C}D:\programme\einsatzstellenverwaltung\einsatzstellenverwaltung.exe] => (Block) D:\programme\einsatzstellenverwaltung\einsatzstellenverwaltung.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (04/17/2016 10:26:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (04/17/2016 05:38:06 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (04/17/2016 05:38:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (04/17/2016 05:37:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (04/17/2016 05:37:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (04/17/2016 05:14:41 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (04/17/2016 04:40:57 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (04/16/2016 10:32:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: soffice.bin, Version: 5.0.5.2, Zeitstempel: 0x56b49618
Name des fehlerhaften Moduls: msci_uno.dll, Version: 5.0.5.2, Zeitstempel: 0x56b47b91
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c224
ID des fehlerhaften Prozesses: 0x1fcc
Startzeit der fehlerhaften Anwendung: 0xsoffice.bin0
Pfad der fehlerhaften Anwendung: soffice.bin1
Pfad des fehlerhaften Moduls: soffice.bin2
Berichtskennung: soffice.bin3
Error: (04/16/2016 05:36:13 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (04/16/2016 05:34:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4
Name des fehlerhaften Moduls: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000007af2
ID des fehlerhaften Prozesses: 0x844
Startzeit der fehlerhaften Anwendung: 0xLVPrcSrv.exe0
Pfad der fehlerhaften Anwendung: LVPrcSrv.exe1
Pfad des fehlerhaften Moduls: LVPrcSrv.exe2
Berichtskennung: LVPrcSrv.exe3
Systemfehler:
=============
Error: (04/17/2016 07:26:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (04/17/2016 07:26:31 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Florian\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (04/17/2016 07:26:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (04/17/2016 07:26:31 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Florian\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (04/17/2016 07:26:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (04/17/2016 07:26:30 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Florian\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (04/17/2016 06:58:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (04/17/2016 06:58:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Florian\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (04/17/2016 06:58:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (04/17/2016 06:58:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Florian\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
CodeIntegrity:
===================================
Date: 2012-04-30 01:42:14.389
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:42:14.311
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:42:12.845
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:42:12.767
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:42:10.598
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:42:10.520
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:41:34.141
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-30 01:41:34.063
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-02-03 13:45:55.746
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-02-03 13:45:55.684
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: AMD Athlon(tm) II X4 630 Processor
Prozentuale Nutzung des RAM: 56%
Installierter physikalischer RAM: 4095.24 MB
Verfügbarer physikalischer RAM: 1782.18 MB
Summe virtueller Speicher: 8188.67 MB
Verfügbarer virtueller Speicher: 5575.43 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:390.53 GB) (Free:270.77 GB) NTFS
Drive d: (Daten) (Fixed) (Total:263.67 GB) (Free:250.61 GB) NTFS
Drive e: (Medien) (Fixed) (Total:277.21 GB) (Free:247.29 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E274FB94)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=390.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=263.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=277.2 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
im Moment gibts es keine Probleme lasse morgen den virenscanner nen totalscan machen |
|
19.04.2016, 16:47
| #15 | ||||||||||
| /// TB-Ausbilder | Probleme TR/Crypt.ZPACK.Gen9' Servus, Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.  Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür. Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen:
Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
| Themen zu Probleme TR/Crypt.ZPACK.Gen9' |
| avira, folge, folgendes, gemeldet, krieg, muster, probleme, programdata, scaner, tr/crypt.zpack.gen, troja, trojan, virenscaner |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
