Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Spacekace Ordner im Laufwerk C: entdeckt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 29.05.2016, 15:03   #1
Pechvogell
 
Spacekace Ordner im Laufwerk C: entdeckt - Standard

Spacekace Ordner im Laufwerk C: entdeckt



Hallo, ich habe heute durch Zufall den Ordner "Spacekace" im meinem Laufwerk C: entdeckt. Ich habe etwas gegooglet und bin auf dieses Forum gestoßen. Bin selbst aber Laie und weiß nicht, wie ich den Ordner am Besten wieder los werde. Ich habe bis jetzt aber keine ungewöhnlichen Dinge feststellen können.

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016 02
durchgeführt von Lennart (Administrator) auf LENNART-PC (29-05-2016 15:55:41)
Gestartet von F:\Downloads
Geladene Profile: Lennart (Verfügbare Profile: Lennart & DefaultAppPool)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(AVM GmbH) F:\Programme\Fritz\PowerlineService.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(SoftPerfect Research) F:\Programme\NetWorx\networx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mixesoft Project) C:\Users\Lennart\AppData\Local\Mixesoft\AppNHost\appnhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\ToolbarUpdater.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(VMware, Inc.) F:\Programme\VMware\vmware-authd.exe
(Dassault Systèmes SolidWorks Corp.) F:\Uni\Solidworks\SOLIDWORKS\sldworks_fs.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\loggingserver.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(LogMeIn Inc.) F:\Programme\Hamachi\hamachi-2.exe
(LogMeIn, Inc.) F:\Programme\Hamachi\LMIGuardianSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(LogMeIn Inc.) F:\Programme\Hamachi\hamachi-2-ui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(LogMeIn, Inc.) F:\Programme\Hamachi\LMIGuardianSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-23] (NVIDIA Corporation)
HKLM\...\Run: [NetWorx] => F:\Programme\NetWorx\networx.exe [6589136 2014-09-30] (SoftPerfect Research)
HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5212584 2016-02-05] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2569104 2016-01-02] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Run: [appnhost] => C:\Users\Lennart\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Mixesoft Project)
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Run: [GoogleChromeAutoLaunch_88C69AD90AECC9317436C0E3E7328581] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1008280 2016-05-11] (Google Inc.)
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\MountPoints2: {1be94695-f39b-11e3-9d4c-448a5b404961} - E:\Setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175368 2016-01-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [153392 2016-01-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2015 Schnellstart.lnk [2016-04-27]
ShortcutTarget: SOLIDWORKS 2015 Schnellstart.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{25DDDE53-0D5A-434E-81DC-F7399DF727D5}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{25DDDE53-0D5A-434E-81DC-F7399DF727D5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6CE4710C-C961-4160-BA19-D64995371EDF}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-27] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.5.0\ViProtocol.dll [2016-01-02] (AVG Secure Search)

FireFox:
========
FF ProfilePath: C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\3.5.0\\npsitesafety.dll [Keine Datei]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @phonostar.de/phonostar-Player -> F:\Programme\phonostar-Player\npphonostarDetectNP.dll [2015-02-26] ( )
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lennart\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-21] (Unity Technologies ApS)
FF Extension: QuickJava - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-05-22]
FF Extension: JavaScript on-off applet - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\extensions\{54e46280-0211-11e3-b778-0800200c9a66}.xpi [2016-05-22]
FF Extension: Adblock Plus - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-11]
StartMenuInternet: FIREFOX.EXE - F:\Programme\Firefox\firefox.exe

Chrome: 
=======
CHR Session Restore: Profile 1 -> ist aktiviert.
CHR Profile: C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-22]
CHR Extension: (GeoGebra) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2016-05-22]
CHR Extension: (Adblock Plus) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-05-22]
CHR Extension: (Google-Suche) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-05-22]
CHR Extension: (AdBlock) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-22]
CHR Extension: (Google Mail) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Profile: C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Präsentationen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-14]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-05-24]
CHR Extension: (BetterTTV) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-10-09]
CHR Extension: (Google Docs) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-14]
CHR Extension: (Google Drive) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Honey) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-05-19]
CHR Extension: (Google Cast) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-03-24]
CHR Extension: (Adblock Plus) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09]
CHR Extension: (Google-Suche) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tampermonkey) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-04-17]
CHR Extension: (Google Tabellen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-14]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-05-10]
CHR Extension: (Google Docs Offline) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (ReChat for Twitch™) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ipplilmaapjjklilmmaccfemdmhkoacd [2016-03-04]
CHR Extension: (Todoist: To-Do Liste und Aufgabenverwaltung) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2016-03-18]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-03-18]
CHR Extension: (AVG Secure Search) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-05-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Google Mail) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-14]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1443144 2016-02-05] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3260328 2016-02-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301896 2016-02-05] (AVG Technologies CZ, s.r.o.)
R2 AVMPowerlineService; F:\Programme\Fritz\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-05-18] () [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [81408 2016-04-28] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe [68488 2016-04-14] (Google Inc.)
S3 CoordinatorServiceHost; F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [81400 2015-11-11] (Dassault Systèmes SolidWorks Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-23] (NVIDIA Corporation)
R2 Hamachi2Svc; F:\Programme\Hamachi\hamachi-2.exe [2552840 2016-05-06] (LogMeIn Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-21] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-23] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-23] (NVIDIA Corporation)
S3 OpenVPNService; F:\Programme\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1286896 2016-05-19] (Overwolf LTD)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2016-04-27] (SolidWorks) [Datei ist nicht signiert]
S2 TeamViewer9; F:\Programme\Neuer Ordner\TeamViewer_Service.exe [5024576 2014-04-25] (TeamViewer GmbH)
R2 VMAuthdService; F:\Programme\VMware\vmware-authd.exe [86744 2014-06-12] (VMware, Inc.)
R2 vToolbarUpdater3.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\ToolbarUpdater.exe [1829776 2016-01-02] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [237536 2015-05-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [369120 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [211936 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [276960 2015-05-18] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-14] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118504 2012-12-19] (Qualcomm Atheros Co., Ltd.)
S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R1 networx; C:\Windows\System32\drivers\networx.sys [60408 2014-08-01] (NetFilterSDK.com)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-29 15:55 - 2016-05-29 15:55 - 00000000 ____D C:\FRST
2016-05-22 17:22 - 2016-05-22 17:22 - 00003850 _____ C:\Windows\System32\Tasks\Google Update
2016-05-22 17:22 - 2016-05-22 17:22 - 00003704 _____ C:\Windows\System32\Tasks\Java Platform SE Auto Updater
2016-05-22 17:11 - 2016-05-22 17:26 - 00000000 ____D C:\Users\Lennart\AppData\Local\AvgSetupLog
2016-05-22 14:18 - 2016-05-22 14:18 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\dvdcss
2016-05-21 13:22 - 2016-05-28 19:42 - 00000000 _____ C:\Users\Lennart\AppData\Local\Temptable.xml
2016-05-17 16:40 - 2016-05-17 22:02 - 00032768 _____ C:\Users\Lennart\Desktop\MeA Testat 1b.xls
2016-05-14 21:28 - 2016-05-06 16:29 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-05-14 20:40 - 2016-05-14 20:40 - 00000000 ____D C:\Users\Lennart\AppData\Local\LogMeIn
2016-05-14 20:40 - 2016-05-14 20:40 - 00000000 ____D C:\ProgramData\LogMeIn
2016-05-14 20:32 - 2016-05-14 21:22 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\Tunngle
2016-05-14 20:32 - 2016-05-14 20:32 - 00000000 ____D C:\Users\Lennart\Documents\Tunngle
2016-05-14 20:32 - 2016-04-27 00:49 - 00039464 _____ (Tunngle.net GmbH) C:\Windows\system32\Drivers\tap0901t.sys
2016-05-14 20:13 - 2016-05-29 15:47 - 00000000 ____D C:\Users\Lennart\AppData\Local\LogMeIn Hamachi
2016-05-14 20:13 - 2016-05-14 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-05-14 20:11 - 2016-05-14 20:11 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-05-13 15:24 - 2016-05-13 15:28 - 00000000 ____D C:\Users\Lennart\Documents\OpenRA
2016-05-11 13:59 - 2016-04-23 19:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-11 13:59 - 2016-04-23 18:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-11 13:59 - 2016-04-23 07:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-11 13:59 - 2016-04-23 07:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-11 13:59 - 2016-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-11 13:59 - 2016-04-23 07:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-11 13:59 - 2016-04-23 07:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-11 13:59 - 2016-04-23 06:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-11 13:59 - 2016-04-23 06:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-11 13:59 - 2016-04-23 06:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-11 13:59 - 2016-04-23 06:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-11 13:59 - 2016-04-23 06:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-11 13:59 - 2016-04-23 06:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-11 13:59 - 2016-04-23 06:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-11 13:59 - 2016-04-23 06:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-11 13:59 - 2016-04-23 06:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-11 13:59 - 2016-04-23 06:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-11 13:59 - 2016-04-23 06:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-11 13:59 - 2016-04-23 06:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-11 13:59 - 2016-04-23 06:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-11 13:59 - 2016-04-23 06:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-11 13:59 - 2016-04-23 06:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-11 13:59 - 2016-04-23 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-05-11 13:59 - 2016-04-23 06:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-11 13:59 - 2016-04-23 06:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-11 13:59 - 2016-04-23 06:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-11 13:59 - 2016-04-23 06:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-11 13:59 - 2016-04-23 06:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-05-11 13:59 - 2016-04-23 06:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-05-11 13:59 - 2016-04-23 06:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-11 13:59 - 2016-04-23 06:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-05-11 13:59 - 2016-04-23 06:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-05-11 13:59 - 2016-04-23 06:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-11 13:59 - 2016-04-23 06:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-11 13:59 - 2016-04-23 06:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-11 13:59 - 2016-04-23 06:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-11 13:59 - 2016-04-23 06:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-05-11 13:59 - 2016-04-23 06:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-05-11 13:59 - 2016-04-23 06:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-11 13:59 - 2016-04-23 05:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-05-11 13:59 - 2016-04-23 05:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-11 13:59 - 2016-04-23 05:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-05-11 13:59 - 2016-04-23 05:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-05-11 13:59 - 2016-04-23 05:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-11 13:59 - 2016-04-23 05:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-05-11 13:59 - 2016-04-23 05:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-11 13:59 - 2016-04-23 05:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-05-11 13:59 - 2016-04-23 05:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-05-11 13:59 - 2016-04-23 05:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-05-11 13:59 - 2016-04-23 05:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-05-11 13:59 - 2016-04-23 05:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-11 13:59 - 2016-04-23 05:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-05-11 13:59 - 2016-04-23 05:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-11 13:59 - 2016-04-23 05:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-11 13:59 - 2016-04-23 05:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-11 13:59 - 2016-04-23 05:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-11 13:59 - 2016-04-23 05:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-05-11 13:59 - 2016-04-23 05:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-11 13:59 - 2016-04-23 05:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-11 13:59 - 2016-04-23 05:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-11 13:59 - 2016-04-23 05:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-11 13:59 - 2016-04-23 05:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-11 13:59 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-11 13:59 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-11 13:59 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-11 13:59 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-11 13:59 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-11 13:59 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-11 13:59 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-11 13:59 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-11 13:59 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-11 13:59 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-11 13:59 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-05-11 13:59 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-11 13:59 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-11 13:58 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-11 13:58 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-11 13:58 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-11 13:58 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-11 13:58 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-11 13:58 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-11 13:58 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-11 13:58 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-11 13:58 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-11 13:58 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-11 13:58 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-11 13:58 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-11 13:58 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-11 13:58 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-11 13:58 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-11 13:58 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-11 13:58 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-11 13:58 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-11 13:58 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-11 13:58 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-11 13:58 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-11 13:58 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-11 13:58 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-11 13:58 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-11 13:58 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-06 16:29 - 2016-05-06 16:29 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-29 15:47 - 2014-05-03 17:22 - 00000000 ____D C:\ProgramData\MFAData
2016-05-29 15:44 - 2015-09-04 20:56 - 00000436 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-05-29 15:44 - 2015-07-05 21:53 - 00000000 __SHD C:\Users\Lennart\IntelGraphicsProfiles
2016-05-29 15:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-05-29 15:42 - 2014-08-09 21:01 - 00000000 ____D C:\ProgramData\VMware
2016-05-29 15:41 - 2015-04-02 02:29 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-29 15:41 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-29 00:21 - 2014-08-01 12:41 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\vlc
2016-05-29 00:21 - 2009-07-14 06:45 - 00021744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-29 00:21 - 2009-07-14 06:45 - 00021744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-29 00:16 - 2015-02-28 20:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-28 23:37 - 2015-12-10 22:19 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA.job
2016-05-28 23:36 - 2015-04-02 02:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-28 19:55 - 2016-04-24 14:22 - 00000000 ____D C:\Users\Lennart\AppData\Local\TempSWSicherungsverzeichnis
2016-05-28 13:37 - 2015-12-10 22:19 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core.job
2016-05-27 12:21 - 2016-02-10 14:50 - 00097344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-05-27 12:21 - 2016-02-10 14:49 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-27 12:21 - 2015-12-20 15:57 - 00000000 ____D C:\Users\Lennart\.oracle_jre_usage
2016-05-27 12:21 - 2014-07-19 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-27 12:21 - 2014-05-03 17:44 - 00000000 ____D C:\ProgramData\Oracle
2016-05-26 12:30 - 2015-10-06 18:30 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-05-23 00:25 - 2010-11-21 08:22 - 00778516 _____ C:\Windows\system32\perfh007.dat
2016-05-23 00:25 - 2010-11-21 08:22 - 00177978 _____ C:\Windows\system32\perfc007.dat
2016-05-23 00:25 - 2009-07-14 07:13 - 01820656 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-23 00:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-22 17:26 - 2014-07-22 14:11 - 00000000 ____D C:\ProgramData\AVG
2016-05-22 17:15 - 2014-07-22 14:12 - 00000000 ____D C:\Users\Lennart\AppData\Local\AVG
2016-05-19 22:13 - 2015-12-19 01:19 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-18 08:21 - 2016-04-23 12:56 - 00000000 ____D C:\Users\Lennart\AppData\Local\SolidWorks
2016-05-17 11:58 - 2014-05-03 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-05-15 21:10 - 2015-11-03 19:53 - 00076488 _____ C:\Users\Lennart\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-14 21:33 - 2015-11-04 15:04 - 00309600 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-14 20:11 - 2014-10-20 17:15 - 00000000 ____D C:\Users\Lennart\AppData\Local\Downloaded Installations
2016-05-13 15:38 - 2015-04-02 02:29 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 15:38 - 2015-04-02 02:29 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-13 15:16 - 2015-02-28 20:58 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 15:16 - 2015-02-28 20:58 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 15:16 - 2015-02-28 20:58 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-12 18:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-11 23:09 - 2010-11-21 08:28 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 15:17 - 2014-05-06 13:52 - 00000000 ____D C:\Windows\system32\MRT
2016-05-11 15:03 - 2011-05-25 16:59 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-11 13:32 - 2015-12-10 22:19 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA
2016-05-11 13:32 - 2015-12-10 22:19 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core
2016-05-11 13:31 - 2015-04-02 02:29 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 13:31 - 2015-04-02 02:29 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-10 23:48 - 2014-12-11 10:09 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-10 23:46 - 2015-12-06 21:00 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-05-10 15:32 - 2014-12-25 13:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-10-21 23:03 - 2014-10-21 23:03 - 6000640 _____ () C:\Program Files (x86)\GUT1F15.tmp
2014-05-14 17:34 - 2014-05-14 17:35 - 0000000 _____ () C:\Users\Lennart\AppData\Roaming\27.wav
2014-05-12 16:40 - 2014-05-12 16:51 - 0000198 _____ () C:\Users\Lennart\AppData\Roaming\SpotifyRecorderSettings.ini
2014-05-03 22:07 - 2015-08-22 20:49 - 0007597 _____ () C:\Users\Lennart\AppData\Local\Resmon.ResmonCfg
2016-05-21 13:22 - 2016-05-28 19:42 - 0000000 _____ () C:\Users\Lennart\AppData\Local\Temptable.xml
2014-05-27 15:25 - 2014-05-27 15:25 - 0000000 _____ () C:\Users\Lennart\AppData\Local\{04DBC2F6-A796-49AF-8289-15D0A805295C}
2014-07-14 14:05 - 2014-07-14 14:05 - 0000088 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Lennart\AppData\Local\Temp\GURE23.exe
C:\Users\Lennart\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Lennart\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Lennart\AppData\Local\Temp\uninstall.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-28 12:13

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
durchgeführt von Lennart (2016-05-29 15:56:20)
Gestartet von F:\Downloads
Windows 7 Enterprise Service Pack 1 (X64) (2014-05-03 13:55:49)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3922255045-3176004807-2504715946-500 - Administrator - Disabled)
Gast (S-1-5-21-3922255045-3176004807-2504715946-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3922255045-3176004807-2504715946-1003 - Limited - Enabled)
Lennart (S-1-5-21-3922255045-3176004807-2504715946-1000 - Administrator - Enabled) => C:\Users\Lennart

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: AVG Internet Security 2014 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2014 (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
AppNHost 1.0.5.1 (HKLM-x32\...\{A8CB86C7-CD4C-4C4F-AF6A-33D1CAC63562}) (Version: 1.0.5.1 - Mixesoft Project)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4855 - AVG Technologies)
AVG 2014 (Version: 14.0.4477 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4855 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.5.0.0 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG6400 series Benutzerregistrierung (HKLM-x32\...\Canon MG6400 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG6400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6400_series) (Version: 1.01 - Canon Inc.)
Canon MG6400 series On-screen Manual (HKLM-x32\...\Canon MG6400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 1.9.4.0 - Chip Digital GmbH)
Chrome Remote Desktop Host (HKLM-x32\...\{95EB2FCC-AE0B-40E9-B804-347C6358923B}) (Version: 51.0.2704.7 - Google Inc.)
ChromecastApp (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.4.0.28 - Swiss Academic Software)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FRITZ!Powerline (HKLM-x32\...\{F9C9378B-78D5-4CC0-8683-B7915DFEA9C5}) (Version: 01.00.65 - AVM Berlin)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Gauntlet™  (HKLM-x32\...\Steam App 258970) (Version:  - Arrowhead Game Studios)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Golf With Friends (HKLM-x32\...\Steam App 431240) (Version:  - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.428 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.428 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version:  - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 44.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.1 (x86 de)) (Version: 44.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetWorx 5.3.3 (HKLM\...\NetWorx_is1) (Version:  - Softperfect Research)
NVIDIA GeForce Experience 2.9.1.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.35 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenVPN 2.3.6-I601  (HKLM\...\OpenVPN) (Version: 2.3.6-I601 - )
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.94.111.0 - Overwolf Ltd.)
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
phonostar-Player Version 3.03.6 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version:  - )
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6914 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - REALTEK Semiconductor Corp.)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 2.2.3.24 - Steppschuh)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.35 - NVIDIA Corporation) Hidden
Sid Meier's Civilization 5 (HKLM-x32\...\Sid Meier's Civilization 5_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Panky)
Skype™ 7.9 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.9.103 - Skype Technologies S.A.)
SleepTimer Ultimate 1.2 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version:  - Christian Handorf)
SOLIDWORKS 2015 x64 Edition SP05 (HKLM-x32\...\SolidWorks Installation Manager 20150-40500-1100-100) (Version: 23.5.0.81 - SolidWorks Corporation)
SOLIDWORKS 2015 x64 Edition SP05 (Version: 23.150.81 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2015 x64 German Resources (Version: 23.150.81 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Composer Player 2015 SP05 x64 Edition (Version: 23.50.81 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2015 x64 Edition SP05 (Version: 15.5.0009 - Dassault Systèmes SolidWorks Corp) Hidden
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Spotify (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Spotify) (Version: 1.0.13.108.gcd94e7db - Spotify AB)
Stardew Valley (HKLM-x32\...\Steam App 413150) (Version:  - ConcernedApe)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TeamSpeak 3 Client (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\TeamSpeak 3 Client) (Version: 3.0.18.2 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind Studios)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56 - Ghisler Software GmbH)
Trials Fusion (HKLM-x32\...\Uplay Install 297) (Version:  - Ubisoft)
Unity Web Player (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.3 - VMware, Inc)
VMware Player (Version: 6.0.3 - VMware, Inc.) Hidden
VPNAutoconnect (HKLM-x32\...\{8E557F21-99AE-440D-8058-CD8CB3302E13}) (Version: 1.15 - globalip)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version:  - Team17 Digital Ltd.)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2064EADA-C08A-4070-9FEE-9E1726C2812E} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-05-19] (Overwolf LTD)
Task: {2919E08B-DD8E-43C5-9AC5-834FF603585D} - System32\Tasks\{EA827FF7-917C-487A-A77D-4DEB9B3232FF} => pcalua.exe -a "D:\Win8 x86x64\WLAN\AZ_RTL8188CE_8188EE_8723AE_Win8_2007.11.0322.2013\Setup.exe" -d "D:\Win8 x86x64\WLAN\AZ_RTL8188CE_8188EE_8723AE_Win8_2007.11.0322.2013"
Task: {4BE52BCE-C1E2-4F99-ABB9-7F4B7D136FC1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {4CA12898-83C9-4099-A3F9-FA03D633F24C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {61FC2C01-2DFA-42DB-BF41-6319846A2E88} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-02] (Google Inc.)
Task: {6688AE84-AE1A-4CE8-A0E4-6EBB01904CBD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {831BC1F2-4E03-43D8-8070-161BDC8DCC0D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {8B77F6F1-214C-4725-913D-6095B3766DE7} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-05-20] (Oracle Corporation)
Task: {8D57DD65-D390-4FD7-9671-9F7F25CC4BF6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {969F969F-93D2-4F92-9AB1-C27ECDDDF971} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-02] (Google Inc.)
Task: {BBD65F62-EC8D-4BF5-AA8B-E1B29F832850} - System32\Tasks\Google Update => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {DBC97D98-E833-4717-A559-6DC784179D3A} - System32\Tasks\{6BC42E92-18FA-4D75-9D37-65F2C559C28A} => pcalua.exe -a F:\Programme\ShutDownPro\Uninstaller.exe
Task: {F1CAB074-1A14-40F9-A55D-E814A6E842A7} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core.job => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA.job => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-05-03 16:58 - 2016-01-23 05:42 - 00018880 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-03 16:21 - 2016-01-23 03:04 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-06 21:19 - 2013-05-14 11:50 - 00140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2016-01-29 22:26 - 2016-01-23 04:55 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2014-11-27 20:41 - 2014-06-06 16:41 - 00718336 _____ () F:\Programme\NetWorx\sqlite.dll
2015-11-11 13:05 - 2015-11-11 13:05 - 00268280 _____ () F:\Uni\Solidworks\SOLIDWORKS\sldBodyDiffu.dll
2016-01-02 23:22 - 2016-01-02 23:21 - 00168336 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\loggingserver.exe
2014-08-29 17:54 - 2016-01-02 23:21 - 02569104 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2016-05-13 15:38 - 2016-05-11 05:49 - 02224280 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 15:38 - 2016-05-11 05:49 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
2014-05-03 16:16 - 2015-08-09 05:50 - 00404376 _____ () C:\Windows\system32\igfxTray.exe
2016-01-29 22:26 - 2016-01-23 04:55 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-05-03 16:58 - 2016-01-23 05:42 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-06-12 18:22 - 2014-06-12 18:22 - 01261272 _____ () F:\Programme\VMware\libxml2.dll
2016-01-02 23:22 - 2016-01-02 23:21 - 00528272 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\log4cplusU.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lennart\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: bthserv => 3
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GoogleChromeAutoLaunch_88C69AD90AECC9317436C0E3E7328581 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: PDFPrint => F:\Programme\PDF24\pdf24.exe
MSCONFIG\startupreg: phonostar-PlayerTimer => "F:\Programme\phonostar-Player\phonostarTimer.exe"
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Lennart\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{BE866FCA-3264-4768-80BA-CCB5BAFAA33C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6D31F6BC-91EB-4FAE-8091-490E5D286560}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{51D766F7-4258-49B1-A537-836D93A94375}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{43C965FD-5037-4723-9BA1-4DE396F3652D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{E89508D7-489B-4B76-BA0B-1D7D5D7072E0}] => (Allow) C:\Users\Lennart\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{220FA349-F47F-4A27-90F5-9C5DC49446E3}] => (Allow) C:\Users\Lennart\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{B58C9990-3893-4E86-ABD4-BEBDCD524257}] => (Allow) F:\Programme\Steam\Steam.exe
FirewallRules: [{FBF12A09-BFC5-4DA4-86FF-37154A84F617}] => (Allow) F:\Programme\Steam\Steam.exe
FirewallRules: [{292DF4B5-0A80-44A0-BA88-8DFBE94F0A3A}] => (Allow) F:\Spiele\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [{447EA357-10E5-4A33-AE54-6A2731713A42}] => (Allow) F:\Spiele\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [{53264FC7-C236-4A7A-83E1-ADD2B2C92C40}] => (Allow) F:\Programme\Neuer Ordner\TeamViewer_Service.exe
FirewallRules: [{FE15D376-14D3-4D6C-979D-778A952AE62C}] => (Allow) F:\Programme\Neuer Ordner\TeamViewer_Service.exe
FirewallRules: [{77EE8E53-28B7-4D7B-935B-E8D440B48E19}] => (Allow) F:\Spiele\Battlenet\Hearthstone\Hearthstone.exe
FirewallRules: [{6B745F5E-970B-489D-8E78-76D892EC686D}] => (Allow) F:\Spiele\Battlenet\Hearthstone\Hearthstone.exe
FirewallRules: [{DD378677-BBB7-464B-8CB1-B378F479D44D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{5B8B276D-574C-4CFE-8C79-BFAEB2858C74}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{522A670C-D0D1-482B-8E43-2F274F1D5139}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{1E47496D-375C-45E9-BE3C-D4D6D318225B}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{8A27C84F-7D39-4EA6-A37E-0A1CB2C0B598}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{9DEE6FCF-27B3-4568-B2C3-895871FBD05F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{3B03FC34-3754-4525-9DFB-64B03137F596}] => (Allow) F:\Spiele\Battlenet\Diablo III\Diablo III.exe
FirewallRules: [{05032047-41C3-450F-8E93-56500D896F54}] => (Allow) F:\Spiele\Battlenet\Diablo III\Diablo III.exe
FirewallRules: [{8B0AE89D-F5B7-4339-8868-C195BB9A41D4}] => (Allow) F:\Programme\VMware\vmware-authd.exe
FirewallRules: [{FE0E74A6-4909-45D5-ABD1-162B7D97747E}] => (Allow) F:\Programme\VMware\vmware-authd.exe
FirewallRules: [{3F4FD639-8E6E-43E7-81FD-6FDB60D1C579}] => (Allow) F:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{EF9A9114-21B4-485C-924C-7B9A873438CF}] => (Allow) F:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{A0243140-06B6-41B2-8F85-9BA51555301A}] => (Allow) F:\Programme\NetWorx\networx.exe
FirewallRules: [{F249D332-8F91-4DD6-B8F4-BE7C9FB53430}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{375C05C4-DEC8-4E69-82CA-18F74701E42B}] => (Allow) F:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{F55C9D99-21B5-4F25-A486-2E860A9A34A0}] => (Allow) F:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [TCP Query User{16BF7C43-C377-431C-A584-17C796DA1B9D}F:\programme\openvpn\bin\openvpn.exe] => (Block) F:\programme\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{4CC052B1-257F-44CD-A8B2-AF41E018A094}F:\programme\openvpn\bin\openvpn.exe] => (Block) F:\programme\openvpn\bin\openvpn.exe
FirewallRules: [{292FC713-FE36-47E9-9AF0-BC09346BBF4B}] => (Allow) F:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{3738FA5A-D8F7-4160-B806-4C6737E75BF6}] => (Allow) F:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [TCP Query User{97293B85-8829-4372-BF08-E8A2CA4CFF23}C:\users\lennart\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lennart\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8FBD56B8-F800-4F81-9AB1-E5AAD7463924}C:\users\lennart\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lennart\appdata\roaming\spotify\spotify.exe
FirewallRules: [{14D48032-C819-4BD4-9FC4-55508C4729BD}] => (Allow) F:\Programme\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{DAC95C11-94A3-4BF7-9621-2045ED0A0BA1}] => (Allow) F:\Programme\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{CE75AA42-FBC5-48A6-A6A7-E58593809BAA}] => (Allow) F:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{D576B331-7430-4C25-8293-8A028D7EA9FB}] => (Allow) F:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{69C72D52-4596-43C0-914A-69F932D1BA78}] => (Allow) F:\Programme\Firefox\firefox.exe
FirewallRules: [{9D053025-1FC6-4978-894F-F4886E6E3C7F}] => (Allow) F:\Programme\Firefox\firefox.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{740FD91E-E0C1-4962-86B1-3B450BD8AA10}] => (Allow) F:\Programme\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{30E43AD6-460D-4DE0-A67D-BE8F6130E5B3}] => (Allow) F:\Programme\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{648E1615-5AA0-43E9-B092-55901DE6BE20}] => (Allow) F:\Programme\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{1DB2FDA1-79DF-4650-BF2E-BD6B83F01037}] => (Allow) F:\Programme\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{20AF9B64-72C9-4086-A5E1-A58DAFFC624B}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{67EE309E-5F22-49A2-B7CF-86FF60A198F8}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0487729D-A09C-41B4-98A3-4558442DA4CF}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C24443D5-0A91-4748-B049-1AFEBB2A7D65}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{195880AC-A350-4753-8155-2D812B0F1824}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7957764A-1E59-46C9-A496-65D8FCF66CD8}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{803158E8-335C-4A69-9A27-8294F7F2B6E5}] => (Allow) F:\Programme\Steam\SteamApps\common\War in the North\witn.exe
FirewallRules: [{E0158F8C-FA21-4D24-B650-9A9E5A675AE2}] => (Allow) F:\Programme\Steam\SteamApps\common\War in the North\witn.exe
FirewallRules: [{77F4958B-D02A-4F09-9378-4AF44681679F}] => (Allow) F:\Programme\Steam\SteamApps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{167060BC-F4A4-4C1A-8568-62029A4D76B0}] => (Allow) F:\Programme\Steam\SteamApps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{EF3DC89C-9873-460F-882C-5F916DFDF58C}] => (Allow) F:\Spiele\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{2C9D3F98-F993-4B4E-B137-3F974F60087A}] => (Allow) F:\Spiele\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{65131887-B913-41ED-9695-EE625C78BF79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EEB10DE0-E762-44FA-AC13-3860BD2DC8F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8396CD80-F3E7-4826-BC98-467AE4983B1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{533E5471-D6CF-4220-92C0-641F656CE424}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EDEBAB15-ED70-4194-9D90-BE68A7BDA363}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{952E0868-E38B-4666-AE58-61BF531A034C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{C78BE5FC-9F67-4939-B0CE-71E2A9269C01}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{9C2050FD-E221-4927-AFE2-CC6BF892FD49}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{A31C180E-1182-4DDC-AF8F-5CBCED7790D5}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{A0EFA816-32C4-420C-B285-8279D4CD670C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{38443952-5701-4E74-9B96-ECB636D70925}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{3EE2E637-4C43-4845-BC08-E54932BE0FA3}] => (Allow) F:\Programme\Steam\SteamApps\common\Golf With Friends\Golf With Friends.exe
FirewallRules: [{B2CBD638-11AB-4559-8A7D-A0014C0EC21A}] => (Allow) F:\Programme\Steam\SteamApps\common\Golf With Friends\Golf With Friends.exe
FirewallRules: [{327F2BFA-752F-4045-9CDD-8D694528C042}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{001F8689-2BDB-4306-B9F0-6E76C10A1088}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{CBCEAAB9-D1F1-413B-BE44-5E74D48E3C77}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{6478E1D2-0FE6-46A4-B699-B0E9C5BB0E63}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{9CDA1976-6891-404D-BB5E-632425CA09D5}] => (Allow) F:\Programme\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{4D5EF3A3-481F-4B6C-8CC2-DF317D8D095E}] => (Allow) F:\Programme\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{3970E144-323D-4119-BE2E-271A4BD95AF6}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
FirewallRules: [{BC1D3AAD-75E6-4101-8415-9BF5C8FD0DBC}] => (Allow) F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{ACEE974D-F96E-4E74-95FA-A7DFFC634CD4}] => (Allow) F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{D64AF5A7-426C-46E8-B089-0BB43B7A4885}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

10-05-2016 23:48:12 Windows Update
11-05-2016 15:01:15 Windows Update
12-05-2016 19:33:25 Windows Update
14-05-2016 20:12:21 Installed LogMeIn Hamachi
14-05-2016 20:34:17 Gerätetreiber-Paketinstallation: TAP-Win32 Provider V9 (Tunngle) Netzwerkadapter
22-05-2016 20:25:03 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/29/2016 03:54:25 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005

Error: (05/29/2016 03:42:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/29/2016 03:41:14 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

Error: (05/28/2016 11:54:45 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005

Error: (05/28/2016 10:54:45 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005

Error: (05/28/2016 10:29:46 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005

Error: (05/28/2016 09:54:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005

Error: (05/28/2016 08:54:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005

Error: (05/28/2016 08:29:44 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005

Error: (05/28/2016 08:20:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (05/29/2016 03:55:35 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (05/29/2016 03:54:25 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

Error: (05/29/2016 03:53:46 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (05/29/2016 03:49:24 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

Error: (05/29/2016 03:46:53 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (05/29/2016 03:46:31 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: 

Error: (05/29/2016 03:45:41 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (05/29/2016 03:45:25 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (05/29/2016 03:44:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/29/2016 03:44:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 8113.17 MB
Verfügbarer physikalischer RAM: 4800.8 MB
Summe virtueller Speicher: 16224.52 MB
Verfügbarer virtueller Speicher: 12791.57 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:230 GB) (Free:150.8 GB) NTFS
Drive f: (Volume) (Fixed) (Total:233.9 GB) (Free:45.01 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 96DBFA8A)
Partition 1: (Active) - (Size=1.9 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=230 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=233.9 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 30.05.2016, 13:30   #2
M-K-D-B
/// TB-Ausbilder
 
Spacekace Ordner im Laufwerk C: entdeckt - Standard

Spacekace Ordner im Laufwerk C: entdeckt






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!






Zukünftig bitte beachten:
Zitat:
Gestartet von F:\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.







Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.







Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 30.05.2016, 14:00   #3
Pechvogell
 
Spacekace Ordner im Laufwerk C: entdeckt - Standard

Spacekace Ordner im Laufwerk C: entdeckt



Hallo Matthias, vielen Dank für Deine Hilfe. Hier die gewünschten Logdateien

Addition
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
durchgeführt von Lennart (2016-05-30 14:46:41)
Gestartet von C:\Users\Lennart\Desktop
Windows 7 Enterprise Service Pack 1 (X64) (2014-05-03 13:55:49)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3922255045-3176004807-2504715946-500 - Administrator - Disabled)
Gast (S-1-5-21-3922255045-3176004807-2504715946-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3922255045-3176004807-2504715946-1003 - Limited - Enabled)
Lennart (S-1-5-21-3922255045-3176004807-2504715946-1000 - Administrator - Enabled) => C:\Users\Lennart

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: AVG Internet Security 2014 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2014 (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
AppNHost 1.0.5.1 (HKLM-x32\...\{A8CB86C7-CD4C-4C4F-AF6A-33D1CAC63562}) (Version: 1.0.5.1 - Mixesoft Project)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4855 - AVG Technologies)
AVG 2014 (Version: 14.0.4477 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4855 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.5.0.0 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG6400 series Benutzerregistrierung (HKLM-x32\...\Canon MG6400 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG6400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6400_series) (Version: 1.01 - Canon Inc.)
Canon MG6400 series On-screen Manual (HKLM-x32\...\Canon MG6400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 1.9.4.0 - Chip Digital GmbH)
Chrome Remote Desktop Host (HKLM-x32\...\{95EB2FCC-AE0B-40E9-B804-347C6358923B}) (Version: 51.0.2704.7 - Google Inc.)
ChromecastApp (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.4.0.28 - Swiss Academic Software)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FRITZ!Powerline (HKLM-x32\...\{F9C9378B-78D5-4CC0-8683-B7915DFEA9C5}) (Version: 01.00.65 - AVM Berlin)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Gauntlet™  (HKLM-x32\...\Steam App 258970) (Version:  - Arrowhead Game Studios)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Golf With Friends (HKLM-x32\...\Steam App 431240) (Version:  - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.428 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.428 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version:  - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 44.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.1 (x86 de)) (Version: 44.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetWorx 5.3.3 (HKLM\...\NetWorx_is1) (Version:  - Softperfect Research)
NVIDIA GeForce Experience 2.9.1.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.35 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenVPN 2.3.6-I601  (HKLM\...\OpenVPN) (Version: 2.3.6-I601 - )
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.94.111.0 - Overwolf Ltd.)
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
phonostar-Player Version 3.03.6 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version:  - )
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6914 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - REALTEK Semiconductor Corp.)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 2.2.3.24 - Steppschuh)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.35 - NVIDIA Corporation) Hidden
Sid Meier's Civilization 5 (HKLM-x32\...\Sid Meier's Civilization 5_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Panky)
Skype™ 7.9 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.9.103 - Skype Technologies S.A.)
SleepTimer Ultimate 1.2 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version:  - Christian Handorf)
SOLIDWORKS 2015 x64 Edition SP05 (HKLM-x32\...\SolidWorks Installation Manager 20150-40500-1100-100) (Version: 23.5.0.81 - SolidWorks Corporation)
SOLIDWORKS 2015 x64 Edition SP05 (Version: 23.150.81 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2015 x64 German Resources (Version: 23.150.81 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Composer Player 2015 SP05 x64 Edition (Version: 23.50.81 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2015 x64 Edition SP05 (Version: 15.5.0009 - Dassault Systèmes SolidWorks Corp) Hidden
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Spotify (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Spotify) (Version: 1.0.13.108.gcd94e7db - Spotify AB)
Stardew Valley (HKLM-x32\...\Steam App 413150) (Version:  - ConcernedApe)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TeamSpeak 3 Client (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\TeamSpeak 3 Client) (Version: 3.0.18.2 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind Studios)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56 - Ghisler Software GmbH)
Trials Fusion (HKLM-x32\...\Uplay Install 297) (Version:  - Ubisoft)
Unity Web Player (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.3 - VMware, Inc)
VMware Player (Version: 6.0.3 - VMware, Inc.) Hidden
VPNAutoconnect (HKLM-x32\...\{8E557F21-99AE-440D-8058-CD8CB3302E13}) (Version: 1.15 - globalip)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version:  - Team17 Digital Ltd.)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2064EADA-C08A-4070-9FEE-9E1726C2812E} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-05-19] (Overwolf LTD)
Task: {2919E08B-DD8E-43C5-9AC5-834FF603585D} - System32\Tasks\{EA827FF7-917C-487A-A77D-4DEB9B3232FF} => pcalua.exe -a "D:\Win8 x86x64\WLAN\AZ_RTL8188CE_8188EE_8723AE_Win8_2007.11.0322.2013\Setup.exe" -d "D:\Win8 x86x64\WLAN\AZ_RTL8188CE_8188EE_8723AE_Win8_2007.11.0322.2013"
Task: {4BE52BCE-C1E2-4F99-ABB9-7F4B7D136FC1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {4CA12898-83C9-4099-A3F9-FA03D633F24C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {61FC2C01-2DFA-42DB-BF41-6319846A2E88} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-02] (Google Inc.)
Task: {6688AE84-AE1A-4CE8-A0E4-6EBB01904CBD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {831BC1F2-4E03-43D8-8070-161BDC8DCC0D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {8B77F6F1-214C-4725-913D-6095B3766DE7} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-05-20] (Oracle Corporation)
Task: {8D57DD65-D390-4FD7-9671-9F7F25CC4BF6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {969F969F-93D2-4F92-9AB1-C27ECDDDF971} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-02] (Google Inc.)
Task: {BBD65F62-EC8D-4BF5-AA8B-E1B29F832850} - System32\Tasks\Google Update => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {DBC97D98-E833-4717-A559-6DC784179D3A} - System32\Tasks\{6BC42E92-18FA-4D75-9D37-65F2C559C28A} => pcalua.exe -a F:\Programme\ShutDownPro\Uninstaller.exe
Task: {F1CAB074-1A14-40F9-A55D-E814A6E842A7} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core.job => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA.job => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-05-03 16:58 - 2016-01-23 05:42 - 00018880 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-03 16:21 - 2016-01-23 03:04 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-03 17:33 - 2009-12-12 15:12 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2014-11-27 20:41 - 2014-06-06 16:41 - 00718336 _____ () F:\Programme\NetWorx\sqlite.dll
2015-11-11 13:05 - 2015-11-11 13:05 - 00268280 _____ () F:\Uni\Solidworks\SOLIDWORKS\sldBodyDiffu.dll
2014-08-29 17:54 - 2016-01-02 23:21 - 02569104 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2016-05-13 15:38 - 2016-05-11 05:49 - 02224280 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 15:38 - 2016-05-11 05:49 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
2015-12-06 21:19 - 2013-05-14 11:50 - 00140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2016-01-29 22:26 - 2016-01-23 04:55 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-01-02 23:22 - 2016-01-02 23:21 - 00168336 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\loggingserver.exe
2014-09-23 00:05 - 2014-09-23 00:05 - 00121875 _____ () F:\Programme\VLC\libvlc.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 02525203 _____ () F:\Programme\VLC\libvlccore.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00079379 _____ () F:\Programme\VLC\libgcc_s_seh-1.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00145427 _____ () F:\Programme\VLC\plugins\access\libdshow_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00980499 _____ () F:\Programme\VLC\libstdc++-6.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00031251 _____ () F:\Programme\VLC\plugins\audio_output\libdirectsound_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00034323 _____ () F:\Programme\VLC\plugins\audio_output\libwaveout_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00070675 _____ () F:\Programme\VLC\plugins\video_output\libdirectdraw_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 02380307 _____ () F:\Programme\VLC\plugins\access\liblibbluray_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00107027 _____ () F:\Programme\VLC\plugins\access\libaccess_bd_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00264211 _____ () F:\Programme\VLC\plugins\access\libdvdnav_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00081427 _____ () F:\Programme\VLC\plugins\access\libaccess_vdr_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00050707 _____ () F:\Programme\VLC\plugins\access\libfilesystem_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00064531 _____ () F:\Programme\VLC\plugins\stream_filter\libsmooth_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00609299 _____ () F:\Programme\VLC\plugins\stream_filter\libhttplive_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00151059 _____ () F:\Programme\VLC\plugins\stream_filter\libdash_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00125459 _____ () F:\Programme\VLC\plugins\access\libzip_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00044051 _____ () F:\Programme\VLC\plugins\access\libstream_filter_rar_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00017939 _____ () F:\Programme\VLC\plugins\stream_filter\librecord_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00140819 _____ () F:\Programme\VLC\plugins\demux\libplaylist_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00984083 _____ () F:\Programme\VLC\plugins\meta_engine\libtaglib_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00318995 _____ () F:\Programme\VLC\plugins\lua\liblua_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 01474067 _____ () F:\Programme\VLC\plugins\misc\libxml_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00190995 _____ () F:\Programme\VLC\plugins\demux\libmp4_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00058387 _____ () F:\Programme\VLC\plugins\control\libhotkeys_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00092179 _____ () F:\Programme\VLC\plugins\demux\libavi_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00043027 _____ () F:\Programme\VLC\plugins\control\libglobalhotkeys_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00071699 _____ () F:\Programme\VLC\plugins\demux\libasf_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00081939 _____ () F:\Programme\VLC\plugins\demux\libflacsys_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00028691 _____ () F:\Programme\VLC\plugins\demux\libes_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 11667987 _____ () F:\Programme\VLC\plugins\gui\libqt4_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00085523 _____ () F:\Programme\VLC\plugins\demux\libmpc_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00019475 _____ () F:\Programme\VLC\plugins\demux\libtta_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00025619 _____ () F:\Programme\VLC\plugins\demux\libnuv_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00024595 _____ () F:\Programme\VLC\plugins\demux\libwav_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00428563 _____ () F:\Programme\VLC\plugins\demux\libsid_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00126995 _____ () F:\Programme\VLC\plugins\services_discovery\libsap_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00153107 _____ () F:\Programme\VLC\plugins\demux\libogg_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00731155 _____ () F:\Programme\VLC\plugins\demux\libmkv_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00018451 _____ () F:\Programme\VLC\plugins\demux\libdirac_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00646675 _____ () F:\Programme\VLC\plugins\access\liblive555_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00023059 _____ () F:\Programme\VLC\plugins\demux\libsmf_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00021523 _____ () F:\Programme\VLC\plugins\demux\libpva_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00018451 _____ () F:\Programme\VLC\plugins\demux\libxa_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00019475 _____ () F:\Programme\VLC\plugins\demux\libaiff_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00021011 _____ () F:\Programme\VLC\plugins\demux\libvoc_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00018451 _____ () F:\Programme\VLC\plugins\demux\libau_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00374291 _____ () F:\Programme\VLC\plugins\demux\libgme_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00040979 _____ () F:\Programme\VLC\plugins\meta_engine\libfolder_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00300563 _____ () F:\Programme\VLC\plugins\services_discovery\libupnp_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00024595 _____ () F:\Programme\VLC\plugins\services_discovery\libpodcast_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00021523 _____ () F:\Programme\VLC\plugins\services_discovery\libmediadirs_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00018451 _____ () F:\Programme\VLC\plugins\services_discovery\libwindrive_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00124435 _____ () F:\Programme\VLC\plugins\access\libaccess_http_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00330771 _____ () F:\Programme\VLC\plugins\codec\libtheora_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00019987 _____ () F:\Programme\VLC\plugins\codec\librawvideo_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00190995 _____ () F:\Programme\VLC\plugins\codec\libspeex_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00833043 _____ () F:\Programme\VLC\plugins\codec\libvorbis_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00019475 _____ () F:\Programme\VLC\plugins\codec\libaes3_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00025619 _____ () F:\Programme\VLC\plugins\codec\liblpcm_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00024595 _____ () F:\Programme\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00035859 _____ () F:\Programme\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00024595 _____ () F:\Programme\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00072723 _____ () F:\Programme\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00341523 _____ () F:\Programme\VLC\plugins\codec\libpng_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00022035 _____ () F:\Programme\VLC\plugins\codec\libcdg_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 01526803 _____ () F:\Programme\VLC\plugins\codec\libschroedinger_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00023571 _____ () F:\Programme\VLC\plugins\codec\libdts_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00417811 _____ () F:\Programme\VLC\plugins\codec\libfaad_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00017427 _____ () F:\Programme\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00022547 _____ () F:\Programme\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 01506323 _____ () F:\Programme\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2014-05-03 16:16 - 2015-08-09 05:50 - 00404376 _____ () C:\Windows\system32\igfxTray.exe
2016-01-29 22:26 - 2016-01-23 04:55 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-05-03 16:58 - 2016-01-23 05:42 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2016-01-02 23:22 - 2016-01-02 23:21 - 00528272 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\log4cplusU.dll
2014-06-12 18:22 - 2014-06-12 18:22 - 01261272 _____ () F:\Programme\VMware\libxml2.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lennart\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: bthserv => 3
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GoogleChromeAutoLaunch_88C69AD90AECC9317436C0E3E7328581 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: PDFPrint => F:\Programme\PDF24\pdf24.exe
MSCONFIG\startupreg: phonostar-PlayerTimer => "F:\Programme\phonostar-Player\phonostarTimer.exe"
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Lennart\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{BE866FCA-3264-4768-80BA-CCB5BAFAA33C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6D31F6BC-91EB-4FAE-8091-490E5D286560}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{51D766F7-4258-49B1-A537-836D93A94375}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{43C965FD-5037-4723-9BA1-4DE396F3652D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{E89508D7-489B-4B76-BA0B-1D7D5D7072E0}] => (Allow) C:\Users\Lennart\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{220FA349-F47F-4A27-90F5-9C5DC49446E3}] => (Allow) C:\Users\Lennart\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{B58C9990-3893-4E86-ABD4-BEBDCD524257}] => (Allow) F:\Programme\Steam\Steam.exe
FirewallRules: [{FBF12A09-BFC5-4DA4-86FF-37154A84F617}] => (Allow) F:\Programme\Steam\Steam.exe
FirewallRules: [{292DF4B5-0A80-44A0-BA88-8DFBE94F0A3A}] => (Allow) F:\Spiele\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [{447EA357-10E5-4A33-AE54-6A2731713A42}] => (Allow) F:\Spiele\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [{53264FC7-C236-4A7A-83E1-ADD2B2C92C40}] => (Allow) F:\Programme\Neuer Ordner\TeamViewer_Service.exe
FirewallRules: [{FE15D376-14D3-4D6C-979D-778A952AE62C}] => (Allow) F:\Programme\Neuer Ordner\TeamViewer_Service.exe
FirewallRules: [{77EE8E53-28B7-4D7B-935B-E8D440B48E19}] => (Allow) F:\Spiele\Battlenet\Hearthstone\Hearthstone.exe
FirewallRules: [{6B745F5E-970B-489D-8E78-76D892EC686D}] => (Allow) F:\Spiele\Battlenet\Hearthstone\Hearthstone.exe
FirewallRules: [{DD378677-BBB7-464B-8CB1-B378F479D44D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{5B8B276D-574C-4CFE-8C79-BFAEB2858C74}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{522A670C-D0D1-482B-8E43-2F274F1D5139}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{1E47496D-375C-45E9-BE3C-D4D6D318225B}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{8A27C84F-7D39-4EA6-A37E-0A1CB2C0B598}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{9DEE6FCF-27B3-4568-B2C3-895871FBD05F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{3B03FC34-3754-4525-9DFB-64B03137F596}] => (Allow) F:\Spiele\Battlenet\Diablo III\Diablo III.exe
FirewallRules: [{05032047-41C3-450F-8E93-56500D896F54}] => (Allow) F:\Spiele\Battlenet\Diablo III\Diablo III.exe
FirewallRules: [{8B0AE89D-F5B7-4339-8868-C195BB9A41D4}] => (Allow) F:\Programme\VMware\vmware-authd.exe
FirewallRules: [{FE0E74A6-4909-45D5-ABD1-162B7D97747E}] => (Allow) F:\Programme\VMware\vmware-authd.exe
FirewallRules: [{3F4FD639-8E6E-43E7-81FD-6FDB60D1C579}] => (Allow) F:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{EF9A9114-21B4-485C-924C-7B9A873438CF}] => (Allow) F:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{A0243140-06B6-41B2-8F85-9BA51555301A}] => (Allow) F:\Programme\NetWorx\networx.exe
FirewallRules: [{F249D332-8F91-4DD6-B8F4-BE7C9FB53430}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{375C05C4-DEC8-4E69-82CA-18F74701E42B}] => (Allow) F:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{F55C9D99-21B5-4F25-A486-2E860A9A34A0}] => (Allow) F:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [TCP Query User{16BF7C43-C377-431C-A584-17C796DA1B9D}F:\programme\openvpn\bin\openvpn.exe] => (Block) F:\programme\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{4CC052B1-257F-44CD-A8B2-AF41E018A094}F:\programme\openvpn\bin\openvpn.exe] => (Block) F:\programme\openvpn\bin\openvpn.exe
FirewallRules: [{292FC713-FE36-47E9-9AF0-BC09346BBF4B}] => (Allow) F:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{3738FA5A-D8F7-4160-B806-4C6737E75BF6}] => (Allow) F:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [TCP Query User{97293B85-8829-4372-BF08-E8A2CA4CFF23}C:\users\lennart\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lennart\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8FBD56B8-F800-4F81-9AB1-E5AAD7463924}C:\users\lennart\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lennart\appdata\roaming\spotify\spotify.exe
FirewallRules: [{14D48032-C819-4BD4-9FC4-55508C4729BD}] => (Allow) F:\Programme\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{DAC95C11-94A3-4BF7-9621-2045ED0A0BA1}] => (Allow) F:\Programme\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{CE75AA42-FBC5-48A6-A6A7-E58593809BAA}] => (Allow) F:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{D576B331-7430-4C25-8293-8A028D7EA9FB}] => (Allow) F:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{69C72D52-4596-43C0-914A-69F932D1BA78}] => (Allow) F:\Programme\Firefox\firefox.exe
FirewallRules: [{9D053025-1FC6-4978-894F-F4886E6E3C7F}] => (Allow) F:\Programme\Firefox\firefox.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{740FD91E-E0C1-4962-86B1-3B450BD8AA10}] => (Allow) F:\Programme\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{30E43AD6-460D-4DE0-A67D-BE8F6130E5B3}] => (Allow) F:\Programme\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{648E1615-5AA0-43E9-B092-55901DE6BE20}] => (Allow) F:\Programme\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{1DB2FDA1-79DF-4650-BF2E-BD6B83F01037}] => (Allow) F:\Programme\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{20AF9B64-72C9-4086-A5E1-A58DAFFC624B}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{67EE309E-5F22-49A2-B7CF-86FF60A198F8}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0487729D-A09C-41B4-98A3-4558442DA4CF}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C24443D5-0A91-4748-B049-1AFEBB2A7D65}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{195880AC-A350-4753-8155-2D812B0F1824}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7957764A-1E59-46C9-A496-65D8FCF66CD8}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{803158E8-335C-4A69-9A27-8294F7F2B6E5}] => (Allow) F:\Programme\Steam\SteamApps\common\War in the North\witn.exe
FirewallRules: [{E0158F8C-FA21-4D24-B650-9A9E5A675AE2}] => (Allow) F:\Programme\Steam\SteamApps\common\War in the North\witn.exe
FirewallRules: [{77F4958B-D02A-4F09-9378-4AF44681679F}] => (Allow) F:\Programme\Steam\SteamApps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{167060BC-F4A4-4C1A-8568-62029A4D76B0}] => (Allow) F:\Programme\Steam\SteamApps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{EF3DC89C-9873-460F-882C-5F916DFDF58C}] => (Allow) F:\Spiele\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{2C9D3F98-F993-4B4E-B137-3F974F60087A}] => (Allow) F:\Spiele\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{65131887-B913-41ED-9695-EE625C78BF79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EEB10DE0-E762-44FA-AC13-3860BD2DC8F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8396CD80-F3E7-4826-BC98-467AE4983B1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{533E5471-D6CF-4220-92C0-641F656CE424}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EDEBAB15-ED70-4194-9D90-BE68A7BDA363}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{952E0868-E38B-4666-AE58-61BF531A034C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{C78BE5FC-9F67-4939-B0CE-71E2A9269C01}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{9C2050FD-E221-4927-AFE2-CC6BF892FD49}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{A31C180E-1182-4DDC-AF8F-5CBCED7790D5}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{A0EFA816-32C4-420C-B285-8279D4CD670C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{38443952-5701-4E74-9B96-ECB636D70925}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{3EE2E637-4C43-4845-BC08-E54932BE0FA3}] => (Allow) F:\Programme\Steam\SteamApps\common\Golf With Friends\Golf With Friends.exe
FirewallRules: [{B2CBD638-11AB-4559-8A7D-A0014C0EC21A}] => (Allow) F:\Programme\Steam\SteamApps\common\Golf With Friends\Golf With Friends.exe
FirewallRules: [{327F2BFA-752F-4045-9CDD-8D694528C042}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{001F8689-2BDB-4306-B9F0-6E76C10A1088}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{CBCEAAB9-D1F1-413B-BE44-5E74D48E3C77}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{6478E1D2-0FE6-46A4-B699-B0E9C5BB0E63}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{9CDA1976-6891-404D-BB5E-632425CA09D5}] => (Allow) F:\Programme\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{4D5EF3A3-481F-4B6C-8CC2-DF317D8D095E}] => (Allow) F:\Programme\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{3970E144-323D-4119-BE2E-271A4BD95AF6}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
FirewallRules: [{BC1D3AAD-75E6-4101-8415-9BF5C8FD0DBC}] => (Allow) F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{ACEE974D-F96E-4E74-95FA-A7DFFC634CD4}] => (Allow) F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{D64AF5A7-426C-46E8-B089-0BB43B7A4885}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

12-05-2016 19:33:25 Windows Update
14-05-2016 20:12:21 Installed LogMeIn Hamachi
14-05-2016 20:34:17 Gerätetreiber-Paketinstallation: TAP-Win32 Provider V9 (Tunngle) Netzwerkadapter
22-05-2016 20:25:03 Geplanter Prüfpunkt
29-05-2016 21:12:04 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/30/2016 02:38:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2016 02:36:15 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

Error: (05/30/2016 12:29:01 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005

Error: (05/30/2016 12:03:55 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005

Error: (05/29/2016 11:52:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/29/2016 11:51:12 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

Error: (05/29/2016 11:19:28 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005

Error: (05/29/2016 10:19:28 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005

Error: (05/29/2016 09:54:31 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005

Error: (05/29/2016 09:19:28 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005


Systemfehler:
=============
Error: (05/30/2016 02:46:04 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

Error: (05/30/2016 02:45:34 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (05/30/2016 02:44:37 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (05/30/2016 02:43:08 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: 

Error: (05/30/2016 02:42:45 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (05/30/2016 02:40:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Gatewaydienst auf Anwendungsebene" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/30/2016 02:40:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Gatewaydienst auf Anwendungsebene erreicht.

Error: (05/30/2016 02:39:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/30/2016 02:37:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NVIDIA GeForce Experience Service erreicht.

Error: (05/30/2016 02:36:25 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 51%
Installierter physikalischer RAM: 8113.17 MB
Verfügbarer physikalischer RAM: 3897.37 MB
Summe virtueller Speicher: 16224.52 MB
Verfügbarer virtueller Speicher: 12147.05 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:230 GB) (Free:153.74 GB) NTFS
Drive f: (Volume) (Fixed) (Total:233.9 GB) (Free:45.01 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 96DBFA8A)
Partition 1: (Active) - (Size=1.9 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=230 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=233.9 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016 02
durchgeführt von Lennart (Administrator) auf LENNART-PC (30-05-2016 14:44:00)
Gestartet von C:\Users\Lennart\Desktop
Geladene Profile: Lennart (Verfügbare Profile: Lennart & DefaultAppPool)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(AVM GmbH) F:\Programme\Fritz\PowerlineService.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(SoftPerfect Research) F:\Programme\NetWorx\networx.exe
(Mixesoft Project) C:\Users\Lennart\AppData\Local\Mixesoft\AppNHost\appnhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dassault Systèmes SolidWorks Corp.) F:\Uni\Solidworks\SOLIDWORKS\sldworks_fs.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(TeamViewer GmbH) F:\Programme\Neuer Ordner\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\ToolbarUpdater.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\loggingserver.exe
(VMware, Inc.) F:\Programme\VMware\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(LogMeIn Inc.) F:\Programme\Hamachi\hamachi-2.exe
(LogMeIn, Inc.) F:\Programme\Hamachi\LMIGuardianSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(LogMeIn Inc.) F:\Programme\Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) F:\Programme\Hamachi\LMIGuardianSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(VideoLAN) F:\Programme\VLC\vlc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Ghisler Software GmbH) F:\Programme\totalcmd\TOTALCMD.EXE


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-23] (NVIDIA Corporation)
HKLM\...\Run: [NetWorx] => F:\Programme\NetWorx\networx.exe [6589136 2014-09-30] (SoftPerfect Research)
HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5212584 2016-02-05] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2569104 2016-01-02] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Run: [appnhost] => C:\Users\Lennart\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Mixesoft Project)
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Run: [GoogleChromeAutoLaunch_88C69AD90AECC9317436C0E3E7328581] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1008280 2016-05-11] (Google Inc.)
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\MountPoints2: {1be94695-f39b-11e3-9d4c-448a5b404961} - E:\Setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175368 2016-01-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [153392 2016-01-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2015 Schnellstart.lnk [2016-04-27]
ShortcutTarget: SOLIDWORKS 2015 Schnellstart.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{25DDDE53-0D5A-434E-81DC-F7399DF727D5}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{25DDDE53-0D5A-434E-81DC-F7399DF727D5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6CE4710C-C961-4160-BA19-D64995371EDF}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-27] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.5.0\ViProtocol.dll [2016-01-02] (AVG Secure Search)

FireFox:
========
FF ProfilePath: C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\3.5.0\\npsitesafety.dll [Keine Datei]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @phonostar.de/phonostar-Player -> F:\Programme\phonostar-Player\npphonostarDetectNP.dll [2015-02-26] ( )
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lennart\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-21] (Unity Technologies ApS)
FF Extension: QuickJava - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-05-22]
FF Extension: JavaScript on-off applet - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\extensions\{54e46280-0211-11e3-b778-0800200c9a66}.xpi [2016-05-22]
FF Extension: Adblock Plus - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-11]
StartMenuInternet: FIREFOX.EXE - F:\Programme\Firefox\firefox.exe

Chrome: 
=======
CHR Session Restore: Profile 1 -> ist aktiviert.
CHR Profile: C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-22]
CHR Extension: (GeoGebra) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2016-05-22]
CHR Extension: (Adblock Plus) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-05-22]
CHR Extension: (Google-Suche) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-05-22]
CHR Extension: (AdBlock) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-22]
CHR Extension: (Google Mail) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Profile: C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Präsentationen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-14]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-05-24]
CHR Extension: (BetterTTV) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-10-09]
CHR Extension: (Google Docs) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-14]
CHR Extension: (Google Drive) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Honey) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-05-19]
CHR Extension: (Google Cast) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-03-24]
CHR Extension: (Adblock Plus) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09]
CHR Extension: (Google-Suche) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tampermonkey) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-04-17]
CHR Extension: (Google Tabellen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-14]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-05-10]
CHR Extension: (Google Docs Offline) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (ReChat for Twitch™) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ipplilmaapjjklilmmaccfemdmhkoacd [2016-03-04]
CHR Extension: (Todoist: To-Do Liste und Aufgabenverwaltung) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2016-03-18]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-03-18]
CHR Extension: (AVG Secure Search) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-05-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Google Mail) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-14]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1443144 2016-02-05] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3260328 2016-02-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301896 2016-02-05] (AVG Technologies CZ, s.r.o.)
R2 AVMPowerlineService; F:\Programme\Fritz\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-05-18] () [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [81408 2016-04-28] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe [68488 2016-04-14] (Google Inc.)
S3 CoordinatorServiceHost; F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [81400 2015-11-11] (Dassault Systèmes SolidWorks Corporation)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-23] (NVIDIA Corporation)
R2 Hamachi2Svc; F:\Programme\Hamachi\hamachi-2.exe [2552840 2016-05-06] (LogMeIn Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-21] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-23] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-23] (NVIDIA Corporation)
S3 OpenVPNService; F:\Programme\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1286896 2016-05-19] (Overwolf LTD)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2016-04-27] (SolidWorks) [Datei ist nicht signiert]
R2 TeamViewer9; F:\Programme\Neuer Ordner\TeamViewer_Service.exe [5024576 2014-04-25] (TeamViewer GmbH)
R2 VMAuthdService; F:\Programme\VMware\vmware-authd.exe [86744 2014-06-12] (VMware, Inc.)
R2 vToolbarUpdater3.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\ToolbarUpdater.exe [1829776 2016-01-02] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [237536 2015-05-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [369120 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [211936 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [276960 2015-05-18] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-14] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118504 2012-12-19] (Qualcomm Atheros Co., Ltd.)
S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R1 networx; C:\Windows\System32\drivers\networx.sys [60408 2014-08-01] (NetFilterSDK.com)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-30 14:44 - 2016-05-30 14:45 - 00027287 _____ C:\Users\Lennart\Desktop\FRST.txt
2016-05-30 14:43 - 2016-05-29 15:53 - 02383872 _____ (Farbar) C:\Users\Lennart\Desktop\FRST64.exe
2016-05-29 15:55 - 2016-05-30 14:44 - 00000000 ____D C:\FRST
2016-05-22 17:22 - 2016-05-22 17:22 - 00003850 _____ C:\Windows\System32\Tasks\Google Update
2016-05-22 17:22 - 2016-05-22 17:22 - 00003704 _____ C:\Windows\System32\Tasks\Java Platform SE Auto Updater
2016-05-22 17:11 - 2016-05-22 17:26 - 00000000 ____D C:\Users\Lennart\AppData\Local\AvgSetupLog
2016-05-22 14:18 - 2016-05-22 14:18 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\dvdcss
2016-05-21 13:22 - 2016-05-29 17:46 - 00000000 _____ C:\Users\Lennart\AppData\Local\Temptable.xml
2016-05-17 16:40 - 2016-05-17 22:02 - 00032768 _____ C:\Users\Lennart\Desktop\MeA Testat 1b.xls
2016-05-14 21:28 - 2016-05-06 16:29 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-05-14 20:40 - 2016-05-14 20:40 - 00000000 ____D C:\Users\Lennart\AppData\Local\LogMeIn
2016-05-14 20:40 - 2016-05-14 20:40 - 00000000 ____D C:\ProgramData\LogMeIn
2016-05-14 20:32 - 2016-05-14 21:22 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\Tunngle
2016-05-14 20:32 - 2016-05-14 20:32 - 00000000 ____D C:\Users\Lennart\Documents\Tunngle
2016-05-14 20:32 - 2016-04-27 00:49 - 00039464 _____ (Tunngle.net GmbH) C:\Windows\system32\Drivers\tap0901t.sys
2016-05-14 20:13 - 2016-05-30 14:39 - 00000000 ____D C:\Users\Lennart\AppData\Local\LogMeIn Hamachi
2016-05-14 20:13 - 2016-05-14 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-05-14 20:11 - 2016-05-14 20:11 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-05-13 15:24 - 2016-05-13 15:28 - 00000000 ____D C:\Users\Lennart\Documents\OpenRA
2016-05-11 13:59 - 2016-04-23 19:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-11 13:59 - 2016-04-23 18:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-11 13:59 - 2016-04-23 07:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-11 13:59 - 2016-04-23 07:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-11 13:59 - 2016-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-11 13:59 - 2016-04-23 07:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-11 13:59 - 2016-04-23 07:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-11 13:59 - 2016-04-23 06:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-11 13:59 - 2016-04-23 06:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-11 13:59 - 2016-04-23 06:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-11 13:59 - 2016-04-23 06:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-11 13:59 - 2016-04-23 06:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-11 13:59 - 2016-04-23 06:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-11 13:59 - 2016-04-23 06:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-11 13:59 - 2016-04-23 06:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-11 13:59 - 2016-04-23 06:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-11 13:59 - 2016-04-23 06:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-11 13:59 - 2016-04-23 06:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-11 13:59 - 2016-04-23 06:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-11 13:59 - 2016-04-23 06:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-11 13:59 - 2016-04-23 06:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-11 13:59 - 2016-04-23 06:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-11 13:59 - 2016-04-23 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-05-11 13:59 - 2016-04-23 06:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-11 13:59 - 2016-04-23 06:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-11 13:59 - 2016-04-23 06:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-11 13:59 - 2016-04-23 06:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-11 13:59 - 2016-04-23 06:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-05-11 13:59 - 2016-04-23 06:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-05-11 13:59 - 2016-04-23 06:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-11 13:59 - 2016-04-23 06:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-05-11 13:59 - 2016-04-23 06:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-05-11 13:59 - 2016-04-23 06:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-11 13:59 - 2016-04-23 06:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-11 13:59 - 2016-04-23 06:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-11 13:59 - 2016-04-23 06:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-11 13:59 - 2016-04-23 06:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-05-11 13:59 - 2016-04-23 06:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-05-11 13:59 - 2016-04-23 06:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-11 13:59 - 2016-04-23 05:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-05-11 13:59 - 2016-04-23 05:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-11 13:59 - 2016-04-23 05:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-05-11 13:59 - 2016-04-23 05:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-05-11 13:59 - 2016-04-23 05:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-11 13:59 - 2016-04-23 05:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-05-11 13:59 - 2016-04-23 05:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-11 13:59 - 2016-04-23 05:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-05-11 13:59 - 2016-04-23 05:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-05-11 13:59 - 2016-04-23 05:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-05-11 13:59 - 2016-04-23 05:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-05-11 13:59 - 2016-04-23 05:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-11 13:59 - 2016-04-23 05:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-05-11 13:59 - 2016-04-23 05:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-11 13:59 - 2016-04-23 05:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-11 13:59 - 2016-04-23 05:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-11 13:59 - 2016-04-23 05:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-11 13:59 - 2016-04-23 05:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-05-11 13:59 - 2016-04-23 05:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-11 13:59 - 2016-04-23 05:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-11 13:59 - 2016-04-23 05:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-11 13:59 - 2016-04-23 05:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-11 13:59 - 2016-04-23 05:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-11 13:59 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-11 13:59 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-11 13:59 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-11 13:59 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-11 13:59 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-11 13:59 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-11 13:59 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-11 13:59 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-11 13:59 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-11 13:59 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-11 13:59 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-05-11 13:59 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-11 13:59 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-11 13:58 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-11 13:58 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-11 13:58 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-11 13:58 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-11 13:58 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-11 13:58 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-11 13:58 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-11 13:58 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-11 13:58 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-11 13:58 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-11 13:58 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-11 13:58 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-11 13:58 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-11 13:58 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-11 13:58 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-11 13:58 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-11 13:58 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-11 13:58 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-11 13:58 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-11 13:58 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-11 13:58 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-11 13:58 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-11 13:58 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-11 13:58 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-11 13:58 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-06 16:29 - 2016-05-06 16:29 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-30 14:42 - 2014-05-03 17:22 - 00000000 ____D C:\ProgramData\MFAData
2016-05-30 14:41 - 2015-09-04 20:56 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-05-30 14:40 - 2015-07-05 21:53 - 00000000 __SHD C:\Users\Lennart\IntelGraphicsProfiles
2016-05-30 14:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-05-30 14:38 - 2014-08-09 21:01 - 00000000 ____D C:\ProgramData\VMware
2016-05-30 14:37 - 2015-12-10 22:19 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA.job
2016-05-30 14:36 - 2015-04-02 02:29 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-30 14:36 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-30 01:27 - 2009-07-14 06:45 - 00021744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-30 01:27 - 2009-07-14 06:45 - 00021744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-30 01:16 - 2015-02-28 20:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-30 00:36 - 2015-04-02 02:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-29 18:40 - 2016-04-24 14:22 - 00000000 ____D C:\Users\Lennart\AppData\Local\TempSWSicherungsverzeichnis
2016-05-29 00:21 - 2014-08-01 12:41 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\vlc
2016-05-28 13:37 - 2015-12-10 22:19 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core.job
2016-05-27 12:21 - 2016-02-10 14:50 - 00097344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-05-27 12:21 - 2016-02-10 14:49 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-27 12:21 - 2015-12-20 15:57 - 00000000 ____D C:\Users\Lennart\.oracle_jre_usage
2016-05-27 12:21 - 2014-07-19 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-27 12:21 - 2014-05-03 17:44 - 00000000 ____D C:\ProgramData\Oracle
2016-05-26 12:30 - 2015-10-06 18:30 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-05-23 00:25 - 2010-11-21 08:22 - 00778516 _____ C:\Windows\system32\perfh007.dat
2016-05-23 00:25 - 2010-11-21 08:22 - 00177978 _____ C:\Windows\system32\perfc007.dat
2016-05-23 00:25 - 2009-07-14 07:13 - 01820656 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-23 00:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-22 17:26 - 2014-07-22 14:11 - 00000000 ____D C:\ProgramData\AVG
2016-05-22 17:15 - 2014-07-22 14:12 - 00000000 ____D C:\Users\Lennart\AppData\Local\AVG
2016-05-19 22:13 - 2015-12-19 01:19 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-18 08:21 - 2016-04-23 12:56 - 00000000 ____D C:\Users\Lennart\AppData\Local\SolidWorks
2016-05-17 11:58 - 2014-05-03 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-05-15 21:10 - 2015-11-03 19:53 - 00076488 _____ C:\Users\Lennart\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-14 21:33 - 2015-11-04 15:04 - 00309600 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-14 20:11 - 2014-10-20 17:15 - 00000000 ____D C:\Users\Lennart\AppData\Local\Downloaded Installations
2016-05-13 15:38 - 2015-04-02 02:29 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 15:38 - 2015-04-02 02:29 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-13 15:16 - 2015-02-28 20:58 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 15:16 - 2015-02-28 20:58 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 15:16 - 2015-02-28 20:58 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-12 18:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-11 23:09 - 2010-11-21 08:28 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 15:17 - 2014-05-06 13:52 - 00000000 ____D C:\Windows\system32\MRT
2016-05-11 15:03 - 2011-05-25 16:59 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-11 13:32 - 2015-12-10 22:19 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA
2016-05-11 13:32 - 2015-12-10 22:19 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core
2016-05-11 13:31 - 2015-04-02 02:29 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 13:31 - 2015-04-02 02:29 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-10 23:48 - 2014-12-11 10:09 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-10 23:46 - 2015-12-06 21:00 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-05-10 15:32 - 2014-12-25 13:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-10-21 23:03 - 2014-10-21 23:03 - 6000640 _____ () C:\Program Files (x86)\GUT1F15.tmp
2014-05-14 17:34 - 2014-05-14 17:35 - 0000000 _____ () C:\Users\Lennart\AppData\Roaming\27.wav
2014-05-12 16:40 - 2014-05-12 16:51 - 0000198 _____ () C:\Users\Lennart\AppData\Roaming\SpotifyRecorderSettings.ini
2014-05-03 22:07 - 2015-08-22 20:49 - 0007597 _____ () C:\Users\Lennart\AppData\Local\Resmon.ResmonCfg
2016-05-21 13:22 - 2016-05-29 17:46 - 0000000 _____ () C:\Users\Lennart\AppData\Local\Temptable.xml
2014-05-27 15:25 - 2014-05-27 15:25 - 0000000 _____ () C:\Users\Lennart\AppData\Local\{04DBC2F6-A796-49AF-8289-15D0A805295C}
2014-07-14 14:05 - 2014-07-14 14:05 - 0000088 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Lennart\AppData\Local\Temp\GURE23.exe
C:\Users\Lennart\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Lennart\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Lennart\AppData\Local\Temp\uninstall.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-28 12:13

==================== Ende von FRST.txt ============================
         
__________________

Alt 30.05.2016, 14:02   #4
Pechvogell
 
Spacekace Ordner im Laufwerk C: entdeckt - Standard

Spacekace Ordner im Laufwerk C: entdeckt



Die Logs waren zu lang für eine Nachricht, deswegen hier noch die TDSSKiller log.

Code:
ATTFilter
14:49:28.0845 0x1bcc  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
14:49:35.0707 0x1bcc  ============================================================
14:49:35.0707 0x1bcc  Current date / time: 2016/05/30 14:49:35.0707
14:49:35.0707 0x1bcc  SystemInfo:
14:49:35.0707 0x1bcc  
14:49:35.0707 0x1bcc  OS Version: 6.1.7601 ServicePack: 1.0
14:49:35.0707 0x1bcc  Product type: Workstation
14:49:35.0707 0x1bcc  ComputerName: LENNART-PC
14:49:35.0707 0x1bcc  UserName: Lennart
14:49:35.0707 0x1bcc  Windows directory: C:\Windows
14:49:35.0707 0x1bcc  System windows directory: C:\Windows
14:49:35.0707 0x1bcc  Running under WOW64
14:49:35.0707 0x1bcc  Processor architecture: Intel x64
14:49:35.0707 0x1bcc  Number of processors: 8
14:49:35.0707 0x1bcc  Page size: 0x1000
14:49:35.0707 0x1bcc  Boot type: Normal boot
14:49:35.0707 0x1bcc  ============================================================
14:49:38.0124 0x1bcc  KLMD registered as C:\Windows\system32\drivers\39501581.sys
14:49:38.0906 0x1bcc  System UUID: {8062337D-D6D3-01A1-62AC-43566FEF0ED9}
14:49:39.0237 0x1bcc  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:49:39.0242 0x1bcc  ============================================================
14:49:39.0242 0x1bcc  \Device\Harddisk0\DR0:
14:49:39.0242 0x1bcc  MBR partitions:
14:49:39.0242 0x1bcc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x3B90F4
14:49:39.0242 0x1bcc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3B9800, BlocksNum 0x1CC00000
14:49:39.0242 0x1bcc  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1CFB9800, BlocksNum 0x1D3CB800
14:49:39.0242 0x1bcc  ============================================================
14:49:39.0272 0x1bcc  C: <-> \Device\Harddisk0\DR0\Partition2
14:49:39.0316 0x1bcc  F: <-> \Device\Harddisk0\DR0\Partition3
14:49:39.0316 0x1bcc  ============================================================
14:49:39.0316 0x1bcc  Initialize success
14:49:39.0316 0x1bcc  ============================================================
14:51:11.0692 0x1738  ============================================================
14:51:11.0692 0x1738  Scan started
14:51:11.0692 0x1738  Mode: Manual; SigCheck; TDLFS; 
14:51:11.0692 0x1738  ============================================================
14:51:11.0692 0x1738  KSN ping started
14:51:38.0198 0x1738  KSN ping finished: true
14:51:39.0593 0x1738  ================ Scan system memory ========================
14:51:39.0593 0x1738  System memory - ok
14:51:39.0593 0x1738  ================ Scan services =============================
14:51:39.0723 0x1738  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:51:39.0758 0x1738  1394ohci - ok
14:51:39.0798 0x1738  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:51:39.0808 0x1738  ACPI - ok
14:51:39.0823 0x1738  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:51:39.0848 0x1738  AcpiPmi - ok
14:51:39.0958 0x1738  [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:51:39.0963 0x1738  AdobeARMservice - ok
14:51:40.0088 0x1738  [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:51:40.0098 0x1738  AdobeFlashPlayerUpdateSvc - ok
14:51:40.0143 0x1738  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:51:40.0153 0x1738  adp94xx - ok
14:51:40.0183 0x1738  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:51:40.0198 0x1738  adpahci - ok
14:51:40.0208 0x1738  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:51:40.0218 0x1738  adpu320 - ok
14:51:40.0258 0x1738  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:51:40.0263 0x1738  AeLookupSvc - ok
14:51:40.0313 0x1738  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
14:51:40.0328 0x1738  AFD - ok
14:51:40.0363 0x1738  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
14:51:40.0373 0x1738  agp440 - ok
14:51:40.0408 0x1738  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
14:51:40.0418 0x1738  ALG - ok
14:51:40.0448 0x1738  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:51:40.0453 0x1738  aliide - ok
14:51:40.0468 0x1738  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:51:40.0478 0x1738  amdide - ok
14:51:40.0513 0x1738  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:51:40.0523 0x1738  AmdK8 - ok
14:51:40.0538 0x1738  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
14:51:40.0548 0x1738  AmdPPM - ok
14:51:40.0583 0x1738  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:51:40.0588 0x1738  amdsata - ok
14:51:40.0623 0x1738  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:51:40.0633 0x1738  amdsbs - ok
14:51:40.0653 0x1738  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:51:40.0658 0x1738  amdxata - ok
14:51:40.0728 0x1738  [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
14:51:40.0733 0x1738  AppHostSvc - ok
14:51:40.0783 0x1738  [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID           C:\Windows\system32\drivers\appid.sys
14:51:40.0793 0x1738  AppID - ok
14:51:40.0818 0x1738  [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:51:40.0823 0x1738  AppIDSvc - ok
14:51:40.0873 0x1738  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
14:51:40.0883 0x1738  Appinfo - ok
14:51:40.0923 0x1738  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:51:40.0948 0x1738  AppMgmt - ok
14:51:40.0988 0x1738  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
14:51:40.0993 0x1738  arc - ok
14:51:41.0068 0x1738  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:51:41.0078 0x1738  arcsas - ok
14:51:41.0183 0x1738  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:51:41.0208 0x1738  aspnet_state - ok
14:51:41.0243 0x1738  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:51:41.0263 0x1738  AsyncMac - ok
14:51:41.0288 0x1738  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:51:41.0298 0x1738  atapi - ok
14:51:41.0343 0x1738  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:51:41.0363 0x1738  AudioEndpointBuilder - ok
14:51:41.0388 0x1738  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:51:41.0403 0x1738  AudioSrv - ok
14:51:41.0433 0x1738  [ CDE60914D4ED81291F0CCFDB2CA311B9, 414D9BFF4E7DA17194695CB99B9E7F82C1616F4C228E6E9087208D290B9ED64D ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
14:51:41.0443 0x1738  Avgdiska - ok
14:51:41.0473 0x1738  [ CA10D51653068DB6A0ADEEDDC4946C47, 6E731B28C38ED2BA48CF4855EBBF8B548D45C8DB8ABD9521E5516227CA68072B ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys
14:51:41.0483 0x1738  Avgfwfd - ok
14:51:41.0573 0x1738  [ 5D589ACCB1D1E03DC251FD34A6F1E0AA, 023502B77251F726CCBEAC96E922273B0B1D4304271326AC4DBAC5A202832C43 ] avgfws          C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
14:51:41.0608 0x1738  avgfws - ok
14:51:41.0688 0x1738  [ 015F62C2F215D153DC2F403CA612328E, B77921AB0E37BBB872579A748A085AA28E150E182AFEC9058B5F7775D5F761E1 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
14:51:41.0743 0x1738  AVGIDSAgent - ok
14:51:41.0778 0x1738  [ E7E1A0AB30587BF3734A2EC66BBCE743, F2D662A2CC29B9B8C1D7AA3424CAAB18A78C60E9557D992EF14BC15DB1438B54 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
14:51:41.0788 0x1738  AVGIDSDriver - ok
14:51:41.0803 0x1738  [ 6805C3630FD401721200A9198553F09E, D81E5C126AFB9A51499C5794E9586175541D27B3A24FA24CDB5D1EFE43097FC6 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
14:51:41.0813 0x1738  AVGIDSHA - ok
14:51:41.0853 0x1738  [ 5980222218A0773E2994E524E5BA2464, 56B39A8FFBB87B898D7206DE4BCD1E51D64A38588BFFD264CD75A2CAC19E911A ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
14:51:41.0863 0x1738  Avgldx64 - ok
14:51:41.0908 0x1738  [ C16CBC8EF6D8CC426F6C18D450A016A7, A8011DDBA41AAA3466280732D45119C410753E3E4EFDB6C62AFAF35C72B7D38E ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
14:51:41.0918 0x1738  Avgloga - ok
14:51:41.0948 0x1738  [ 3BEAEEFEFF30C99EA22D0F3942291433, C2FC7AAA298E4FEBD84F6438ACCC3F483486B74F40C7228128D31BB1BED9853A ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
14:51:41.0958 0x1738  Avgmfx64 - ok
14:51:41.0983 0x1738  [ C4F9056928B26BCAF15872E46B29184F, 0A1574937D120B8872947C4C68F1706BB9713B0D00AD62BE8082499C944114BA ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
14:51:41.0988 0x1738  Avgrkx64 - ok
14:51:42.0008 0x1738  [ 0D9C55812B8F8FD8F073AC6C1AF2DFE6, A9880A6BB17E168330AD7C0FD6ABB4DA0D1FD7753A2EA31F2DBD015B0B84ED40 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
14:51:42.0023 0x1738  Avgtdia - ok
14:51:42.0068 0x1738  [ CE51A17F0F8CBC0A0EB20B4BA3A48937, D807C8615347BB1ED367AB903855EC46D2A3CF45385076AAEE3AAA9ABE4B2240 ] avgwd           C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
14:51:42.0078 0x1738  avgwd - ok
14:51:42.0163 0x1738  [ F161CF8F628130B464E6A908723D488C, 95D40B679C132989B6031CC566235033400DA88006CF258F1CEFFB0D105E3B5B ] AVMPowerlineService F:\Programme\Fritz\PowerlineService.exe
14:51:42.0168 0x1738  AVMPowerlineService - detected UnsignedFile.Multi.Generic ( 1 )
14:51:43.0784 0x085c  Object required for P2P: [ 6A050671F2C76FB48131F12786802807 ] AdobeFlashPlayerUpdateSvc
14:51:44.0694 0x1738  Detect skipped due to KSN trusted
14:51:44.0694 0x1738  AVMPowerlineService - ok
14:51:44.0779 0x1738  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:51:44.0794 0x1738  AxInstSV - ok
14:51:44.0839 0x1738  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:51:44.0854 0x1738  b06bdrv - ok
14:51:44.0879 0x1738  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:51:44.0889 0x1738  b57nd60a - ok
14:51:44.0904 0x1738  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:51:44.0914 0x1738  BDESVC - ok
14:51:44.0934 0x1738  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:51:44.0969 0x1738  Beep - ok
14:51:45.0024 0x1738  [ B1359701847FF1FF415FA083F1610F48, 991F995B9CF614549F5F7EB5C5B2D47F34EFF0F47B35C4BF4CE716666B9DA1D3 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
14:51:45.0024 0x1738  BEService - detected UnsignedFile.Multi.Generic ( 1 )
14:51:46.0384 0x085c  Object send P2P result: true
14:51:47.0564 0x1738  BEService ( UnsignedFile.Multi.Generic ) - warning
14:51:50.0471 0x1738  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
14:51:50.0491 0x1738  BFE - ok
14:51:50.0535 0x1738  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
14:51:50.0602 0x1738  BITS - ok
14:51:50.0632 0x1738  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:51:50.0637 0x1738  blbdrive - ok
14:51:50.0657 0x1738  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:51:50.0667 0x1738  bowser - ok
14:51:50.0687 0x1738  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
14:51:50.0697 0x1738  BrFiltLo - ok
14:51:50.0702 0x1738  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
14:51:50.0712 0x1738  BrFiltUp - ok
14:51:50.0757 0x1738  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
14:51:50.0767 0x1738  Browser - ok
14:51:50.0789 0x1738  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:51:50.0799 0x1738  Brserid - ok
14:51:50.0809 0x1738  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:51:50.0819 0x1738  BrSerWdm - ok
14:51:50.0839 0x1738  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:51:50.0849 0x1738  BrUsbMdm - ok
14:51:50.0869 0x1738  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:51:50.0878 0x1738  BrUsbSer - ok
14:51:51.0043 0x1738  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
14:51:51.0048 0x1738  BthEnum - ok
14:51:51.0073 0x1738  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:51:51.0088 0x1738  BTHMODEM - ok
14:51:51.0118 0x1738  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
14:51:51.0128 0x1738  BthPan - ok
14:51:51.0158 0x1738  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
14:51:51.0173 0x1738  BTHPORT - ok
14:51:51.0198 0x1738  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
14:51:51.0218 0x1738  bthserv - ok
14:51:51.0228 0x1738  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
14:51:51.0233 0x1738  BTHUSB - ok
14:51:51.0263 0x1738  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:51:51.0288 0x1738  cdfs - ok
14:51:51.0333 0x1738  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:51:51.0343 0x1738  cdrom - ok
14:51:51.0368 0x1738  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:51:51.0388 0x1738  CertPropSvc - ok
14:51:51.0463 0x1738  [ 8010F7A8C5CCD34120542DB3E0A37A14, F44922EEB9EDF527349BFC226B24AF1231EFE5BB1A6D4A4916B086CEB19092C1 ] chip1click      C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
14:51:51.0468 0x1738  chip1click - detected UnsignedFile.Multi.Generic ( 1 )
14:51:53.0959 0x1738  chip1click ( UnsignedFile.Multi.Generic ) - warning
14:51:56.0585 0x1738  [ 12DFF15C9BE0292E4B0A455BD7DEB021, 754A593782D638DCA7AA969138305FA3E5E8352882F15C5BAF958AFFA5BDF328 ] chromoting      C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
14:51:56.0590 0x1738  chromoting - ok
14:51:56.0615 0x1738  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
14:51:56.0625 0x1738  circlass - ok
14:51:56.0675 0x1738  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
14:51:56.0685 0x1738  CLFS - ok
14:51:56.0735 0x1738  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:51:56.0775 0x1738  clr_optimization_v2.0.50727_32 - ok
14:51:56.0810 0x1738  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:51:56.0817 0x1738  clr_optimization_v2.0.50727_64 - ok
14:51:56.0897 0x1738  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:51:56.0922 0x1738  clr_optimization_v4.0.30319_32 - ok
14:51:56.0937 0x1738  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:51:56.0957 0x1738  clr_optimization_v4.0.30319_64 - ok
14:51:56.0982 0x1738  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:51:56.0987 0x1738  CmBatt - ok
14:51:57.0042 0x1738  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:51:57.0047 0x1738  cmdide - ok
14:51:57.0167 0x1738  [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG             C:\Windows\system32\Drivers\cng.sys
14:51:57.0182 0x1738  CNG - ok
14:51:57.0247 0x1738  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
14:51:57.0252 0x1738  Compbatt - ok
14:51:57.0292 0x1738  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
14:51:57.0302 0x1738  CompositeBus - ok
14:51:57.0322 0x1738  COMSysApp - ok
14:51:58.0515 0x1738  [ 4D6AED006B4EE831C391D617EA725391, 7AAD2A6ED75CCACE0D143BBDFCD6848D21DF3EF899129EDE1918EB1C93626BE8 ] CoordinatorServiceHost F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
14:51:58.0520 0x1738  CoordinatorServiceHost - ok
14:51:58.0685 0x1738  [ DAC4D7D79C07957F237E1A4F24435E96, F0D5C21A403580D71F1F6B049C5BB043D3257D39FABCDE623E81CD48034610AC ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
14:51:58.0695 0x1738  cphs - ok
14:51:58.0755 0x1738  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:51:58.0765 0x1738  crcdisk - ok
14:51:58.0840 0x1738  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:51:58.0850 0x1738  CryptSvc - ok
14:51:58.0875 0x1738  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
14:51:58.0890 0x1738  CSC - ok
14:51:58.0925 0x1738  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
14:51:58.0940 0x1738  CscService - ok
14:51:58.0990 0x1738  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:51:59.0005 0x1738  DcomLaunch - ok
14:51:59.0015 0x1738  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:51:59.0040 0x1738  defragsvc - ok
14:51:59.0055 0x1738  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:51:59.0075 0x1738  DfsC - ok
14:51:59.0100 0x1738  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:51:59.0120 0x1738  Dhcp - ok
14:51:59.0200 0x1738  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
14:51:59.0230 0x1738  DiagTrack - ok
14:51:59.0270 0x1738  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
14:51:59.0290 0x1738  discache - ok
14:51:59.0345 0x1738  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
14:51:59.0350 0x1738  Disk - ok
14:51:59.0365 0x1738  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
14:51:59.0375 0x1738  dmvsc - ok
14:51:59.0395 0x1738  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:51:59.0405 0x1738  Dnscache - ok
14:51:59.0420 0x1738  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:51:59.0445 0x1738  dot3svc - ok
14:51:59.0480 0x1738  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
14:51:59.0500 0x1738  DPS - ok
14:51:59.0550 0x1738  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:51:59.0560 0x1738  drmkaud - ok
14:51:59.0590 0x1738  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:51:59.0600 0x1738  dtsoftbus01 - ok
14:51:59.0660 0x1738  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:51:59.0680 0x1738  DXGKrnl - ok
14:51:59.0705 0x1738  [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD, 967829CE37158020F6026C588260FCFC6F9852DDDACD622FAF7AB75121DF5B3D ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
14:51:59.0715 0x1738  E1G60 - ok
14:51:59.0747 0x1738  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
14:51:59.0767 0x1738  EapHost - ok
14:51:59.0847 0x1738  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:51:59.0902 0x1738  ebdrv - ok
14:51:59.0932 0x1738  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] EFS             C:\Windows\System32\lsass.exe
14:51:59.0937 0x1738  EFS - ok
14:51:59.0998 0x1738  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:52:00.0028 0x1738  ehRecvr - ok
14:52:00.0033 0x1738  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
14:52:00.0043 0x1738  ehSched - ok
14:52:00.0083 0x1738  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:52:00.0093 0x1738  elxstor - ok
14:52:00.0113 0x1738  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:52:00.0118 0x1738  ErrDev - ok
14:52:00.0158 0x1738  [ 39EC51A5BC3E1C0D438E8AC70956DE0A, 456AE9C6E059442CA627AAB667CA498AA6F6A6812A177DCCB36D9CC24F11231A ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
14:52:00.0168 0x1738  ETD - ok
14:52:00.0218 0x1738  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
14:52:00.0243 0x1738  EventSystem - ok
14:52:00.0283 0x1738  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:52:00.0308 0x1738  exfat - ok
14:52:00.0343 0x1738  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:52:00.0363 0x1738  fastfat - ok
14:52:00.0408 0x1738  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
14:52:00.0428 0x1738  Fax - ok
14:52:00.0443 0x1738  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
14:52:00.0448 0x1738  fdc - ok
14:52:00.0478 0x1738  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
14:52:00.0503 0x1738  fdPHost - ok
14:52:00.0503 0x1738  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:52:00.0528 0x1738  FDResPub - ok
14:52:00.0548 0x1738  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:52:00.0558 0x1738  FileInfo - ok
14:52:00.0563 0x1738  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:52:00.0588 0x1738  Filetrace - ok
14:52:00.0703 0x1738  [ 00EDB531DFB127197D625204B138269B, 0CE6536344CE30F06C6CD04BEB202C935B10439200B9CE792B4440D2EE3CB9D9 ] FlexNet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
14:52:00.0723 0x1738  FlexNet Licensing Service - ok
14:52:00.0813 0x1738  [ 668D43EFEB7F129584100CF6320E8A6F, 093254127A63420F93001BA63CF323AA4C17A38914D5B991E31F3B8C1971E9D7 ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
14:52:00.0838 0x1738  FlexNet Licensing Service 64 - ok
14:52:00.0853 0x1738  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
14:52:00.0858 0x1738  flpydisk - ok
14:52:00.0878 0x1738  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:52:00.0888 0x1738  FltMgr - ok
14:52:00.0953 0x1738  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
14:52:00.0978 0x1738  FontCache - ok
14:52:01.0008 0x1738  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:52:01.0013 0x1738  FontCache3.0.0.0 - ok
14:52:01.0028 0x1738  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:52:01.0033 0x1738  FsDepends - ok
14:52:01.0058 0x1738  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:52:01.0068 0x1738  Fs_Rec - ok
14:52:01.0098 0x1738  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:52:01.0113 0x1738  fvevol - ok
14:52:01.0148 0x1738  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:52:01.0158 0x1738  gagp30kx - ok
14:52:01.0243 0x1738  [ CBD39E74C61C3A3EF695DB25792F32E6, 95454F245DB818227BFE92EBA927A68FA78FB87E7BF5C28761046FF36C56CF32 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
14:52:01.0268 0x1738  GfExperienceService - ok
14:52:01.0313 0x1738  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:52:01.0343 0x1738  gpsvc - ok
14:52:01.0393 0x1738  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:52:01.0403 0x1738  gupdate - ok
14:52:01.0403 0x1738  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:52:01.0408 0x1738  gupdatem - ok
14:52:01.0448 0x1738  [ 9D327D726F1F805CCC33AD7D40B01747, 4EC94313FE623D478D66686E4028D3D100704B1E4E54B45224E3817D01CFF631 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
14:52:01.0458 0x1738  hamachi - ok
14:52:01.0498 0x1738  Hamachi2Svc - ok
14:52:01.0548 0x1738  [ BDDBCFF870442B3C24C158CD53079132, 62314C296ACF1EF9EB38FB70B66B57D1BB9917C8536B39892272D172BC58A5C3 ] hcmon           C:\Windows\system32\drivers\hcmon.sys
14:52:01.0558 0x1738  hcmon - ok
14:52:01.0573 0x1738  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:52:01.0583 0x1738  hcw85cir - ok
14:52:01.0623 0x1738  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:52:01.0638 0x1738  HdAudAddService - ok
14:52:01.0648 0x1738  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:52:01.0658 0x1738  HDAudBus - ok
14:52:01.0673 0x1738  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
14:52:01.0683 0x1738  HidBatt - ok
14:52:01.0693 0x1738  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:52:01.0703 0x1738  HidBth - ok
14:52:01.0723 0x1738  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:52:01.0733 0x1738  HidIr - ok
14:52:01.0758 0x1738  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
14:52:01.0778 0x1738  hidserv - ok
14:52:01.0823 0x1738  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:52:01.0833 0x1738  HidUsb - ok
14:52:01.0868 0x1738  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:52:01.0888 0x1738  hkmsvc - ok
14:52:01.0903 0x1738  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:52:01.0918 0x1738  HomeGroupListener - ok
14:52:01.0928 0x1738  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:52:01.0938 0x1738  HomeGroupProvider - ok
14:52:01.0983 0x1738  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:52:01.0988 0x1738  HpSAMD - ok
14:52:02.0053 0x1738  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:52:02.0073 0x1738  HTTP - ok
14:52:02.0088 0x1738  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:52:02.0098 0x1738  hwpolicy - ok
14:52:02.0103 0x1738  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:52:02.0113 0x1738  i8042prt - ok
14:52:02.0148 0x1738  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:52:02.0163 0x1738  iaStorV - ok
14:52:02.0218 0x1738  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:52:02.0238 0x1738  idsvc - ok
14:52:02.0248 0x1738  IEEtwCollectorService - ok
14:52:02.0798 0x1738  [ 5863E2DD2E5C2D1B1F70C3826C162A7B, A6A0DBFA91F53D116AFFC1644F636A9D33A20B00A842A190190584F8AE2D1FF0 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:52:02.0878 0x1738  igfx - ok
14:52:02.0923 0x1738  [ C5202C7669226FF13A74228BD42AD982, BA843DEF6649DF34F9D0D0A380E77557D7785B8239A61EA33EFF08AEF0C8E6DE ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
14:52:02.0938 0x1738  igfxCUIService1.0.0.0 - ok
14:52:02.0968 0x1738  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:52:02.0973 0x1738  iirsp - ok
14:52:03.0033 0x1738  [ AB55B8A9B13130F638546881CE4425F8, 8427E67BE02ECABAA3F0C48BD4205BCBD4C978B48AE4E7336DA5821DFC49029E ] IISADMIN        C:\Windows\system32\inetsrv\inetinfo.exe
14:52:03.0043 0x1738  IISADMIN - ok
14:52:03.0133 0x1738  [ C5E4602D85029C666A42890A3B2DFA45, 0D462704C507A83CB447AA0DF8A9FFAE2A16DD2D6882798E26C03F8B2C8A2C62 ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
14:52:03.0138 0x1738  IJPLMSVC - ok
14:52:03.0178 0x1738  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
14:52:03.0198 0x1738  IKEEXT - ok
14:52:03.0313 0x1738  [ D739148367AAE1DA0C12160DE141ECED, 471E6EA03F2BD7DD1E2812B56EFB00EDDCAA87E974833B75114B8EE93DC358A5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:52:03.0368 0x1738  IntcAzAudAddService - ok
14:52:03.0408 0x1738  [ 9D01DDF5EA8494BBCBB73FF385E35D35, C575DC65275BEA8558A855C7DC6CFA84BD7F48D24BB0C522084E89DDC5CB02A7 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
14:52:03.0423 0x1738  IntcDAud - ok
14:52:03.0453 0x1738  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:52:03.0458 0x1738  intelide - ok
14:52:03.0478 0x1738  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:52:03.0488 0x1738  intelppm - ok
14:52:03.0523 0x1738  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:52:03.0548 0x1738  IPBusEnum - ok
14:52:03.0558 0x1738  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:52:03.0578 0x1738  IpFilterDriver - ok
14:52:03.0638 0x1738  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:52:03.0653 0x1738  iphlpsvc - ok
14:52:03.0668 0x1738  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:52:03.0678 0x1738  IPMIDRV - ok
14:52:03.0693 0x1738  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:52:03.0718 0x1738  IPNAT - ok
14:52:03.0748 0x1738  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:52:03.0758 0x1738  IRENUM - ok
14:52:03.0773 0x1738  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:52:03.0778 0x1738  isapnp - ok
14:52:03.0813 0x1738  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:52:03.0823 0x1738  iScsiPrt - ok
14:52:03.0843 0x1738  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:52:03.0850 0x1738  kbdclass - ok
14:52:03.0871 0x1738  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:52:03.0876 0x1738  kbdhid - ok
14:52:03.0896 0x1738  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] KeyIso          C:\Windows\system32\lsass.exe
14:52:03.0906 0x1738  KeyIso - ok
14:52:03.0936 0x1738  [ 0878723427BA190E5ABA5AA0112FA4D4, E332C83D3F4DF71761AA3DAC2C721FC2029F71ECC88A66E175BA56510855C4D4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:52:03.0946 0x1738  KSecDD - ok
14:52:03.0956 0x1738  [ C08CCCE2BE68D04E6C142614736959DA, AEC0AFC5C28DDC14DD6918BB6E236FA1C85CC30D69DA9AE40F9962D88248040F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:52:03.0961 0x1738  KSecPkg - ok
14:52:03.0971 0x1738  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:52:03.0991 0x1738  ksthunk - ok
14:52:04.0026 0x1738  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:52:04.0051 0x1738  KtmRm - ok
14:52:04.0091 0x1738  [ A6131EE7C440992458688C7D0989C584, 94FEB4A6677262BAA590F77329141D9F539D3466D6E9473D639880AA6D5A103C ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
14:52:04.0096 0x1738  L1C - ok
14:52:04.0156 0x1738  [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
14:52:04.0166 0x1738  LADF_CaptureOnly - ok
14:52:04.0181 0x1738  [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
14:52:04.0191 0x1738  LADF_RenderOnly - ok
14:52:04.0226 0x1738  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:52:04.0251 0x1738  LanmanServer - ok
14:52:04.0291 0x1738  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:52:04.0316 0x1738  LanmanWorkstation - ok
14:52:04.0376 0x1738  [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
14:52:04.0386 0x1738  LGBusEnum - ok
14:52:04.0401 0x1738  [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore     C:\Windows\system32\drivers\LGJoyXlCore.sys
14:52:04.0411 0x1738  LGJoyXlCore - ok
14:52:04.0441 0x1738  [ 8F4DA100274CF85D94FBA8CA76125255, 1ADA7C36C915CB9BD41CF291F8E6990746A83F4D2ABCC5CAF765A3CE388BE5E5 ] LGSUsbFilt      C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys
14:52:04.0446 0x1738  LGSUsbFilt - ok
14:52:04.0491 0x1738  [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
14:52:04.0501 0x1738  LGVirHid - ok
14:52:04.0531 0x1738  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:52:04.0556 0x1738  lltdio - ok
14:52:04.0591 0x1738  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:52:04.0616 0x1738  lltdsvc - ok
14:52:04.0641 0x1738  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:52:04.0666 0x1738  lmhosts - ok
14:52:04.0691 0x1738  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:52:04.0696 0x1738  LSI_FC - ok
14:52:04.0726 0x1738  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:52:04.0736 0x1738  LSI_SAS - ok
14:52:04.0746 0x1738  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:52:04.0751 0x1738  LSI_SAS2 - ok
14:52:04.0761 0x1738  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:52:04.0771 0x1738  LSI_SCSI - ok
14:52:04.0796 0x1738  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:52:04.0821 0x1738  luafv - ok
14:52:04.0841 0x1738  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
14:52:04.0846 0x1738  MBfilt - ok
14:52:04.0875 0x1738  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:52:04.0885 0x1738  Mcx2Svc - ok
14:52:04.0905 0x1738  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:52:04.0915 0x1738  megasas - ok
14:52:04.0935 0x1738  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:52:04.0945 0x1738  MegaSR - ok
14:52:04.0980 0x1738  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
14:52:04.0990 0x1738  MEIx64 - ok
14:52:05.0000 0x1738  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
14:52:05.0025 0x1738  MMCSS - ok
14:52:05.0035 0x1738  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
14:52:05.0055 0x1738  Modem - ok
14:52:05.0070 0x1738  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:52:05.0080 0x1738  monitor - ok
14:52:05.0105 0x1738  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:52:05.0110 0x1738  mouclass - ok
14:52:05.0130 0x1738  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:52:05.0135 0x1738  mouhid - ok
14:52:05.0175 0x1738  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:52:05.0185 0x1738  mountmgr - ok
14:52:05.0265 0x1738  [ 98DA127D0AB8B6CB5773546AF60D9217, BB07F34552342CA40E843F80AA32C928C29EF81789605E53C795EFD564F2DA7F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:52:05.0275 0x1738  MozillaMaintenance - ok
14:52:05.0305 0x1738  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:52:05.0315 0x1738  mpio - ok
14:52:05.0330 0x1738  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:52:05.0350 0x1738  mpsdrv - ok
14:52:05.0390 0x1738  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:52:05.0420 0x1738  MpsSvc - ok
14:52:05.0455 0x1738  [ CD22D2563039DDA6793F7624719363A7, 82C91467EDCB61B1DD086A1D25925E4D89E43EF6EFAE3C59AFF3D73280119AF6 ] MQAC            C:\Windows\system32\drivers\mqac.sys
14:52:05.0465 0x1738  MQAC - ok
14:52:05.0490 0x1738  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:52:05.0500 0x1738  MRxDAV - ok
14:52:05.0530 0x1738  [ 035C0A9A63DF3F3A52B90D8F6BF0F166, F409C8A31156E31A6D16D2B34EEE3098CE0D76A4DB7B49810EDDA2E2E19B2E26 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:52:05.0540 0x1738  mrxsmb - ok
14:52:05.0575 0x1738  [ 8308FC2E9147D7632221E3279BB14660, 3051FF91493FD03B7EDD4EDB23B2DE8DD7E03D46E231BC5925502BE98E78B1CB ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:52:05.0585 0x1738  mrxsmb10 - ok
14:52:05.0615 0x1738  [ 1F8DA4ECAEA7E2BCD97E738795817431, FBEF64C7067F5AFF864EF7E220C8A47AC43EB0BFD9A4E4C908F9D9D159AC5139 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:52:05.0625 0x1738  mrxsmb20 - ok
14:52:05.0655 0x1738  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:52:05.0660 0x1738  msahci - ok
14:52:05.0690 0x1738  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:52:05.0700 0x1738  msdsm - ok
14:52:05.0705 0x1738  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
14:52:05.0720 0x1738  MSDTC - ok
14:52:05.0755 0x1738  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:52:05.0775 0x1738  Msfs - ok
14:52:05.0785 0x1738  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:52:05.0805 0x1738  mshidkmdf - ok
14:52:05.0810 0x1738  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:52:05.0820 0x1738  msisadrv - ok
14:52:05.0855 0x1738  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:52:05.0880 0x1738  MSiSCSI - ok
14:52:05.0880 0x1738  msiserver - ok
14:52:05.0900 0x1738  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:52:05.0920 0x1738  MSKSSRV - ok
14:52:05.0965 0x1738  [ FAAEAEF99E53561BEEE58F946CA56F0D, 78AC692C4B80616E4C44ED20954B8D2FCE2215056C2ED3522123E5B50A7CE67A ] MSMQ            C:\Windows\system32\mqsvc.exe
14:52:05.0975 0x1738  MSMQ - ok
14:52:05.0990 0x1738  [ 59ED174FD4314B0218DC91F9BFA6CD3D, 13B95FA9892D09341CE46FA7EEB01FF9C88AA9DCB8FBF0A73FFAE567AAA4E02A ] MSMQTriggers    C:\Windows\system32\mqtgsvc.exe
14:52:06.0000 0x1738  MSMQTriggers - ok
14:52:06.0015 0x1738  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:52:06.0040 0x1738  MSPCLOCK - ok
14:52:06.0070 0x1738  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:52:06.0095 0x1738  MSPQM - ok
14:52:06.0110 0x1738  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:52:06.0120 0x1738  MsRPC - ok
14:52:06.0138 0x1738  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
14:52:06.0145 0x1738  mssmbios - ok
14:52:06.0152 0x1738  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:52:06.0170 0x1738  MSTEE - ok
14:52:06.0180 0x1738  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
14:52:06.0190 0x1738  MTConfig - ok
14:52:06.0200 0x1738  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
14:52:06.0210 0x1738  Mup - ok
14:52:06.0240 0x1738  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
14:52:06.0265 0x1738  napagent - ok
14:52:06.0290 0x1738  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:52:06.0305 0x1738  NativeWifiP - ok
14:52:06.0350 0x1738  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:52:06.0370 0x1738  NDIS - ok
14:52:06.0385 0x1738  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:52:06.0405 0x1738  NdisCap - ok
14:52:06.0430 0x1738  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:52:06.0450 0x1738  NdisTapi - ok
14:52:06.0465 0x1738  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:52:06.0485 0x1738  Ndisuio - ok
14:52:06.0495 0x1738  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:52:06.0520 0x1738  NdisWan - ok
14:52:06.0530 0x1738  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:52:06.0555 0x1738  NDProxy - ok
14:52:06.0570 0x1738  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:52:06.0590 0x1738  NetBIOS - ok
14:52:06.0605 0x1738  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:52:06.0630 0x1738  NetBT - ok
14:52:06.0650 0x1738  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] Netlogon        C:\Windows\system32\lsass.exe
14:52:06.0660 0x1738  Netlogon - ok
14:52:06.0695 0x1738  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
14:52:06.0720 0x1738  Netman - ok
14:52:06.0785 0x1738  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:52:06.0795 0x1738  NetMsmqActivator - ok
14:52:06.0800 0x1738  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:52:06.0810 0x1738  NetPipeActivator - ok
14:52:06.0835 0x1738  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
14:52:06.0860 0x1738  netprofm - ok
14:52:06.0875 0x1738  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:52:06.0885 0x1738  NetTcpActivator - ok
14:52:06.0890 0x1738  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:52:06.0900 0x1738  NetTcpPortSharing - ok
14:52:06.0920 0x1738  [ 1D0FA98056D436B14C2BBBF450B59866, 51B796C9AE64079A9F07FD0645488043B942A141CB2FFAB3D36010FFF4BA770F ] networx         C:\Windows\system32\drivers\networx.sys
14:52:06.0930 0x1738  networx - ok
14:52:06.0965 0x1738  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:52:06.0970 0x1738  nfrd960 - ok
14:52:07.0111 0x1738  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:52:07.0121 0x1738  NlaSvc - ok
14:52:07.0361 0x1738  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf             C:\Windows\system32\drivers\npf.sys
14:52:07.0366 0x1738  npf - ok
14:52:07.0381 0x1738  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:52:07.0421 0x1738  Npfs - ok
14:52:07.0431 0x1738  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
14:52:07.0451 0x1738  nsi - ok
14:52:07.0501 0x1738  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:52:07.0521 0x1738  nsiproxy - ok
14:52:07.0681 0x1738  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:52:07.0716 0x1738  Ntfs - ok
14:52:07.0741 0x1738  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
14:52:07.0766 0x1738  Null - ok
14:52:08.0261 0x1738  [ DA35308DEDB50C91EFD46B42F991DE26, 86E72D446014ED655E3DD2BB85A1A21BF0BF3C0EE5266E8E3D893FCDE25F9BE4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:52:08.0451 0x1738  nvlddmkm - ok
14:52:08.0541 0x1738  [ 855093AFA0B795914D6DD5EF4796D38C, A19B94449DBA50BCC2C09D42DEA1BF29CEF3C79B8F7F384904189A579AAA85A0 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
14:52:08.0576 0x1738  NvNetworkService - ok
14:52:08.0606 0x1738  [ 125610D6C319C94D161CF58D525F6E68, 6148EC12096219466C7969B8AD790F97A20B5033C7B212E8EACD74AB85BBD7F9 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
14:52:08.0611 0x1738  nvpciflt - ok
14:52:08.0651 0x1738  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:52:08.0656 0x1738  nvraid - ok
14:52:08.0686 0x1738  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:52:08.0691 0x1738  nvstor - ok
14:52:08.0766 0x1738  [ BD96CA245DA2933BB68605D0C2075A72, E406CD97FA1A640C1C5FE01B360A0A9DED6E696F2765E395C16AAFF59F24B7B4 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
14:52:08.0776 0x1738  NvStreamKms - ok
14:52:08.0946 0x1738  [ CF27CDA72455B4A7853ED98CFC57218A, D66C3AECF8AAE38ED2DAFF9ABB38FE0301A85375250A8CDEF50F68DECE8BBC64 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
14:52:09.0046 0x1738  NvStreamNetworkSvc - ok
14:52:09.0171 0x1738  [ 40BA84AD3348573609095D8F3FD2DA9F, FF68F2352AFCB8C278A2E704F3E9DCC4393299DEAECD9ACF96F2D7FD9830EDF1 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
14:52:09.0251 0x1738  NvStreamSvc - ok
14:52:09.0306 0x1738  [ A9FE27CA00E66C455520E8B75883B630, D2FEFC75C0881ECC0A80EA2DD92DD9D2A28EB26F81085F8C17DCEA3F717D86E9 ] nvsvc           C:\Windows\system32\nvvsvc.exe
14:52:09.0331 0x1738  nvsvc - ok
14:52:09.0361 0x1738  [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
14:52:09.0366 0x1738  nvvad_WaveExtensible - ok
14:52:09.0391 0x1738  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:52:09.0401 0x1738  nv_agp - ok
14:52:09.0421 0x1738  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:52:09.0431 0x1738  ohci1394 - ok
14:52:09.0511 0x1738  [ 4DE56CE5F4F191C6F040B6C8AA776794, 19E61A561AEE7B49C6B0915EE0FA66047930D46B5FF233608F368A5FF824A156 ] OpenVPNService  F:\Programme\OpenVPN\bin\openvpnserv.exe
14:52:09.0516 0x1738  OpenVPNService - ok
14:52:09.0566 0x1738  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:52:09.0576 0x1738  ose - ok
14:52:09.0681 0x1738  [ 705E5D37BDCB2236923E517D8338F587, D2A2605F15A12B65ED8EA0A0F818368D440FD7C9C8C4F6D28092D671A51C86DB ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
14:52:09.0701 0x1738  OverwolfUpdater - ok
14:52:09.0726 0x1738  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:52:09.0741 0x1738  p2pimsvc - ok
14:52:09.0776 0x1738  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
14:52:09.0786 0x1738  p2psvc - ok
14:52:09.0811 0x1738  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
14:52:09.0821 0x1738  Parport - ok
14:52:09.0841 0x1738  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:52:09.0851 0x1738  partmgr - ok
14:52:09.0921 0x1738  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:52:09.0936 0x1738  PcaSvc - ok
14:52:09.0996 0x1738  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
14:52:10.0006 0x1738  pci - ok
14:52:10.0021 0x1738  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:52:10.0031 0x1738  pciide - ok
14:52:10.0051 0x1738  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:52:10.0061 0x1738  pcmcia - ok
14:52:10.0066 0x1738  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:52:10.0076 0x1738  pcw - ok
14:52:10.0121 0x1738  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:52:10.0141 0x1738  PEAUTH - ok
14:52:10.0191 0x1738  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:52:10.0221 0x1738  PeerDistSvc - ok
14:52:10.0291 0x1738  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:52:10.0301 0x1738  PerfHost - ok
14:52:10.0341 0x1738  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
14:52:10.0381 0x1738  pla - ok
14:52:10.0431 0x1738  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:52:10.0446 0x1738  PlugPlay - ok
14:52:10.0451 0x1738  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:52:10.0461 0x1738  PNRPAutoReg - ok
14:52:10.0481 0x1738  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:52:10.0496 0x1738  PNRPsvc - ok
14:52:10.0531 0x1738  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:52:10.0561 0x1738  PolicyAgent - ok
14:52:10.0576 0x1738  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
14:52:10.0601 0x1738  Power - ok
14:52:10.0626 0x1738  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:52:10.0646 0x1738  PptpMiniport - ok
14:52:10.0656 0x1738  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
14:52:10.0666 0x1738  Processor - ok
14:52:10.0681 0x1738  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:52:10.0691 0x1738  ProfSvc - ok
14:52:10.0706 0x1738  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:52:10.0711 0x1738  ProtectedStorage - ok
14:52:10.0741 0x1738  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:52:10.0761 0x1738  Psched - ok
14:52:10.0816 0x1738  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:52:10.0846 0x1738  ql2300 - ok
14:52:10.0872 0x1738  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:52:10.0882 0x1738  ql40xx - ok
14:52:10.0907 0x1738  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
14:52:10.0922 0x1738  QWAVE - ok
14:52:10.0932 0x1738  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:52:10.0942 0x1738  QWAVEdrv - ok
14:52:10.0952 0x1738  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:52:10.0977 0x1738  RasAcd - ok
14:52:11.0012 0x1738  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:52:11.0032 0x1738  RasAgileVpn - ok
14:52:11.0058 0x1738  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
14:52:11.0081 0x1738  RasAuto - ok
14:52:11.0091 0x1738  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:52:11.0116 0x1738  Rasl2tp - ok
14:52:11.0136 0x1738  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
14:52:11.0161 0x1738  RasMan - ok
14:52:11.0176 0x1738  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:52:11.0196 0x1738  RasPppoe - ok
14:52:11.0211 0x1738  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:52:11.0236 0x1738  RasSstp - ok
14:52:11.0261 0x1738  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:52:11.0286 0x1738  rdbss - ok
14:52:11.0301 0x1738  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:52:11.0308 0x1738  rdpbus - ok
14:52:11.0354 0x1738  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:52:11.0379 0x1738  RDPCDD - ok
14:52:11.0402 0x1738  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:52:11.0412 0x1738  RDPDR - ok
14:52:11.0417 0x1738  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:52:11.0437 0x1738  RDPENCDD - ok
14:52:11.0452 0x1738  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:52:11.0472 0x1738  RDPREFMP - ok
14:52:11.0538 0x1738  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:52:11.0546 0x1738  RdpVideoMiniport - ok
14:52:11.0567 0x1738  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:52:11.0579 0x1738  RDPWD - ok
14:52:11.0614 0x1738  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:52:11.0624 0x1738  rdyboost - ok
14:52:11.0646 0x1738  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:52:11.0668 0x1738  RemoteAccess - ok
14:52:11.0683 0x1738  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:52:11.0708 0x1738  RemoteRegistry - ok
14:52:11.0743 0x1738  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
14:52:11.0753 0x1738  RFCOMM - ok
14:52:11.0788 0x1738  [ 5BD6B1EC997FF3DD779D62E05D2079A8, BE4BDE29C134BAEDE4D35C777F2C6195F8C12FEF4583FAD2A442F8D1678B7FF7 ] RMCAST          C:\Windows\system32\DRIVERS\RMCAST.sys
14:52:11.0798 0x1738  RMCAST - ok
14:52:11.0808 0x1738  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:52:11.0828 0x1738  RpcEptMapper - ok
14:52:11.0843 0x1738  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
14:52:11.0853 0x1738  RpcLocator - ok
14:52:11.0885 0x1738  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
14:52:11.0905 0x1738  RpcSs - ok
14:52:11.0923 0x1738  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:52:11.0948 0x1738  rspndr - ok
14:52:11.0983 0x1738  [ 135A64530D7699AD48F29D73A658DD11, 35838AE8ACFD9047C68DD0C8910557A82998E5CD778D5B98D4767AFA4BCE85BB ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
14:52:11.0993 0x1738  RSUSBSTOR - ok
14:52:12.0038 0x1738  [ F84917461BDB7C51B2ED7FF062B3A64A, 0DC81BA49BDDB4F425F526A21357E1CF70C94D67E99B3020E9FF14B680851EEC ] RTWlanE         C:\Windows\system32\DRIVERS\rtwlane.sys
14:52:12.0068 0x1738  RTWlanE - ok
14:52:12.0087 0x1738  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
14:52:12.0098 0x1738  s3cap - ok
14:52:12.0112 0x1738  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] SamSs           C:\Windows\system32\lsass.exe
14:52:12.0119 0x1738  SamSs - ok
14:52:12.0138 0x1738  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:52:12.0148 0x1738  sbp2port - ok
14:52:12.0168 0x1738  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:52:12.0198 0x1738  SCardSvr - ok
14:52:12.0213 0x1738  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:52:12.0238 0x1738  scfilter - ok
14:52:12.0288 0x1738  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
14:52:12.0318 0x1738  Schedule - ok
14:52:12.0338 0x1738  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:52:12.0358 0x1738  SCPolicySvc - ok
14:52:12.0383 0x1738  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:52:12.0393 0x1738  SDRSVC - ok
14:52:12.0414 0x1738  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:52:12.0431 0x1738  secdrv - ok
14:52:12.0452 0x1738  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
14:52:12.0461 0x1738  seclogon - ok
14:52:12.0468 0x1738  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
14:52:12.0493 0x1738  SENS - ok
14:52:12.0503 0x1738  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:52:12.0512 0x1738  SensrSvc - ok
14:52:12.0521 0x1738  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
14:52:12.0530 0x1738  Serenum - ok
14:52:12.0551 0x1738  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
14:52:12.0561 0x1738  Serial - ok
14:52:12.0586 0x1738  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:52:12.0596 0x1738  sermouse - ok
14:52:12.0628 0x1738  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:52:12.0653 0x1738  SessionEnv - ok
14:52:12.0663 0x1738  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:52:12.0673 0x1738  sffdisk - ok
14:52:12.0683 0x1738  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:52:12.0692 0x1738  sffp_mmc - ok
14:52:12.0729 0x1738  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:52:12.0739 0x1738  sffp_sd - ok
14:52:12.0793 0x1738  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:52:12.0801 0x1738  sfloppy - ok
14:52:12.0924 0x1738  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:52:12.0952 0x1738  SharedAccess - ok
14:52:12.0985 0x1738  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:52:13.0014 0x1738  ShellHWDetection - ok
14:52:13.0042 0x1738  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:52:13.0050 0x1738  SiSRaid2 - ok
14:52:13.0068 0x1738  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:52:13.0075 0x1738  SiSRaid4 - ok
14:52:13.0160 0x1738  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:52:13.0172 0x1738  SkypeUpdate - ok
14:52:13.0199 0x1738  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:52:13.0223 0x1738  Smb - ok
14:52:13.0270 0x1738  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:52:13.0280 0x1738  SNMPTRAP - ok
14:52:13.0355 0x1738  [ 4945020BC094C322571184A6E8056B3A, 9E09257411F7C3631537D0198E0E64CDD1A697D80430F6379139B15A2BA8A6C9 ] SolidWorks Licensing Service C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
14:52:13.0359 0x1738  SolidWorks Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
14:52:15.0960 0x1738  Detect skipped due to KSN trusted
14:52:15.0960 0x1738  SolidWorks Licensing Service - ok
14:52:16.0011 0x1738  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:52:16.0018 0x1738  spldr - ok
14:52:16.0054 0x1738  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
14:52:16.0071 0x1738  Spooler - ok
14:52:16.0166 0x1738  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:52:16.0243 0x1738  sppsvc - ok
14:52:16.0261 0x1738  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:52:16.0284 0x1738  sppuinotify - ok
14:52:16.0314 0x1738  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:52:16.0330 0x1738  srv - ok
14:52:16.0346 0x1738  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:52:16.0360 0x1738  srv2 - ok
14:52:16.0370 0x1738  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:52:16.0380 0x1738  srvnet - ok
14:52:16.0408 0x1738  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:52:16.0435 0x1738  SSDPSRV - ok
14:52:16.0444 0x1738  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:52:16.0469 0x1738  SstpSvc - ok
14:52:16.0547 0x1738  [ 591249EA969797C2A24629AF7C71A6F8, 61F28FB495657916514DE2A7FFD4AD833A1B2BBA5591616BE0C9CCD7DAFA40B7 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:52:16.0564 0x1738  Steam Client Service - ok
14:52:16.0587 0x1738  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:52:16.0594 0x1738  stexstor - ok
14:52:16.0631 0x1738  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
14:52:16.0652 0x1738  stisvc - ok
14:52:16.0668 0x1738  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
14:52:16.0673 0x1738  storflt - ok
14:52:16.0703 0x1738  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
14:52:16.0712 0x1738  StorSvc - ok
14:52:16.0735 0x1738  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:52:16.0742 0x1738  storvsc - ok
14:52:16.0756 0x1738  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
14:52:16.0761 0x1738  swenum - ok
14:52:16.0786 0x1738  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
14:52:16.0816 0x1738  swprv - ok
14:52:16.0826 0x1738  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\Synth3dVsc.sys
14:52:16.0836 0x1738  Synth3dVsc - ok
14:52:16.0906 0x1738  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
14:52:16.0941 0x1738  SysMain - ok
14:52:16.0961 0x1738  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:52:16.0979 0x1738  TabletInputService - ok
14:52:17.0044 0x1738  [ 134B275751051C5D03F9ACCDC4F8CAAB, D50F96485AF6F26EA9A5A3A2ADEACC2DFD3B2ABCDAB88195B75CC72EAC543BE2 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
14:52:17.0052 0x1738  tap0901 - ok
14:52:17.0090 0x1738  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:52:17.0116 0x1738  TapiSrv - ok
14:52:17.0230 0x1738  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:52:17.0264 0x1738  Tcpip - ok
14:52:17.0330 0x1738  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:52:17.0364 0x1738  TCPIP6 - ok
14:52:17.0389 0x1738  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:52:17.0399 0x1738  tcpipreg - ok
14:52:17.0424 0x1738  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:52:17.0434 0x1738  TDPIPE - ok
14:52:17.0454 0x1738  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:52:17.0464 0x1738  TDTCP - ok
14:52:17.0494 0x1738  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:52:17.0504 0x1738  tdx - ok
14:52:17.0679 0x1738  [ 97F6FFB8A305A77D25C6C0E07B71D252, 97C5FC73A250FC2016E29148A6A37E54BD74AE983D99AAF4890C059719C93EC2 ] TeamViewer9     F:\Programme\Neuer Ordner\TeamViewer_Service.exe
14:52:17.0758 0x1738  TeamViewer9 - ok
14:52:17.0798 0x1738  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
14:52:17.0808 0x1738  TermDD - ok
14:52:17.0840 0x1738  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
14:52:17.0847 0x1738  terminpt - ok
14:52:17.0878 0x1738  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
14:52:17.0897 0x1738  TermService - ok
14:52:17.0912 0x1738  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
14:52:17.0924 0x1738  Themes - ok
14:52:17.0941 0x1738  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
14:52:17.0966 0x1738  THREADORDER - ok
14:52:18.0001 0x1738  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
14:52:18.0021 0x1738  TrkWks - ok
14:52:18.0136 0x1738  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:52:18.0156 0x1738  TrustedInstaller - ok
14:52:18.0210 0x1738  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:52:18.0215 0x1738  tssecsrv - ok
14:52:18.0245 0x1738  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:52:18.0255 0x1738  TsUsbFlt - ok
14:52:18.0285 0x1738  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
14:52:18.0295 0x1738  TsUsbGD - ok
14:52:18.0320 0x1738  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
14:52:18.0330 0x1738  tsusbhub - ok
14:52:18.0355 0x1738  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:52:18.0380 0x1738  tunnel - ok
14:52:18.0395 0x1738  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:52:18.0400 0x1738  uagp35 - ok
14:52:18.0420 0x1738  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:52:18.0445 0x1228  Object required for P2P: [ CF27CDA72455B4A7853ED98CFC57218A ] NvStreamNetworkSvc
14:52:18.0450 0x1738  udfs - ok
14:52:18.0470 0x1738  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:52:18.0480 0x1738  UI0Detect - ok
14:52:18.0500 0x1738  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:52:18.0510 0x1738  uliagpkx - ok
14:52:18.0530 0x1738  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:52:18.0540 0x1738  umbus - ok
14:52:18.0565 0x1738  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
14:52:18.0570 0x1738  UmPass - ok
14:52:18.0585 0x1738  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
14:52:18.0595 0x1738  UmRdpService - ok
14:52:18.0610 0x1738  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
14:52:18.0635 0x1738  upnphost - ok
14:52:18.0660 0x1738  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:52:18.0665 0x1738  usbaudio - ok
14:52:18.0710 0x1738  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:52:18.0715 0x1738  usbccgp - ok
14:52:18.0735 0x1738  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:52:18.0745 0x1738  usbcir - ok
14:52:18.0760 0x1738  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:52:18.0765 0x1738  usbehci - ok
14:52:18.0790 0x1738  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:52:18.0805 0x1738  usbhub - ok
14:52:18.0820 0x1738  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:52:18.0830 0x1738  usbohci - ok
14:52:18.0864 0x1738  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:52:18.0873 0x1738  usbprint - ok
14:52:18.0895 0x1738  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
14:52:18.0900 0x1738  usbscan - ok
14:52:18.0940 0x1738  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
14:52:18.0945 0x1738  usbser - ok
14:52:18.0975 0x1738  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:52:18.0985 0x1738  USBSTOR - ok
14:52:19.0015 0x1738  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:52:19.0025 0x1738  usbuhci - ok
14:52:19.0075 0x1738  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
14:52:19.0085 0x1738  usbvideo - ok
14:52:19.0105 0x1738  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
14:52:19.0125 0x1738  UxSms - ok
14:52:19.0140 0x1738  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] VaultSvc        C:\Windows\system32\lsass.exe
14:52:19.0145 0x1738  VaultSvc - ok
14:52:19.0185 0x1738  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:52:19.0190 0x1738  vdrvroot - ok
14:52:19.0215 0x1738  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
14:52:19.0245 0x1738  vds - ok
14:52:19.0255 0x1738  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:52:19.0265 0x1738  vga - ok
14:52:19.0275 0x1738  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:52:19.0300 0x1738  VgaSave - ok
14:52:19.0300 0x1738  VGPU - ok
14:52:19.0315 0x1738  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:52:19.0325 0x1738  vhdmp - ok
14:52:19.0355 0x1738  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:52:19.0360 0x1738  viaide - ok
14:52:19.0455 0x1738  [ 2562943B90AFA9829097FB4274276D1D, EE003EF7A3EC49CFEF2EED841482721D7A89368967BFC44CE8DD9D3BDAF0572F ] VMAuthdService  F:\Programme\VMware\vmware-authd.exe
14:52:19.0460 0x1738  VMAuthdService - ok
14:52:19.0505 0x1738  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:52:19.0513 0x1738  vmbus - ok
14:52:19.0524 0x1738  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
14:52:19.0529 0x1738  VMBusHID - ok
14:52:19.0549 0x1738  [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
14:52:19.0554 0x1738  vmci - ok
14:52:19.0588 0x1738  [ 4F19996D0765835797EC7B5F35D12240, FD4D222A373C3DF2B9FC7877C0EC050BF71A6C700FB52984E44FD25E49755A11 ] vmkbd           C:\Windows\system32\drivers\VMkbd.sys
14:52:19.0593 0x1738  vmkbd - ok
14:52:19.0603 0x1738  [ 18AA5F4A3B1204AD00045EE5AD39BCDB, 0211A8E94F169A2A52CD39CD580293907EBE104E52038DC36B988DE1CA7F2392 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
14:52:19.0609 0x1738  VMnetAdapter - ok
14:52:19.0639 0x1738  [ 04CD4347CD9E8C40F78AD51F7FF426D0, BCA3E593E118BCA30142B23CD1CBE6905442D31C3DEB4C71B06D721E601F7BD8 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
14:52:19.0648 0x1738  VMnetBridge - ok
14:52:19.0650 0x1738  VMnetDHCP - ok
14:52:19.0665 0x1738  [ F550680013FEA869820CB8320FAA2352, AA98DB7E71737DD8574ADB2DD9531C1DD46BABE99F89ED87D681D6C21BFA0D1C ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
14:52:19.0672 0x1738  VMnetuserif - ok
14:52:19.0702 0x1738  [ 5E6B64631689382413131EF2E959E35D, 2C7CC2735B60CD05854AB19418BB637105A4D5FA114F56EDC40D82B8B430F107 ] vmusb           C:\Windows\system32\DRIVERS\vmusb.sys
14:52:19.0709 0x1738  vmusb - ok
14:52:19.0761 0x1738  [ 41FAE6618768DC93D98DDAF3F8282D3E, 95995542026CC111B8FFAA01AC9E55B2F942A9108F5F00502A35339C13BBF20D ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
14:52:19.0781 0x1738  VMUSBArbService - ok
14:52:19.0781 0x1738  VMware NAT Service - ok
14:52:19.0802 0x1738  [ 227E4EA654B4D52C2AAA8B1DCD5C45DE, 7D9A675A6481D288846D7F22AE15EC62DF31C9385C83D875586EE371CC9C3410 ] vmx86           C:\Windows\system32\drivers\vmx86.sys
14:52:19.0812 0x1738  vmx86 - ok
14:52:19.0822 0x1738  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:52:19.0832 0x1738  volmgr - ok
14:52:19.0867 0x1738  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:52:19.0882 0x1738  volmgrx - ok
14:52:19.0897 0x1738  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:52:19.0907 0x1738  volsnap - ok
14:52:19.0933 0x1738  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:52:19.0943 0x1738  vsmraid - ok
14:52:19.0954 0x1738  [ CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D, 32A891045AF36FEAC62373894B98ABDCEA437978BDE027169C22EBC2C72D586E ] vsock           C:\Windows\system32\drivers\vsock.sys
14:52:19.0959 0x1738  vsock - ok
14:52:20.0004 0x1738  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
14:52:20.0049 0x1738  VSS - ok
14:52:20.0174 0x1738  [ 6BFD538788E468AE314173C6E7C0E7AC, 7C4D7C4E96AFDEE5E3F698486B03291AC75428AA4B4120FD7412EAA3398BB4CD ] vToolbarUpdater3.5.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\ToolbarUpdater.exe
14:52:20.0204 0x1738  vToolbarUpdater3.5.0 - ok
14:52:20.0224 0x1738  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:52:20.0234 0x1738  vwifibus - ok
14:52:20.0239 0x1738  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:52:20.0249 0x1738  vwififlt - ok
14:52:20.0259 0x1738  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:52:20.0269 0x1738  vwifimp - ok
14:52:20.0304 0x1738  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
14:52:20.0334 0x1738  W32Time - ok
14:52:20.0399 0x1738  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
14:52:20.0414 0x1738  W3SVC - ok
14:52:20.0434 0x1738  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:52:20.0439 0x1738  WacomPen - ok
14:52:20.0463 0x1738  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:52:20.0483 0x1738  WANARP - ok
14:52:20.0493 0x1738  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:52:20.0518 0x1738  Wanarpv6 - ok
14:52:20.0553 0x1738  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
14:52:20.0568 0x1738  WAS - ok
14:52:20.0642 0x1738  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:52:20.0669 0x1738  WatAdminSvc - ok
14:52:20.0726 0x1738  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
14:52:20.0761 0x1738  wbengine - ok
14:52:20.0771 0x1738  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:52:20.0786 0x1738  WbioSrvc - ok
14:52:20.0806 0x1738  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:52:20.0821 0x1738  wcncsvc - ok
14:52:20.0836 0x1738  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:52:20.0846 0x1738  WcsPlugInService - ok
14:52:20.0871 0x1738  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
14:52:20.0876 0x1738  Wd - ok
14:52:21.0039 0x1738  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:52:21.0058 0x1738  Wdf01000 - ok
14:52:21.0084 0x1738  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:52:21.0094 0x1738  WdiServiceHost - ok
14:52:21.0097 0x1738  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:52:21.0106 0x1738  WdiSystemHost - ok
14:52:21.0130 0x1738  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
14:52:21.0142 0x1738  WebClient - ok
14:52:21.0143 0x1228  Object send P2P result: true
14:52:21.0145 0x1228  Object required for P2P: [ A9FE27CA00E66C455520E8B75883B630 ] nvsvc
14:52:21.0168 0x1738  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:52:21.0198 0x1738  Wecsvc - ok
14:52:21.0213 0x1738  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:52:21.0233 0x1738  wercplsupport - ok
14:52:21.0263 0x1738  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:52:21.0288 0x1738  WerSvc - ok
14:52:21.0318 0x1738  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:52:21.0343 0x1738  WfpLwf - ok
14:52:21.0353 0x1738  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:52:21.0358 0x1738  WIMMount - ok
14:52:21.0378 0x1738  WinDefend - ok
14:52:21.0383 0x1738  WinHttpAutoProxySvc - ok
14:52:21.0443 0x1738  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:52:21.0468 0x1738  Winmgmt - ok
14:52:21.0523 0x1738  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
14:52:21.0563 0x1738  WinRM - ok
14:52:21.0598 0x1738  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:52:21.0608 0x1738  WinUsb - ok
14:52:21.0651 0x1738  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:52:21.0673 0x1738  Wlansvc - ok
14:52:21.0708 0x1738  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
14:52:21.0718 0x1738  WmiAcpi - ok
14:52:21.0747 0x1738  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:52:21.0760 0x1738  wmiApSrv - ok
14:52:21.0795 0x1738  WMPNetworkSvc - ok
14:52:21.0813 0x1738  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:52:21.0822 0x1738  WPCSvc - ok
14:52:21.0837 0x1738  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:52:21.0848 0x1738  WPDBusEnum - ok
14:52:21.0873 0x1738  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:52:21.0895 0x1738  ws2ifsl - ok
14:52:21.0911 0x1738  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
14:52:21.0925 0x1738  wscsvc - ok
14:52:21.0970 0x1738  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
14:52:21.0980 0x1738  WSDPrintDevice - ok
14:52:22.0005 0x1738  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
14:52:22.0013 0x1738  WSDScan - ok
14:52:22.0016 0x1738  WSearch - ok
14:52:22.0109 0x1738  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:52:22.0161 0x1738  wuauserv - ok
14:52:22.0185 0x1738  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:52:22.0193 0x1738  WudfPf - ok
14:52:22.0219 0x1738  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:52:22.0231 0x1738  WUDFRd - ok
14:52:22.0253 0x1738  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:52:22.0274 0x1738  wudfsvc - ok
14:52:22.0305 0x1738  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:52:22.0316 0x1738  WwanSvc - ok
14:52:22.0353 0x1738  ================ Scan global ===============================
14:52:22.0377 0x1738  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
14:52:22.0410 0x1738  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
14:52:22.0419 0x1738  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
14:52:22.0449 0x1738  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:52:22.0486 0x1738  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
14:52:22.0491 0x1738  [ Global ] - ok
14:52:22.0492 0x1738  ================ Scan MBR ==================================
14:52:22.0499 0x1738  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:52:23.0729 0x1228  Object send P2P result: true
14:52:26.0659 0x1738  \Device\Harddisk0\DR0 - ok
14:52:26.0659 0x1738  ================ Scan VBR ==================================
14:52:26.0660 0x1738  [ A705A0646D49F3C476282CEF4D3C1BC6 ] \Device\Harddisk0\DR0\Partition1
14:52:26.0712 0x1738  \Device\Harddisk0\DR0\Partition1 - ok
14:52:26.0727 0x1738  [ 90AC4E976B77ECBF5808B7EE69FEF4B1 ] \Device\Harddisk0\DR0\Partition2
14:52:26.0728 0x1738  \Device\Harddisk0\DR0\Partition2 - ok
14:52:26.0749 0x1738  [ 1D159B527AE398EA5CF10F7CF7FF6A8C ] \Device\Harddisk0\DR0\Partition3
14:52:26.0750 0x1738  \Device\Harddisk0\DR0\Partition3 - ok
14:52:26.0751 0x1738  ================ Scan generic autorun ======================
14:52:26.0783 0x1738  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
14:52:26.0794 0x1738  ShadowPlay - ok
14:52:27.0112 0x1738  [ E05849E5D0E51EB52080E7D2987B9D3B, E68E43CF0FFD69C193C5B692A019CE13D3FB58197E5827720B3ACDDE0812AAFA ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
14:52:27.0311 0x1738  RTHDVCPL - ok
14:52:27.0406 0x1738  [ F4CD6DA32F5FA8DF305C22A444DD7B5D, E8978FDB71597A4501429787E4729555C47292BD40AFDA2487C6D88DFDBD806C ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
14:52:27.0451 0x1738  NvBackend - ok
14:52:27.0647 0x1738  [ D56A00F9BA547A10EB8F827DC2243E4B, AA41F0CC4D32134939637F38A87FF2302F219073CE5D605CDED6433F6E7BC995 ] F:\Programme\NetWorx\networx.exe
14:52:27.0827 0x1738  NetWorx - ok
14:52:27.0832 0x1738  MsmqIntCert - ok
14:52:27.0997 0x1738  [ FAE0703D9079B34BAA27202AFB06CBA8, D9D4AACBBDB1C8DD7CA34D8F0278C7B72713FE5213576CAD37BCE3FDBCF1B470 ] C:\Program Files (x86)\AVG\AVG2014\avgui.exe
14:52:28.0127 0x1738  AVG_UI - ok
14:52:28.0222 0x1738  [ BCAEE3BE2AA87180E00279BC7689A9F2, 5D244F29E992A8776C60A89C2F5F46D757A3A89338AEC17AF6B9B1FD2873BE5F ] C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
14:52:28.0302 0x1738  vProt - ok
14:52:28.0353 0x1738  [ 059B8158C08C82C78DC6A8153A2467A4, 8E88DBC785CF679D238DC5CCBF0C79B03B30F742CF0FC6427AD0AD2AD5943169 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
14:52:28.0363 0x1738  SunJavaUpdateSched - ok
14:52:28.0443 0x1738  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:52:28.0523 0x1738  Sidebar - ok
14:52:28.0543 0x1738  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:52:28.0553 0x1738  mctadmin - ok
14:52:28.0573 0x1738  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:52:28.0598 0x1738  Sidebar - ok
14:52:28.0603 0x1738  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:52:28.0613 0x1738  mctadmin - ok
14:52:28.0673 0x1738  [ F25E2808F14C90D05B0363E59C016943, 94107D947061930DFD27A207FA33D365E376441777D740916A967C575BEDC4D9 ] C:\Users\Lennart\AppData\Local\Mixesoft\AppNHost\appnhost.exe
14:52:28.0683 0x1738  appnhost - ok
14:52:28.0743 0x1738  [ E4DDD0E18D73C3333F141937281805DB, E021B04F9244F734BE29D766A243E0681D4ED003E75952A5EEEF24C961B214D6 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
14:52:28.0783 0x1738  GoogleChromeAutoLaunch_88C69AD90AECC9317436C0E3E7328581 - ok
14:52:28.0818 0x1738  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:52:28.0843 0x1738  Sidebar - ok
14:52:28.0853 0x1738  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:52:28.0863 0x1738  mctadmin - ok
14:52:28.0863 0x1738  Waiting for KSN requests completion. In queue: 141
14:52:29.0863 0x1738  Waiting for KSN requests completion. In queue: 141
14:52:30.0863 0x1738  Waiting for KSN requests completion. In queue: 141
14:52:31.0863 0x1738  Waiting for KSN requests completion. In queue: 141
14:52:32.0863 0x1738  Waiting for KSN requests completion. In queue: 141
14:52:33.0863 0x1738  Waiting for KSN requests completion. In queue: 141
14:52:34.0863 0x1738  Waiting for KSN requests completion. In queue: 141
14:52:35.0863 0x1738  Waiting for KSN requests completion. In queue: 141
14:52:36.0864 0x1738  Waiting for KSN requests completion. In queue: 141
14:52:37.0864 0x1738  Waiting for KSN requests completion. In queue: 141
14:52:38.0864 0x1738  Waiting for KSN requests completion. In queue: 141
14:52:39.0864 0x1738  Waiting for KSN requests completion. In queue: 141
14:52:40.0864 0x1738  Waiting for KSN requests completion. In queue: 141
14:52:41.0864 0x1738  Waiting for KSN requests completion. In queue: 141
14:52:42.0864 0x1738  Waiting for KSN requests completion. In queue: 141
14:52:43.0864 0x1738  Waiting for KSN requests completion. In queue: 141
14:52:44.0864 0x1738  Waiting for KSN requests completion. In queue: 141
14:52:45.0864 0x1738  Waiting for KSN requests completion. In queue: 15
14:52:46.0864 0x1738  Waiting for KSN requests completion. In queue: 15
14:52:47.0864 0x1738  Waiting for KSN requests completion. In queue: 15
14:52:48.0864 0x1738  Waiting for KSN requests completion. In queue: 15
14:52:49.0943 0x1738  AV detected via SS2: AVG Internet Security 2014, C:\Program Files (x86)\AVG\AVG2014\avgwsc.exe ( 14.0.0.4855 ), 0x41000 ( enabled : updated )
14:52:49.0944 0x1738  FW detected via SS2: AVG Internet Security 2014, C:\Program Files (x86)\AVG\AVG2014\avgwsc.exe ( 14.0.0.4855 ), 0x41010 ( enabled )
14:52:53.0176 0x1738  ============================================================
14:52:53.0176 0x1738  Scan finished
14:52:53.0176 0x1738  ============================================================
14:52:53.0182 0x10f8  Detected object count: 2
14:52:53.0182 0x10f8  Actual detected object count: 2
14:53:26.0465 0x10f8  BEService ( UnsignedFile.Multi.Generic ) - skipped by user
14:53:26.0465 0x10f8  BEService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:53:26.0465 0x10f8  chip1click ( UnsignedFile.Multi.Generic ) - skipped by user
14:53:26.0465 0x10f8  chip1click ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:54:46.0342 0x2268  Deinitialize success
         

Alt 30.05.2016, 14:40   #5
M-K-D-B
/// TB-Ausbilder
 
Spacekace Ordner im Laufwerk C: entdeckt - Standard

Spacekace Ordner im Laufwerk C: entdeckt



Servus,




Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.

__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 30.05.2016, 15:21   #6
Pechvogell
 
Spacekace Ordner im Laufwerk C: entdeckt - Standard

Spacekace Ordner im Laufwerk C: entdeckt



Zu Schritt 1

Habe die checkbox beim ersten Mal ausversehen abgewählt, deswegen 2 logs.

Code:
ATTFilter
# AdwCleaner v5.118 - Bericht erstellt am 30/05/2016 um 16:05:36
# Aktualisiert am 23/05/2016 von Xplode
# Datenbank : 2016-05-30.1 [Server]
# Betriebssystem : Windows 7 Enterprise Service Pack 1 (X64)
# Benutzername : Lennart - LENNART-PC
# Gestartet von : C:\Users\Lennart\Desktop\AdwCleaner_5.118.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****

[x] Dienst Nicht gelöscht : vToolbarUpdater3.5.0

***** [ Ordner ] *****

[-] Ordner gelöscht : C:\ProgramData\AVG Secure Search
[-] Ordner gelöscht : C:\ProgramData\AVG Security Toolbar
[-] Ordner gelöscht : C:\ProgramData\WindowsMangerProtect
[-] Ordner gelöscht : C:\ProgramData\avg web tuneup
[-] Ordner gelöscht : C:\ProgramData\13773405251871534736
[-] Ordner gelöscht : C:\ProgramData\{c3da3271-ec2c-8953-c3da-a3271ec2c9c7}
[-] Ordner gelöscht : C:\Program Files (x86)\avg web tuneup
[-] Ordner gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Ordner gelöscht : C:\Users\Lennart\AppData\Local\AVG SafeGuard toolbar
[-] Ordner gelöscht : C:\Users\Lennart\AppData\Local\FileViewPro
[-] Ordner gelöscht : C:\Users\Lennart\AppData\Local\avg web tuneup
[-] Ordner gelöscht : C:\Users\Lennart\AppData\LocalLow\avg web tuneup
[-] Ordner gelöscht : C:\Users\Lennart\AppData\Roaming\sweet-page

***** [ Dateien ] *****

[-] Datei gelöscht : C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Schlüssel gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Schlüssel gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Schlüssel gelöscht : HKCU\Software\InstallCore
[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKCU\Software\torch
[-] Schlüssel gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
[-] Schlüssel gelöscht : HKLM\SOFTWARE\sweet-pageSoftware
[-] Schlüssel gelöscht : HKLM\SOFTWARE\torch
[-] Schlüssel gelöscht : HKLM\SOFTWARE\AVG Tuneup
[-] Schlüssel gelöscht : HKU\.DEFAULT\Software\OCS
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt : HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Daten wiederhergestellt : HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mystart.uninstallmaster.com
[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Schlüssel gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WindowsMangerProtect
[-] Schlüssel gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Wpm

***** [ Internetbrowser ] *****

[-] [C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] gelöscht : mysearch.avg.com

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [7123 Bytes] - [30/05/2016 16:05:36]
C:\AdwCleaner\AdwCleaner[R0].txt - [11953 Bytes] - [09/05/2014 23:53:10]
C:\AdwCleaner\AdwCleaner[S0].txt - [9193 Bytes] - [09/05/2014 23:54:13]
C:\AdwCleaner\AdwCleaner[S1].txt - [8819 Bytes] - [30/05/2016 16:04:35]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7416 Bytes] ##########
         
Code:
ATTFilter
# AdwCleaner v5.118 - Bericht erstellt am 30/05/2016 um 16:13:38
# Aktualisiert am 23/05/2016 von Xplode
# Datenbank : 2016-05-30.1 [Server]
# Betriebssystem : Windows 7 Enterprise Service Pack 1 (X64)
# Benutzername : Lennart - LENNART-PC
# Gestartet von : C:\Users\Lennart\Desktop\AdwCleaner_5.118.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****

[-] Dienst gelöscht : vToolbarUpdater3.5.0

***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [7511 Bytes] - [30/05/2016 16:05:36]
C:\AdwCleaner\AdwCleaner[C2].txt - [1041 Bytes] - [30/05/2016 16:13:38]
C:\AdwCleaner\AdwCleaner[R0].txt - [11953 Bytes] - [09/05/2014 23:53:10]
C:\AdwCleaner\AdwCleaner[S0].txt - [9193 Bytes] - [09/05/2014 23:54:13]
C:\AdwCleaner\AdwCleaner[S1].txt - [8819 Bytes] - [30/05/2016 16:04:35]
C:\AdwCleaner\AdwCleaner[S2].txt - [1184 Bytes] - [30/05/2016 16:10:26]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1407 Bytes] ##########
         

Alt 30.05.2016, 15:25   #7
M-K-D-B
/// TB-Ausbilder
 
Spacekace Ordner im Laufwerk C: entdeckt - Standard

Spacekace Ordner im Laufwerk C: entdeckt



Servus,



gut gemacht.

Dann weiter mit den anderen Schritten.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 30.05.2016, 16:01   #8
Pechvogell
 
Spacekace Ordner im Laufwerk C: entdeckt - Standard

Spacekace Ordner im Laufwerk C: entdeckt



mbam

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 30.05.2016
Suchlaufzeit: 16:24
Protokolldatei: mbamlog.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.05.30.05
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Lennart

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 339736
Abgelaufene Zeit: 17 Min., 14 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 19
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\OCComSDK.ComSDK.1, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\OCComSDK.ComSDK, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\OCComSDK.ComSDK, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\OCComSDK.ComSDK, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\OCComSDK.ComSDK.1, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\OCComSDK.ComSDK.1, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[c8452eaeb8e1b77fad7d1245bf452dd3]

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 1
PUP.Optional.OpenCandy, C:\Users\Lennart\AppData\Local\Temp\HYDBA10.tmp.1447707832\HTA\3rdparty\OCComSDK.dll, In Quarantäne, [b55895475445ce687b2dfc43e02442be], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Enterprise x64 
Ran by Lennart (Administrator) on 30.05.2016 at 16:51:14,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 19 

Successfully deleted: C:\Users\Lennart\AppData\Local\ggempire (Folder) 
Successfully deleted: C:\Windows\system32\Tasks\Google Update (Task)
Successfully deleted: C:\Program Files (x86)\GUT1F15.tmp (File) 
Successfully deleted: C:\Users\Lennart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lennart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\30XF9ZYQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lennart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4QQ5WTN1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lennart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lennart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYWM6030 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lennart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lennart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Lennart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W8OS6M42 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\30XF9ZYQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4QQ5WTN1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYWM6030 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W8OS6M42 (Temporary Internet Files Folder) 

Deleted the following from C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\prefs.js
user_pref(browser.urlbar.suggest.searches, true);



Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_88C69AD90AECC9317436C0E3E7328581 (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.05.2016 at 16:55:39,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016 02
durchgeführt von Lennart (Administrator) auf LENNART-PC (30-05-2016 16:58:50)
Gestartet von C:\Users\Lennart\Desktop
Geladene Profile: Lennart (Verfügbare Profile: Lennart & DefaultAppPool)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(AVM GmbH) F:\Programme\Fritz\PowerlineService.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(TeamViewer GmbH) F:\Programme\Neuer Ordner\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(VMware, Inc.) F:\Programme\VMware\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(LogMeIn Inc.) F:\Programme\Hamachi\hamachi-2.exe
(LogMeIn, Inc.) F:\Programme\Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-23] (NVIDIA Corporation)
HKLM\...\Run: [NetWorx] => F:\Programme\NetWorx\networx.exe [6589136 2014-09-30] (SoftPerfect Research)
HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5212584 2016-02-05] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Run: [appnhost] => C:\Users\Lennart\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Mixesoft Project)
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Run: [GoogleChromeAutoLaunch_88C69AD90AECC9317436C0E3E7328581] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1008280 2016-05-11] (Google Inc.)
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\MountPoints2: {1be94695-f39b-11e3-9d4c-448a5b404961} - E:\Setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175368 2016-01-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [153392 2016-01-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2015 Schnellstart.lnk [2016-04-27]
ShortcutTarget: SOLIDWORKS 2015 Schnellstart.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{25DDDE53-0D5A-434E-81DC-F7399DF727D5}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{25DDDE53-0D5A-434E-81DC-F7399DF727D5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6CE4710C-C961-4160-BA19-D64995371EDF}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-27] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)

FireFox:
========
FF ProfilePath: C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @phonostar.de/phonostar-Player -> F:\Programme\phonostar-Player\npphonostarDetectNP.dll [2015-02-26] ( )
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lennart\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-21] (Unity Technologies ApS)
FF Extension: QuickJava - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-05-22]
FF Extension: JavaScript on-off applet - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\extensions\{54e46280-0211-11e3-b778-0800200c9a66}.xpi [2016-05-22]
FF Extension: Adblock Plus - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-11]
StartMenuInternet: FIREFOX.EXE - F:\Programme\Firefox\firefox.exe

Chrome: 
=======
CHR Session Restore: Profile 1 -> ist aktiviert.
CHR Profile: C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-22]
CHR Extension: (GeoGebra) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2016-05-22]
CHR Extension: (Adblock Plus) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-05-22]
CHR Extension: (Google-Suche) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-05-22]
CHR Extension: (AdBlock) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-22]
CHR Extension: (Google Mail) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Profile: C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Präsentationen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-14]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-05-30]
CHR Extension: (BetterTTV) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-10-09]
CHR Extension: (Google Docs) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-14]
CHR Extension: (Google Drive) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Honey) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-05-19]
CHR Extension: (Google Cast) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-03-24]
CHR Extension: (Adblock Plus) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09]
CHR Extension: (Google-Suche) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tampermonkey) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-04-17]
CHR Extension: (Google Tabellen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-14]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-05-10]
CHR Extension: (Google Docs Offline) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (ReChat for Twitch™) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ipplilmaapjjklilmmaccfemdmhkoacd [2016-03-04]
CHR Extension: (Todoist: To-Do Liste und Aufgabenverwaltung) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2016-03-18]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-03-18]
CHR Extension: (AVG Secure Search) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-05-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Google Mail) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-14]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1443144 2016-02-05] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3260328 2016-02-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301896 2016-02-05] (AVG Technologies CZ, s.r.o.)
R2 AVMPowerlineService; F:\Programme\Fritz\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-05-18] () [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [81408 2016-04-28] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe [68488 2016-04-14] (Google Inc.)
S3 CoordinatorServiceHost; F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [81400 2015-11-11] (Dassault Systèmes SolidWorks Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-23] (NVIDIA Corporation)
R2 Hamachi2Svc; F:\Programme\Hamachi\hamachi-2.exe [2552840 2016-05-06] (LogMeIn Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-21] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-23] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-23] (NVIDIA Corporation)
S3 OpenVPNService; F:\Programme\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1286896 2016-05-19] (Overwolf LTD)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2016-04-27] (SolidWorks) [Datei ist nicht signiert]
R2 TeamViewer9; F:\Programme\Neuer Ordner\TeamViewer_Service.exe [5024576 2014-04-25] (TeamViewer GmbH)
R2 VMAuthdService; F:\Programme\VMware\vmware-authd.exe [86744 2014-06-12] (VMware, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [237536 2015-05-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [369120 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [211936 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [276960 2015-05-18] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-14] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118504 2012-12-19] (Qualcomm Atheros Co., Ltd.)
S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-30] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R1 networx; C:\Windows\System32\drivers\networx.sys [60408 2014-08-01] (NetFilterSDK.com)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-30 16:55 - 2016-05-30 16:55 - 00003718 _____ C:\Users\Lennart\Desktop\JRT.txt
2016-05-30 16:50 - 2016-05-30 16:50 - 01610816 _____ (Malwarebytes) C:\Users\Lennart\Desktop\JRT.exe
2016-05-30 16:50 - 2016-05-30 16:50 - 00004313 _____ C:\Users\Lennart\Desktop\mbamlog.txt
2016-05-30 16:23 - 2016-05-30 16:46 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-30 16:22 - 2016-05-30 16:22 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-05-30 16:22 - 2016-05-30 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-05-30 16:22 - 2016-05-30 16:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-30 16:22 - 2016-05-30 16:22 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-05-30 16:22 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-05-30 16:22 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-30 16:22 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-05-30 16:21 - 2016-05-30 16:21 - 22851472 _____ (Malwarebytes ) C:\Users\Lennart\Desktop\mbam-setup-2.2.1.1043.exe
2016-05-30 15:59 - 2016-05-30 15:59 - 03678272 _____ C:\Users\Lennart\Desktop\AdwCleaner_5.118.exe
2016-05-30 14:49 - 2016-05-30 14:54 - 00235108 _____ C:\TDSSKiller.3.1.0.9_30.05.2016_14.49.28_log.txt
2016-05-30 14:49 - 2016-05-30 14:49 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Lennart\Desktop\tdsskiller.exe
2016-05-30 14:46 - 2016-05-30 14:48 - 00050441 _____ C:\Users\Lennart\Desktop\Addition.txt
2016-05-30 14:44 - 2016-05-30 16:59 - 00023411 _____ C:\Users\Lennart\Desktop\FRST.txt
2016-05-30 14:43 - 2016-05-29 15:53 - 02383872 _____ (Farbar) C:\Users\Lennart\Desktop\FRST64.exe
2016-05-29 15:55 - 2016-05-30 16:58 - 00000000 ____D C:\FRST
2016-05-22 17:22 - 2016-05-22 17:22 - 00003704 _____ C:\Windows\System32\Tasks\Java Platform SE Auto Updater
2016-05-22 17:11 - 2016-05-22 17:26 - 00000000 ____D C:\Users\Lennart\AppData\Local\AvgSetupLog
2016-05-22 14:18 - 2016-05-22 14:18 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\dvdcss
2016-05-21 13:22 - 2016-05-29 17:46 - 00000000 _____ C:\Users\Lennart\AppData\Local\Temptable.xml
2016-05-17 16:40 - 2016-05-17 22:02 - 00032768 _____ C:\Users\Lennart\Desktop\MeA Testat 1b.xls
2016-05-14 21:28 - 2016-05-06 16:29 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-05-14 20:40 - 2016-05-14 20:40 - 00000000 ____D C:\Users\Lennart\AppData\Local\LogMeIn
2016-05-14 20:40 - 2016-05-14 20:40 - 00000000 ____D C:\ProgramData\LogMeIn
2016-05-14 20:32 - 2016-05-14 21:22 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\Tunngle
2016-05-14 20:32 - 2016-05-14 20:32 - 00000000 ____D C:\Users\Lennart\Documents\Tunngle
2016-05-14 20:32 - 2016-04-27 00:49 - 00039464 _____ (Tunngle.net GmbH) C:\Windows\system32\Drivers\tap0901t.sys
2016-05-14 20:13 - 2016-05-30 16:46 - 00000000 ____D C:\Users\Lennart\AppData\Local\LogMeIn Hamachi
2016-05-14 20:13 - 2016-05-14 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-05-14 20:11 - 2016-05-14 20:11 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-05-13 15:24 - 2016-05-13 15:28 - 00000000 ____D C:\Users\Lennart\Documents\OpenRA
2016-05-11 13:59 - 2016-04-23 19:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-11 13:59 - 2016-04-23 18:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-11 13:59 - 2016-04-23 07:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-11 13:59 - 2016-04-23 07:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-11 13:59 - 2016-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-11 13:59 - 2016-04-23 07:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-11 13:59 - 2016-04-23 07:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-11 13:59 - 2016-04-23 06:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-11 13:59 - 2016-04-23 06:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-11 13:59 - 2016-04-23 06:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-11 13:59 - 2016-04-23 06:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-11 13:59 - 2016-04-23 06:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-11 13:59 - 2016-04-23 06:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-11 13:59 - 2016-04-23 06:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-11 13:59 - 2016-04-23 06:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-11 13:59 - 2016-04-23 06:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-11 13:59 - 2016-04-23 06:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-11 13:59 - 2016-04-23 06:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-11 13:59 - 2016-04-23 06:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-11 13:59 - 2016-04-23 06:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-11 13:59 - 2016-04-23 06:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-11 13:59 - 2016-04-23 06:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-11 13:59 - 2016-04-23 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-05-11 13:59 - 2016-04-23 06:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-11 13:59 - 2016-04-23 06:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-11 13:59 - 2016-04-23 06:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-11 13:59 - 2016-04-23 06:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-11 13:59 - 2016-04-23 06:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-05-11 13:59 - 2016-04-23 06:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-05-11 13:59 - 2016-04-23 06:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-11 13:59 - 2016-04-23 06:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-05-11 13:59 - 2016-04-23 06:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-05-11 13:59 - 2016-04-23 06:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-11 13:59 - 2016-04-23 06:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-11 13:59 - 2016-04-23 06:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-11 13:59 - 2016-04-23 06:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-11 13:59 - 2016-04-23 06:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-05-11 13:59 - 2016-04-23 06:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-05-11 13:59 - 2016-04-23 06:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-11 13:59 - 2016-04-23 05:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-05-11 13:59 - 2016-04-23 05:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-11 13:59 - 2016-04-23 05:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-05-11 13:59 - 2016-04-23 05:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-05-11 13:59 - 2016-04-23 05:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-11 13:59 - 2016-04-23 05:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-05-11 13:59 - 2016-04-23 05:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-11 13:59 - 2016-04-23 05:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-05-11 13:59 - 2016-04-23 05:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-05-11 13:59 - 2016-04-23 05:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-05-11 13:59 - 2016-04-23 05:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-05-11 13:59 - 2016-04-23 05:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-11 13:59 - 2016-04-23 05:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-05-11 13:59 - 2016-04-23 05:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-11 13:59 - 2016-04-23 05:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-11 13:59 - 2016-04-23 05:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-11 13:59 - 2016-04-23 05:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-11 13:59 - 2016-04-23 05:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-05-11 13:59 - 2016-04-23 05:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-11 13:59 - 2016-04-23 05:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-11 13:59 - 2016-04-23 05:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-11 13:59 - 2016-04-23 05:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-11 13:59 - 2016-04-23 05:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-11 13:59 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-11 13:59 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-11 13:59 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-11 13:59 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-11 13:59 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-11 13:59 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-11 13:59 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-11 13:59 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-11 13:59 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-11 13:59 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-11 13:59 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-05-11 13:59 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-11 13:59 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-11 13:58 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-11 13:58 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-11 13:58 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-11 13:58 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-11 13:58 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-11 13:58 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-11 13:58 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-11 13:58 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-11 13:58 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-11 13:58 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-11 13:58 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-11 13:58 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-11 13:58 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-11 13:58 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-11 13:58 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-11 13:58 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-11 13:58 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-11 13:58 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-11 13:58 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-11 13:58 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-11 13:58 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-11 13:58 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-11 13:58 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-11 13:58 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-11 13:58 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-06 16:29 - 2016-05-06 16:29 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-30 16:50 - 2010-11-21 08:22 - 00778516 _____ C:\Windows\system32\perfh007.dat
2016-05-30 16:50 - 2010-11-21 08:22 - 00177978 _____ C:\Windows\system32\perfc007.dat
2016-05-30 16:50 - 2009-07-14 07:13 - 01820656 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-30 16:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-30 16:46 - 2015-09-04 20:56 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-05-30 16:46 - 2015-07-05 21:53 - 00000000 __SHD C:\Users\Lennart\IntelGraphicsProfiles
2016-05-30 16:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-05-30 16:44 - 2015-04-02 02:29 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-30 16:44 - 2014-08-09 21:01 - 00000000 ____D C:\ProgramData\VMware
2016-05-30 16:44 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-30 16:43 - 2010-11-21 08:28 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2016-05-30 16:43 - 2009-07-14 06:45 - 00021744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-30 16:43 - 2009-07-14 06:45 - 00021744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-30 16:37 - 2015-12-10 22:19 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA.job
2016-05-30 16:36 - 2015-04-02 02:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-30 16:13 - 2014-05-09 23:53 - 00000000 ____D C:\AdwCleaner
2016-05-30 16:00 - 2014-08-01 12:41 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\vlc
2016-05-30 15:27 - 2014-05-03 17:22 - 00000000 ____D C:\ProgramData\MFAData
2016-05-30 15:16 - 2015-02-28 20:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-29 18:40 - 2016-04-24 14:22 - 00000000 ____D C:\Users\Lennart\AppData\Local\TempSWSicherungsverzeichnis
2016-05-28 13:37 - 2015-12-10 22:19 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core.job
2016-05-27 12:21 - 2016-02-10 14:50 - 00097344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-05-27 12:21 - 2016-02-10 14:49 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-27 12:21 - 2015-12-20 15:57 - 00000000 ____D C:\Users\Lennart\.oracle_jre_usage
2016-05-27 12:21 - 2014-07-19 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-27 12:21 - 2014-05-03 17:44 - 00000000 ____D C:\ProgramData\Oracle
2016-05-26 12:30 - 2015-10-06 18:30 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-05-22 17:26 - 2014-07-22 14:11 - 00000000 ____D C:\ProgramData\AVG
2016-05-22 17:15 - 2014-07-22 14:12 - 00000000 ____D C:\Users\Lennart\AppData\Local\AVG
2016-05-19 22:13 - 2015-12-19 01:19 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-18 08:21 - 2016-04-23 12:56 - 00000000 ____D C:\Users\Lennart\AppData\Local\SolidWorks
2016-05-17 11:58 - 2014-05-03 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-05-15 21:10 - 2015-11-03 19:53 - 00076488 _____ C:\Users\Lennart\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-14 21:33 - 2015-11-04 15:04 - 00309600 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-14 20:11 - 2014-10-20 17:15 - 00000000 ____D C:\Users\Lennart\AppData\Local\Downloaded Installations
2016-05-13 15:38 - 2015-04-02 02:29 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 15:38 - 2015-04-02 02:29 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-13 15:16 - 2015-02-28 20:58 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 15:16 - 2015-02-28 20:58 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 15:16 - 2015-02-28 20:58 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-12 18:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-11 23:09 - 2010-11-21 08:28 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 15:17 - 2014-05-06 13:52 - 00000000 ____D C:\Windows\system32\MRT
2016-05-11 15:03 - 2011-05-25 16:59 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-11 13:32 - 2015-12-10 22:19 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA
2016-05-11 13:32 - 2015-12-10 22:19 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core
2016-05-11 13:31 - 2015-04-02 02:29 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 13:31 - 2015-04-02 02:29 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-10 23:48 - 2014-12-11 10:09 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-10 23:46 - 2015-12-06 21:00 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-05-10 15:32 - 2014-12-25 13:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-05-14 17:34 - 2014-05-14 17:35 - 0000000 _____ () C:\Users\Lennart\AppData\Roaming\27.wav
2014-05-12 16:40 - 2014-05-12 16:51 - 0000198 _____ () C:\Users\Lennart\AppData\Roaming\SpotifyRecorderSettings.ini
2014-05-03 22:07 - 2015-08-22 20:49 - 0007597 _____ () C:\Users\Lennart\AppData\Local\Resmon.ResmonCfg
2016-05-21 13:22 - 2016-05-29 17:46 - 0000000 _____ () C:\Users\Lennart\AppData\Local\Temptable.xml
2014-05-27 15:25 - 2014-05-27 15:25 - 0000000 _____ () C:\Users\Lennart\AppData\Local\{04DBC2F6-A796-49AF-8289-15D0A805295C}
2014-07-14 14:05 - 2014-07-14 14:05 - 0000088 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Lennart\AppData\Local\Temp\GURE23.exe
C:\Users\Lennart\AppData\Local\Temp\libeay32.dll
C:\Users\Lennart\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Lennart\AppData\Local\Temp\msvcr120.dll
C:\Users\Lennart\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Lennart\AppData\Local\Temp\sqlite3.dll
C:\Users\Lennart\AppData\Local\Temp\uninstall.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-28 12:13

==================== Ende von FRST.txt ============================
         
Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
durchgeführt von Lennart (2016-05-30 16:59:21)
Gestartet von C:\Users\Lennart\Desktop
Windows 7 Enterprise Service Pack 1 (X64) (2014-05-03 13:55:49)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3922255045-3176004807-2504715946-500 - Administrator - Disabled)
Gast (S-1-5-21-3922255045-3176004807-2504715946-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3922255045-3176004807-2504715946-1003 - Limited - Enabled)
Lennart (S-1-5-21-3922255045-3176004807-2504715946-1000 - Administrator - Enabled) => C:\Users\Lennart

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: AVG Internet Security 2014 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2014 (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
AppNHost 1.0.5.1 (HKLM-x32\...\{A8CB86C7-CD4C-4C4F-AF6A-33D1CAC63562}) (Version: 1.0.5.1 - Mixesoft Project)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4855 - AVG Technologies)
AVG 2014 (Version: 14.0.4477 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4855 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.5.0.0 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG6400 series Benutzerregistrierung (HKLM-x32\...\Canon MG6400 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG6400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6400_series) (Version: 1.01 - Canon Inc.)
Canon MG6400 series On-screen Manual (HKLM-x32\...\Canon MG6400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 1.9.4.0 - Chip Digital GmbH)
Chrome Remote Desktop Host (HKLM-x32\...\{95EB2FCC-AE0B-40E9-B804-347C6358923B}) (Version: 51.0.2704.7 - Google Inc.)
ChromecastApp (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.4.0.28 - Swiss Academic Software)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FRITZ!Powerline (HKLM-x32\...\{F9C9378B-78D5-4CC0-8683-B7915DFEA9C5}) (Version: 01.00.65 - AVM Berlin)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Gauntlet™  (HKLM-x32\...\Steam App 258970) (Version:  - Arrowhead Game Studios)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Golf With Friends (HKLM-x32\...\Steam App 431240) (Version:  - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.428 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.428 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version:  - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 44.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.1 (x86 de)) (Version: 44.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetWorx 5.3.3 (HKLM\...\NetWorx_is1) (Version:  - Softperfect Research)
NVIDIA GeForce Experience 2.9.1.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.35 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenVPN 2.3.6-I601  (HKLM\...\OpenVPN) (Version: 2.3.6-I601 - )
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.94.111.0 - Overwolf Ltd.)
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
phonostar-Player Version 3.03.6 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version:  - )
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6914 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - REALTEK Semiconductor Corp.)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 2.2.3.24 - Steppschuh)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.35 - NVIDIA Corporation) Hidden
Sid Meier's Civilization 5 (HKLM-x32\...\Sid Meier's Civilization 5_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Panky)
Skype™ 7.9 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.9.103 - Skype Technologies S.A.)
SleepTimer Ultimate 1.2 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version:  - Christian Handorf)
SOLIDWORKS 2015 x64 Edition SP05 (HKLM-x32\...\SolidWorks Installation Manager 20150-40500-1100-100) (Version: 23.5.0.81 - SolidWorks Corporation)
SOLIDWORKS 2015 x64 Edition SP05 (Version: 23.150.81 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2015 x64 German Resources (Version: 23.150.81 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Composer Player 2015 SP05 x64 Edition (Version: 23.50.81 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2015 x64 Edition SP05 (Version: 15.5.0009 - Dassault Systèmes SolidWorks Corp) Hidden
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Spotify (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Spotify) (Version: 1.0.13.108.gcd94e7db - Spotify AB)
Stardew Valley (HKLM-x32\...\Steam App 413150) (Version:  - ConcernedApe)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TeamSpeak 3 Client (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\TeamSpeak 3 Client) (Version: 3.0.18.2 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind Studios)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56 - Ghisler Software GmbH)
Trials Fusion (HKLM-x32\...\Uplay Install 297) (Version:  - Ubisoft)
Unity Web Player (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.3 - VMware, Inc)
VMware Player (Version: 6.0.3 - VMware, Inc.) Hidden
VPNAutoconnect (HKLM-x32\...\{8E557F21-99AE-440D-8058-CD8CB3302E13}) (Version: 1.15 - globalip)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version:  - Team17 Digital Ltd.)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2064EADA-C08A-4070-9FEE-9E1726C2812E} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-05-19] (Overwolf LTD)
Task: {2919E08B-DD8E-43C5-9AC5-834FF603585D} - System32\Tasks\{EA827FF7-917C-487A-A77D-4DEB9B3232FF} => pcalua.exe -a "D:\Win8 x86x64\WLAN\AZ_RTL8188CE_8188EE_8723AE_Win8_2007.11.0322.2013\Setup.exe" -d "D:\Win8 x86x64\WLAN\AZ_RTL8188CE_8188EE_8723AE_Win8_2007.11.0322.2013"
Task: {4BE52BCE-C1E2-4F99-ABB9-7F4B7D136FC1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {4CA12898-83C9-4099-A3F9-FA03D633F24C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {61FC2C01-2DFA-42DB-BF41-6319846A2E88} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-02] (Google Inc.)
Task: {6688AE84-AE1A-4CE8-A0E4-6EBB01904CBD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {831BC1F2-4E03-43D8-8070-161BDC8DCC0D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {8B77F6F1-214C-4725-913D-6095B3766DE7} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-05-20] (Oracle Corporation)
Task: {8D57DD65-D390-4FD7-9671-9F7F25CC4BF6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {969F969F-93D2-4F92-9AB1-C27ECDDDF971} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-02] (Google Inc.)
Task: {DBC97D98-E833-4717-A559-6DC784179D3A} - System32\Tasks\{6BC42E92-18FA-4D75-9D37-65F2C559C28A} => pcalua.exe -a F:\Programme\ShutDownPro\Uninstaller.exe
Task: {F1CAB074-1A14-40F9-A55D-E814A6E842A7} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core.job => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA.job => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-05-03 16:58 - 2016-01-23 05:42 - 00018880 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-03 17:33 - 2009-12-12 15:12 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2015-12-06 21:19 - 2013-05-14 11:50 - 00140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2016-01-29 22:26 - 2016-01-23 04:55 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-13 15:38 - 2016-05-11 05:49 - 02224280 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 15:38 - 2016-05-11 05:49 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
2014-06-12 18:22 - 2014-06-12 18:22 - 01261272 _____ () F:\Programme\VMware\libxml2.dll
2014-05-03 16:58 - 2016-01-23 05:42 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lennart\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: bthserv => 3
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GoogleChromeAutoLaunch_88C69AD90AECC9317436C0E3E7328581 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: PDFPrint => F:\Programme\PDF24\pdf24.exe
MSCONFIG\startupreg: phonostar-PlayerTimer => "F:\Programme\phonostar-Player\phonostarTimer.exe"
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Lennart\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{BE866FCA-3264-4768-80BA-CCB5BAFAA33C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6D31F6BC-91EB-4FAE-8091-490E5D286560}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{51D766F7-4258-49B1-A537-836D93A94375}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{43C965FD-5037-4723-9BA1-4DE396F3652D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{E89508D7-489B-4B76-BA0B-1D7D5D7072E0}] => (Allow) C:\Users\Lennart\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{220FA349-F47F-4A27-90F5-9C5DC49446E3}] => (Allow) C:\Users\Lennart\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{B58C9990-3893-4E86-ABD4-BEBDCD524257}] => (Allow) F:\Programme\Steam\Steam.exe
FirewallRules: [{FBF12A09-BFC5-4DA4-86FF-37154A84F617}] => (Allow) F:\Programme\Steam\Steam.exe
FirewallRules: [{292DF4B5-0A80-44A0-BA88-8DFBE94F0A3A}] => (Allow) F:\Spiele\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [{447EA357-10E5-4A33-AE54-6A2731713A42}] => (Allow) F:\Spiele\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [{53264FC7-C236-4A7A-83E1-ADD2B2C92C40}] => (Allow) F:\Programme\Neuer Ordner\TeamViewer_Service.exe
FirewallRules: [{FE15D376-14D3-4D6C-979D-778A952AE62C}] => (Allow) F:\Programme\Neuer Ordner\TeamViewer_Service.exe
FirewallRules: [{77EE8E53-28B7-4D7B-935B-E8D440B48E19}] => (Allow) F:\Spiele\Battlenet\Hearthstone\Hearthstone.exe
FirewallRules: [{6B745F5E-970B-489D-8E78-76D892EC686D}] => (Allow) F:\Spiele\Battlenet\Hearthstone\Hearthstone.exe
FirewallRules: [{DD378677-BBB7-464B-8CB1-B378F479D44D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{5B8B276D-574C-4CFE-8C79-BFAEB2858C74}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{522A670C-D0D1-482B-8E43-2F274F1D5139}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{1E47496D-375C-45E9-BE3C-D4D6D318225B}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{8A27C84F-7D39-4EA6-A37E-0A1CB2C0B598}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{9DEE6FCF-27B3-4568-B2C3-895871FBD05F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{3B03FC34-3754-4525-9DFB-64B03137F596}] => (Allow) F:\Spiele\Battlenet\Diablo III\Diablo III.exe
FirewallRules: [{05032047-41C3-450F-8E93-56500D896F54}] => (Allow) F:\Spiele\Battlenet\Diablo III\Diablo III.exe
FirewallRules: [{8B0AE89D-F5B7-4339-8868-C195BB9A41D4}] => (Allow) F:\Programme\VMware\vmware-authd.exe
FirewallRules: [{FE0E74A6-4909-45D5-ABD1-162B7D97747E}] => (Allow) F:\Programme\VMware\vmware-authd.exe
FirewallRules: [{3F4FD639-8E6E-43E7-81FD-6FDB60D1C579}] => (Allow) F:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{EF9A9114-21B4-485C-924C-7B9A873438CF}] => (Allow) F:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{A0243140-06B6-41B2-8F85-9BA51555301A}] => (Allow) F:\Programme\NetWorx\networx.exe
FirewallRules: [{F249D332-8F91-4DD6-B8F4-BE7C9FB53430}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{375C05C4-DEC8-4E69-82CA-18F74701E42B}] => (Allow) F:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{F55C9D99-21B5-4F25-A486-2E860A9A34A0}] => (Allow) F:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [TCP Query User{16BF7C43-C377-431C-A584-17C796DA1B9D}F:\programme\openvpn\bin\openvpn.exe] => (Block) F:\programme\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{4CC052B1-257F-44CD-A8B2-AF41E018A094}F:\programme\openvpn\bin\openvpn.exe] => (Block) F:\programme\openvpn\bin\openvpn.exe
FirewallRules: [{292FC713-FE36-47E9-9AF0-BC09346BBF4B}] => (Allow) F:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{3738FA5A-D8F7-4160-B806-4C6737E75BF6}] => (Allow) F:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [TCP Query User{97293B85-8829-4372-BF08-E8A2CA4CFF23}C:\users\lennart\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lennart\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8FBD56B8-F800-4F81-9AB1-E5AAD7463924}C:\users\lennart\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lennart\appdata\roaming\spotify\spotify.exe
FirewallRules: [{14D48032-C819-4BD4-9FC4-55508C4729BD}] => (Allow) F:\Programme\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{DAC95C11-94A3-4BF7-9621-2045ED0A0BA1}] => (Allow) F:\Programme\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{CE75AA42-FBC5-48A6-A6A7-E58593809BAA}] => (Allow) F:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{D576B331-7430-4C25-8293-8A028D7EA9FB}] => (Allow) F:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{69C72D52-4596-43C0-914A-69F932D1BA78}] => (Allow) F:\Programme\Firefox\firefox.exe
FirewallRules: [{9D053025-1FC6-4978-894F-F4886E6E3C7F}] => (Allow) F:\Programme\Firefox\firefox.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{740FD91E-E0C1-4962-86B1-3B450BD8AA10}] => (Allow) F:\Programme\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{30E43AD6-460D-4DE0-A67D-BE8F6130E5B3}] => (Allow) F:\Programme\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{648E1615-5AA0-43E9-B092-55901DE6BE20}] => (Allow) F:\Programme\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{1DB2FDA1-79DF-4650-BF2E-BD6B83F01037}] => (Allow) F:\Programme\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{20AF9B64-72C9-4086-A5E1-A58DAFFC624B}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{67EE309E-5F22-49A2-B7CF-86FF60A198F8}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0487729D-A09C-41B4-98A3-4558442DA4CF}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C24443D5-0A91-4748-B049-1AFEBB2A7D65}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{195880AC-A350-4753-8155-2D812B0F1824}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7957764A-1E59-46C9-A496-65D8FCF66CD8}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{803158E8-335C-4A69-9A27-8294F7F2B6E5}] => (Allow) F:\Programme\Steam\SteamApps\common\War in the North\witn.exe
FirewallRules: [{E0158F8C-FA21-4D24-B650-9A9E5A675AE2}] => (Allow) F:\Programme\Steam\SteamApps\common\War in the North\witn.exe
FirewallRules: [{77F4958B-D02A-4F09-9378-4AF44681679F}] => (Allow) F:\Programme\Steam\SteamApps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{167060BC-F4A4-4C1A-8568-62029A4D76B0}] => (Allow) F:\Programme\Steam\SteamApps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{EF3DC89C-9873-460F-882C-5F916DFDF58C}] => (Allow) F:\Spiele\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{2C9D3F98-F993-4B4E-B137-3F974F60087A}] => (Allow) F:\Spiele\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{65131887-B913-41ED-9695-EE625C78BF79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EEB10DE0-E762-44FA-AC13-3860BD2DC8F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8396CD80-F3E7-4826-BC98-467AE4983B1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{533E5471-D6CF-4220-92C0-641F656CE424}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EDEBAB15-ED70-4194-9D90-BE68A7BDA363}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{952E0868-E38B-4666-AE58-61BF531A034C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{C78BE5FC-9F67-4939-B0CE-71E2A9269C01}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{9C2050FD-E221-4927-AFE2-CC6BF892FD49}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{A31C180E-1182-4DDC-AF8F-5CBCED7790D5}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{A0EFA816-32C4-420C-B285-8279D4CD670C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{38443952-5701-4E74-9B96-ECB636D70925}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{3EE2E637-4C43-4845-BC08-E54932BE0FA3}] => (Allow) F:\Programme\Steam\SteamApps\common\Golf With Friends\Golf With Friends.exe
FirewallRules: [{B2CBD638-11AB-4559-8A7D-A0014C0EC21A}] => (Allow) F:\Programme\Steam\SteamApps\common\Golf With Friends\Golf With Friends.exe
FirewallRules: [{327F2BFA-752F-4045-9CDD-8D694528C042}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{001F8689-2BDB-4306-B9F0-6E76C10A1088}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{CBCEAAB9-D1F1-413B-BE44-5E74D48E3C77}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{6478E1D2-0FE6-46A4-B699-B0E9C5BB0E63}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{9CDA1976-6891-404D-BB5E-632425CA09D5}] => (Allow) F:\Programme\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{4D5EF3A3-481F-4B6C-8CC2-DF317D8D095E}] => (Allow) F:\Programme\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{3970E144-323D-4119-BE2E-271A4BD95AF6}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
FirewallRules: [{BC1D3AAD-75E6-4101-8415-9BF5C8FD0DBC}] => (Allow) F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{ACEE974D-F96E-4E74-95FA-A7DFFC634CD4}] => (Allow) F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{D64AF5A7-426C-46E8-B089-0BB43B7A4885}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

12-05-2016 19:33:25 Windows Update
14-05-2016 20:12:21 Installed LogMeIn Hamachi
14-05-2016 20:34:17 Gerätetreiber-Paketinstallation: TAP-Win32 Provider V9 (Tunngle) Netzwerkadapter
22-05-2016 20:25:03 Geplanter Prüfpunkt
29-05-2016 21:12:04 Geplanter Prüfpunkt
30-05-2016 16:51:22 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/30/2016 04:54:57 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005

Error: (05/30/2016 04:44:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2016 04:44:06 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

Error: (05/30/2016 04:29:03 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005

Error: (05/30/2016 04:19:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2016 04:17:56 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

Error: (05/30/2016 04:08:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2016 04:07:21 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

Error: (05/30/2016 03:16:10 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005

Error: (05/30/2016 02:51:05 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005


Systemfehler:
=============
Error: (05/30/2016 04:54:57 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

Error: (05/30/2016 04:51:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/30/2016 04:49:38 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (05/30/2016 04:48:45 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: 

Error: (05/30/2016 04:48:20 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (05/30/2016 04:47:38 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (05/30/2016 04:46:35 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (05/30/2016 04:45:58 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/30/2016 04:44:10 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (05/30/2016 04:44:10 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 8113.17 MB
Verfügbarer physikalischer RAM: 4791.8 MB
Summe virtueller Speicher: 16224.52 MB
Verfügbarer virtueller Speicher: 12408.94 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:230 GB) (Free:152.98 GB) NTFS
Drive f: (Volume) (Fixed) (Total:233.9 GB) (Free:45.01 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 96DBFA8A)
Partition 1: (Active) - (Size=1.9 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=230 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=233.9 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 31.05.2016, 20:09   #9
M-K-D-B
/// TB-Ausbilder
 
Spacekace Ordner im Laufwerk C: entdeckt - Standard

Spacekace Ordner im Laufwerk C: entdeckt



Servus,





Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    ATTFilter
    :regfind
    OpenCandy
    AVG Secure Search
    AVG Security Toolbar
    WindowsMangerProtect
    avg web tuneup
    AVG SafeGuard toolbar
    sweet-page
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.

__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 01.06.2016, 19:06   #10
Pechvogell
 
Spacekace Ordner im Laufwerk C: entdeckt - Standard

Spacekace Ordner im Laufwerk C: entdeckt



Code:
ATTFilter
SystemLook 30.07.11 by jpshortstuff
Log created at 19:57 on 01/06/2016 by Lennart
Administrator - Elevation successful

========== regfind ==========

Searching for "OpenCandy"
No data found.

Searching for "AVG Secure Search"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}]
"AppPath"="C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\3.5.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp]
"FFNativeApi"="C:\Program Files (x86)\Common Files\AVG Secure Search\NativeBrowserApi\3.5.0\\NativeBrowserApi.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp\Initialize\DSP]
"DISPLAY_NAME"="AVG Secure Search"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp\Initialize\HOSTS]
"3"="AVG Secure Search"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}]
"AppPath"="C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\3.5.0"

Searching for "AVG Security Toolbar"
No data found.

Searching for "WindowsMangerProtect"
No data found.

Searching for "avg web tuneup"
[HKEY_CURRENT_USER\Software\AVG Web TuneUp]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp]
"ToolbarPath"="C:\Program Files (x86)\AVG Web TuneUp\3.5.0.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp]
"Uninstall"="C:\Program Files (x86)\AVG Web TuneUp\UNINSTALL.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp]
"TBAPIPath"="C:\Program Files (x86)\AVG Web TuneUp\TBAPI.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp\Initialize\CONFIGXML]
"Installation/DSP/DisplayName"="AVG Web TuneUp"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp\Initialize\General]
"PARTNER_NAME"="AVG Web TuneUp"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp]
"UninstallString"="C:\Program Files (x86)\AVG Web TuneUp\UNINSTALL.exe /PROMPT /UNINSTALL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp]
"DisplayIcon"="C:\Program Files (x86)\AVG Web TuneUp\favicon.ico"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp]
"DisplayName"="AVG Web TuneUp"
[HKEY_USERS\.DEFAULT\Software\AVG Web TuneUp]
[HKEY_USERS\S-1-5-21-3922255045-3176004807-2504715946-1000\Software\AVG Web TuneUp]
[HKEY_USERS\S-1-5-18\Software\AVG Web TuneUp]

Searching for "AVG SafeGuard toolbar"
[HKEY_USERS\.DEFAULT\Software\AVG SafeGuard toolbar]
[HKEY_USERS\S-1-5-18\Software\AVG SafeGuard toolbar]

Searching for "sweet-page"
[HKEY_CURRENT_USER\Software\AVG Web TuneUp\IE]
"Revert_HP"="hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960"
[HKEY_USERS\S-1-5-21-3922255045-3176004807-2504715946-1000\Software\AVG Web TuneUp\IE]
"Revert_HP"="hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960"

Searching for "         "
[HKEY_LOCAL_MACHINE\SOFTWARE\Canon\WIA\Devices\MG6400 series]
"ProductId"="MG6400          "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{03A0E6DA-8AC2-4F24-9346-45736C55FC8D}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{78D8CC82-372F-44e4-B70C-8944DB7BCC24}">
                <Descriptor descriptorID="{ABE23B46-7F9F-495b-B4A9-87F41743727F}"/>
                <Descriptor descriptorID="{4BDB9E0D-53CF-4a28-865F-B315818E7627}"/>
            </Rating>
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{E2681CD6-318A-4935-8275-AF657045C333}">
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{5B39D1B8-ED49-4055-8A47-04B29A579AD6}" ratingID="{60665875-9C7B-4104-8124-C2094BA9A48B}">
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{67463BDA-4620-455B-AEE5-17986581DB0C}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{9DD9B30C-E89F-4d1c-AEC4-174D7432C39B}">
                <Descriptor descriptorID="{1A796A5D-1E25-4862-9443-1550578FF4C4}"/>
                <Descriptor descriptorID="{F8635B3A-C121-480a-9090-31DAA90490D0}"/>
                <Descriptor descriptorID="{E04AAEE8-950C-43c4-B75C-D87736A7FAFD}"/>
            </Rating>
            <Rating ratingSystemID="{1943DF5C-C7D6-44CA-90F1-41181F5CCA0A}" ratingID="{D56B59B2-673E-4039-9155-93BA25030FE5}"/>
            <Rating ratingSystemID="{03CF34A3-D6AA-49CF-8C6C-547ECC507CCF}" ratingID="{D15D23D5-3055-49D2-AD15-4EAFB31FD6E8}"/>
            <Rating ratingSystemID="{48FADB07-3DF2-4B2C-9D01-EEE9FC102290}" ratingID="{36A7E8F4-F659-4B10-9256-A97F2EDCE2F2}"/>
            <Rating ratingSystemID="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"="             <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="1" XmlRenderingType="text" >                 <InitializationParameters>                     <Param Name="PSVersion" Value="2.0"/>                 </InitializationParameters>                 <Resources>                     <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" SupportsOptions="true" ExactMatch="true">                         <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>                         <Capability Type="Shell"/>                     </Resource>                 </Res
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell32]
"ConfigXML"="<PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell32" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="1" XmlRenderingType="text" Architecture="32" >                         <InitializationParameters>                             <Param Name="PSVersion" Value="2.0"/>                         </InitializationParameters>                         <Resources>                             <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" SupportsOptions="true" ExactMatch="true">                                 <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>                                
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SANDISK&PROD_CRUZER&REV_8.02#0774031B5263461A&0#]
"DeviceDesc"="Cruzer          "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SANDISK&PROD_CRUZER&REV_8.02#431843057ED19C94&0#]
"DeviceDesc"="Cruzer          "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SONY&PROD_WALKMAN&REV_1.00#10433F11099566&0#]
"DeviceDesc"="WALKMAN         "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SANDISK&PROD_CRUZER&REV_8.02#0774031B5263461A&0#]
"DeviceDesc"="Cruzer          "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SANDISK&PROD_CRUZER&REV_8.02#431843057ED19C94&0#]
"DeviceDesc"="Cruzer          "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SONY&PROD_WALKMAN&REV_1.00#10433F11099566&0#]
"DeviceDesc"="WALKMAN         "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SANDISK&PROD_CRUZER&REV_8.02#0774031B5263461A&0#]
"DeviceDesc"="Cruzer          "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SANDISK&PROD_CRUZER&REV_8.02#431843057ED19C94&0#]
"DeviceDesc"="Cruzer          "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SONY&PROD_WALKMAN&REV_1.00#10433F11099566&0#]
"DeviceDesc"="WALKMAN         "

-= EOF =-
         

Alt 02.06.2016, 13:51   #11
M-K-D-B
/// TB-Ausbilder
 
Spacekace Ordner im Laufwerk C: entdeckt - Standard

Spacekace Ordner im Laufwerk C: entdeckt



Servus,


wir entfernen die letzten Reste und kontrollieren nochmal alles.



Hinweis: Der Suchlauf mit ESET kann länger dauern.



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
CHR Extension: (AVG Secure Search) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-05-14]
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
DeleteKey: HKEY_CURRENT_USER\Software\AVG Web TuneUp
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp
DeleteKey: HKEY_USERS\.DEFAULT\Software\AVG Web TuneUp
DeleteKey: HKEY_USERS\.DEFAULT\Software\AVG SafeGuard toolbar
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von HitmanPro,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 02.06.2016, 14:33   #12
Pechvogell
 
Spacekace Ordner im Laufwerk C: entdeckt - Standard

Spacekace Ordner im Laufwerk C: entdeckt



Hallo Matthias,

ich wollte dir nur kurz bescheid geben, dass ich nicht weiß, ob ich es in den nächsten 24h schaffe die Schritte durchzuführen und zu antworten. Ich werde es morgen machen, sobald es mir möglich ist.

Alt 02.06.2016, 18:06   #13
M-K-D-B
/// TB-Ausbilder
 
Spacekace Ordner im Laufwerk C: entdeckt - Standard

Spacekace Ordner im Laufwerk C: entdeckt



Ok, danke für die Info.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 04.06.2016, 19:44   #14
Pechvogell
 
Spacekace Ordner im Laufwerk C: entdeckt - Standard

Spacekace Ordner im Laufwerk C: entdeckt



Entschuldige bitte, dass ich erst jetzt antworte, ich habe es nicht früher geschafft. Den ersten Schritt habe ich schon erledigt. Der zweite läuft seit fast 2h und ist bei 42% aber ich wollte mich schon mal melden, nicht dass du denkst von mir kommt nichts mehr.

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016 02
durchgeführt von Lennart (Administrator) auf LENNART-PC (30-05-2016 16:58:50)
Gestartet von C:\Users\Lennart\Desktop
Geladene Profile: Lennart (Verfügbare Profile: Lennart & DefaultAppPool)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(AVM GmbH) F:\Programme\Fritz\PowerlineService.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(TeamViewer GmbH) F:\Programme\Neuer Ordner\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(VMware, Inc.) F:\Programme\VMware\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(LogMeIn Inc.) F:\Programme\Hamachi\hamachi-2.exe
(LogMeIn, Inc.) F:\Programme\Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-23] (NVIDIA Corporation)
HKLM\...\Run: [NetWorx] => F:\Programme\NetWorx\networx.exe [6589136 2014-09-30] (SoftPerfect Research)
HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5212584 2016-02-05] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Run: [appnhost] => C:\Users\Lennart\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Mixesoft Project)
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Run: [GoogleChromeAutoLaunch_88C69AD90AECC9317436C0E3E7328581] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1008280 2016-05-11] (Google Inc.)
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\MountPoints2: {1be94695-f39b-11e3-9d4c-448a5b404961} - E:\Setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175368 2016-01-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [153392 2016-01-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2015 Schnellstart.lnk [2016-04-27]
ShortcutTarget: SOLIDWORKS 2015 Schnellstart.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{25DDDE53-0D5A-434E-81DC-F7399DF727D5}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{25DDDE53-0D5A-434E-81DC-F7399DF727D5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6CE4710C-C961-4160-BA19-D64995371EDF}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-27] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)

FireFox:
========
FF ProfilePath: C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @phonostar.de/phonostar-Player -> F:\Programme\phonostar-Player\npphonostarDetectNP.dll [2015-02-26] ( )
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lennart\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-21] (Unity Technologies ApS)
FF Extension: QuickJava - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-05-22]
FF Extension: JavaScript on-off applet - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\extensions\{54e46280-0211-11e3-b778-0800200c9a66}.xpi [2016-05-22]
FF Extension: Adblock Plus - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-11]
StartMenuInternet: FIREFOX.EXE - F:\Programme\Firefox\firefox.exe

Chrome: 
=======
CHR Session Restore: Profile 1 -> ist aktiviert.
CHR Profile: C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-22]
CHR Extension: (GeoGebra) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2016-05-22]
CHR Extension: (Adblock Plus) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-05-22]
CHR Extension: (Google-Suche) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-05-22]
CHR Extension: (AdBlock) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-22]
CHR Extension: (Google Mail) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Profile: C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Präsentationen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-14]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-05-30]
CHR Extension: (BetterTTV) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-10-09]
CHR Extension: (Google Docs) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-14]
CHR Extension: (Google Drive) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Honey) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-05-19]
CHR Extension: (Google Cast) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-03-24]
CHR Extension: (Adblock Plus) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09]
CHR Extension: (Google-Suche) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tampermonkey) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-04-17]
CHR Extension: (Google Tabellen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-14]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-05-10]
CHR Extension: (Google Docs Offline) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (ReChat for Twitch™) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ipplilmaapjjklilmmaccfemdmhkoacd [2016-03-04]
CHR Extension: (Todoist: To-Do Liste und Aufgabenverwaltung) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2016-03-18]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-03-18]
CHR Extension: (AVG Secure Search) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-05-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Google Mail) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-14]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1443144 2016-02-05] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3260328 2016-02-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301896 2016-02-05] (AVG Technologies CZ, s.r.o.)
R2 AVMPowerlineService; F:\Programme\Fritz\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-05-18] () [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [81408 2016-04-28] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe [68488 2016-04-14] (Google Inc.)
S3 CoordinatorServiceHost; F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [81400 2015-11-11] (Dassault Systèmes SolidWorks Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-23] (NVIDIA Corporation)
R2 Hamachi2Svc; F:\Programme\Hamachi\hamachi-2.exe [2552840 2016-05-06] (LogMeIn Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-21] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-23] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-23] (NVIDIA Corporation)
S3 OpenVPNService; F:\Programme\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1286896 2016-05-19] (Overwolf LTD)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2016-04-27] (SolidWorks) [Datei ist nicht signiert]
R2 TeamViewer9; F:\Programme\Neuer Ordner\TeamViewer_Service.exe [5024576 2014-04-25] (TeamViewer GmbH)
R2 VMAuthdService; F:\Programme\VMware\vmware-authd.exe [86744 2014-06-12] (VMware, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [237536 2015-05-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [369120 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [211936 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [276960 2015-05-18] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-14] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118504 2012-12-19] (Qualcomm Atheros Co., Ltd.)
S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-30] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R1 networx; C:\Windows\System32\drivers\networx.sys [60408 2014-08-01] (NetFilterSDK.com)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-30 16:55 - 2016-05-30 16:55 - 00003718 _____ C:\Users\Lennart\Desktop\JRT.txt
2016-05-30 16:50 - 2016-05-30 16:50 - 01610816 _____ (Malwarebytes) C:\Users\Lennart\Desktop\JRT.exe
2016-05-30 16:50 - 2016-05-30 16:50 - 00004313 _____ C:\Users\Lennart\Desktop\mbamlog.txt
2016-05-30 16:23 - 2016-05-30 16:46 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-30 16:22 - 2016-05-30 16:22 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-05-30 16:22 - 2016-05-30 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-05-30 16:22 - 2016-05-30 16:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-30 16:22 - 2016-05-30 16:22 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-05-30 16:22 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-05-30 16:22 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-30 16:22 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-05-30 16:21 - 2016-05-30 16:21 - 22851472 _____ (Malwarebytes ) C:\Users\Lennart\Desktop\mbam-setup-2.2.1.1043.exe
2016-05-30 15:59 - 2016-05-30 15:59 - 03678272 _____ C:\Users\Lennart\Desktop\AdwCleaner_5.118.exe
2016-05-30 14:49 - 2016-05-30 14:54 - 00235108 _____ C:\TDSSKiller.3.1.0.9_30.05.2016_14.49.28_log.txt
2016-05-30 14:49 - 2016-05-30 14:49 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Lennart\Desktop\tdsskiller.exe
2016-05-30 14:46 - 2016-05-30 14:48 - 00050441 _____ C:\Users\Lennart\Desktop\Addition.txt
2016-05-30 14:44 - 2016-05-30 16:59 - 00023411 _____ C:\Users\Lennart\Desktop\FRST.txt
2016-05-30 14:43 - 2016-05-29 15:53 - 02383872 _____ (Farbar) C:\Users\Lennart\Desktop\FRST64.exe
2016-05-29 15:55 - 2016-05-30 16:58 - 00000000 ____D C:\FRST
2016-05-22 17:22 - 2016-05-22 17:22 - 00003704 _____ C:\Windows\System32\Tasks\Java Platform SE Auto Updater
2016-05-22 17:11 - 2016-05-22 17:26 - 00000000 ____D C:\Users\Lennart\AppData\Local\AvgSetupLog
2016-05-22 14:18 - 2016-05-22 14:18 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\dvdcss
2016-05-21 13:22 - 2016-05-29 17:46 - 00000000 _____ C:\Users\Lennart\AppData\Local\Temptable.xml
2016-05-17 16:40 - 2016-05-17 22:02 - 00032768 _____ C:\Users\Lennart\Desktop\MeA Testat 1b.xls
2016-05-14 21:28 - 2016-05-06 16:29 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-05-14 20:40 - 2016-05-14 20:40 - 00000000 ____D C:\Users\Lennart\AppData\Local\LogMeIn
2016-05-14 20:40 - 2016-05-14 20:40 - 00000000 ____D C:\ProgramData\LogMeIn
2016-05-14 20:32 - 2016-05-14 21:22 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\Tunngle
2016-05-14 20:32 - 2016-05-14 20:32 - 00000000 ____D C:\Users\Lennart\Documents\Tunngle
2016-05-14 20:32 - 2016-04-27 00:49 - 00039464 _____ (Tunngle.net GmbH) C:\Windows\system32\Drivers\tap0901t.sys
2016-05-14 20:13 - 2016-05-30 16:46 - 00000000 ____D C:\Users\Lennart\AppData\Local\LogMeIn Hamachi
2016-05-14 20:13 - 2016-05-14 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-05-14 20:11 - 2016-05-14 20:11 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-05-13 15:24 - 2016-05-13 15:28 - 00000000 ____D C:\Users\Lennart\Documents\OpenRA
2016-05-11 13:59 - 2016-04-23 19:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-11 13:59 - 2016-04-23 18:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-11 13:59 - 2016-04-23 07:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-11 13:59 - 2016-04-23 07:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-11 13:59 - 2016-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-11 13:59 - 2016-04-23 07:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-11 13:59 - 2016-04-23 07:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-11 13:59 - 2016-04-23 06:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-11 13:59 - 2016-04-23 06:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-11 13:59 - 2016-04-23 06:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-11 13:59 - 2016-04-23 06:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-11 13:59 - 2016-04-23 06:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-11 13:59 - 2016-04-23 06:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-11 13:59 - 2016-04-23 06:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-11 13:59 - 2016-04-23 06:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-11 13:59 - 2016-04-23 06:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-11 13:59 - 2016-04-23 06:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-11 13:59 - 2016-04-23 06:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-11 13:59 - 2016-04-23 06:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-11 13:59 - 2016-04-23 06:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-11 13:59 - 2016-04-23 06:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-11 13:59 - 2016-04-23 06:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-11 13:59 - 2016-04-23 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-05-11 13:59 - 2016-04-23 06:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-11 13:59 - 2016-04-23 06:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-11 13:59 - 2016-04-23 06:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-11 13:59 - 2016-04-23 06:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-11 13:59 - 2016-04-23 06:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-05-11 13:59 - 2016-04-23 06:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-05-11 13:59 - 2016-04-23 06:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-11 13:59 - 2016-04-23 06:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-05-11 13:59 - 2016-04-23 06:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-05-11 13:59 - 2016-04-23 06:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-11 13:59 - 2016-04-23 06:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-11 13:59 - 2016-04-23 06:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-11 13:59 - 2016-04-23 06:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-11 13:59 - 2016-04-23 06:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-05-11 13:59 - 2016-04-23 06:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-05-11 13:59 - 2016-04-23 06:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-11 13:59 - 2016-04-23 05:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-05-11 13:59 - 2016-04-23 05:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-11 13:59 - 2016-04-23 05:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-05-11 13:59 - 2016-04-23 05:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-05-11 13:59 - 2016-04-23 05:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-11 13:59 - 2016-04-23 05:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-05-11 13:59 - 2016-04-23 05:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-11 13:59 - 2016-04-23 05:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-05-11 13:59 - 2016-04-23 05:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-05-11 13:59 - 2016-04-23 05:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-05-11 13:59 - 2016-04-23 05:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-05-11 13:59 - 2016-04-23 05:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-11 13:59 - 2016-04-23 05:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-05-11 13:59 - 2016-04-23 05:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-11 13:59 - 2016-04-23 05:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-11 13:59 - 2016-04-23 05:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-11 13:59 - 2016-04-23 05:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-11 13:59 - 2016-04-23 05:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-05-11 13:59 - 2016-04-23 05:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-11 13:59 - 2016-04-23 05:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-11 13:59 - 2016-04-23 05:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-11 13:59 - 2016-04-23 05:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-11 13:59 - 2016-04-23 05:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-11 13:59 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-11 13:59 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-11 13:59 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-11 13:59 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-11 13:59 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-11 13:59 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-11 13:59 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-11 13:59 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-11 13:59 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-11 13:59 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-11 13:59 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-05-11 13:59 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-11 13:59 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-11 13:58 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-11 13:58 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-11 13:58 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-11 13:58 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-11 13:58 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-11 13:58 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-11 13:58 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-11 13:58 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-11 13:58 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-11 13:58 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-11 13:58 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-11 13:58 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-11 13:58 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-11 13:58 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-11 13:58 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-11 13:58 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-11 13:58 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-11 13:58 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-11 13:58 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-11 13:58 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-11 13:58 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-11 13:58 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-11 13:58 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-11 13:58 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-11 13:58 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-06 16:29 - 2016-05-06 16:29 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-30 16:50 - 2010-11-21 08:22 - 00778516 _____ C:\Windows\system32\perfh007.dat
2016-05-30 16:50 - 2010-11-21 08:22 - 00177978 _____ C:\Windows\system32\perfc007.dat
2016-05-30 16:50 - 2009-07-14 07:13 - 01820656 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-30 16:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-30 16:46 - 2015-09-04 20:56 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-05-30 16:46 - 2015-07-05 21:53 - 00000000 __SHD C:\Users\Lennart\IntelGraphicsProfiles
2016-05-30 16:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-05-30 16:44 - 2015-04-02 02:29 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-30 16:44 - 2014-08-09 21:01 - 00000000 ____D C:\ProgramData\VMware
2016-05-30 16:44 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-30 16:43 - 2010-11-21 08:28 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2016-05-30 16:43 - 2009-07-14 06:45 - 00021744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-30 16:43 - 2009-07-14 06:45 - 00021744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-30 16:37 - 2015-12-10 22:19 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA.job
2016-05-30 16:36 - 2015-04-02 02:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-30 16:13 - 2014-05-09 23:53 - 00000000 ____D C:\AdwCleaner
2016-05-30 16:00 - 2014-08-01 12:41 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\vlc
2016-05-30 15:27 - 2014-05-03 17:22 - 00000000 ____D C:\ProgramData\MFAData
2016-05-30 15:16 - 2015-02-28 20:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-29 18:40 - 2016-04-24 14:22 - 00000000 ____D C:\Users\Lennart\AppData\Local\TempSWSicherungsverzeichnis
2016-05-28 13:37 - 2015-12-10 22:19 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core.job
2016-05-27 12:21 - 2016-02-10 14:50 - 00097344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-05-27 12:21 - 2016-02-10 14:49 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-27 12:21 - 2015-12-20 15:57 - 00000000 ____D C:\Users\Lennart\.oracle_jre_usage
2016-05-27 12:21 - 2014-07-19 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-27 12:21 - 2014-05-03 17:44 - 00000000 ____D C:\ProgramData\Oracle
2016-05-26 12:30 - 2015-10-06 18:30 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-05-22 17:26 - 2014-07-22 14:11 - 00000000 ____D C:\ProgramData\AVG
2016-05-22 17:15 - 2014-07-22 14:12 - 00000000 ____D C:\Users\Lennart\AppData\Local\AVG
2016-05-19 22:13 - 2015-12-19 01:19 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-18 08:21 - 2016-04-23 12:56 - 00000000 ____D C:\Users\Lennart\AppData\Local\SolidWorks
2016-05-17 11:58 - 2014-05-03 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-05-15 21:10 - 2015-11-03 19:53 - 00076488 _____ C:\Users\Lennart\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-14 21:33 - 2015-11-04 15:04 - 00309600 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-14 20:11 - 2014-10-20 17:15 - 00000000 ____D C:\Users\Lennart\AppData\Local\Downloaded Installations
2016-05-13 15:38 - 2015-04-02 02:29 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 15:38 - 2015-04-02 02:29 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-13 15:16 - 2015-02-28 20:58 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 15:16 - 2015-02-28 20:58 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 15:16 - 2015-02-28 20:58 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-12 18:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-11 23:09 - 2010-11-21 08:28 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 15:17 - 2014-05-06 13:52 - 00000000 ____D C:\Windows\system32\MRT
2016-05-11 15:03 - 2011-05-25 16:59 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-11 13:32 - 2015-12-10 22:19 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA
2016-05-11 13:32 - 2015-12-10 22:19 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core
2016-05-11 13:31 - 2015-04-02 02:29 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 13:31 - 2015-04-02 02:29 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-10 23:48 - 2014-12-11 10:09 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-10 23:46 - 2015-12-06 21:00 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-05-10 15:32 - 2014-12-25 13:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-05-14 17:34 - 2014-05-14 17:35 - 0000000 _____ () C:\Users\Lennart\AppData\Roaming\27.wav
2014-05-12 16:40 - 2014-05-12 16:51 - 0000198 _____ () C:\Users\Lennart\AppData\Roaming\SpotifyRecorderSettings.ini
2014-05-03 22:07 - 2015-08-22 20:49 - 0007597 _____ () C:\Users\Lennart\AppData\Local\Resmon.ResmonCfg
2016-05-21 13:22 - 2016-05-29 17:46 - 0000000 _____ () C:\Users\Lennart\AppData\Local\Temptable.xml
2014-05-27 15:25 - 2014-05-27 15:25 - 0000000 _____ () C:\Users\Lennart\AppData\Local\{04DBC2F6-A796-49AF-8289-15D0A805295C}
2014-07-14 14:05 - 2014-07-14 14:05 - 0000088 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Lennart\AppData\Local\Temp\GURE23.exe
C:\Users\Lennart\AppData\Local\Temp\libeay32.dll
C:\Users\Lennart\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Lennart\AppData\Local\Temp\msvcr120.dll
C:\Users\Lennart\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Lennart\AppData\Local\Temp\sqlite3.dll
C:\Users\Lennart\AppData\Local\Temp\uninstall.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-28 12:13

==================== Ende von FRST.txt ============================
         

Alt 04.06.2016, 20:29   #15
M-K-D-B
/// TB-Ausbilder
 
Spacekace Ordner im Laufwerk C: entdeckt - Standard

Spacekace Ordner im Laufwerk C: entdeckt



Servus,


Schritt 1 ist ein FRST-Fix, du hast da wohl etwas verwechselt.

Nochmal genau lesen und richtig ausführen.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Antwort

Themen zu Spacekace Ordner im Laufwerk C: entdeckt
.dll, administrator, avg, defender, desktop, dnsapi.dll, explorer, firewall, flash player, helper, mozilla, nvidia, prozesse, realtek, registry, rundll, scan, secure search, services.exe, software, spacekace, stick, svchost.exe, system, temp, udp, uplay, visual c++ 2015, windows, winlogon.exe



Ähnliche Themen: Spacekace Ordner im Laufwerk C: entdeckt


  1. Ordner Spacekace in C: gefunden - was kann ich tun?
    Log-Analyse und Auswertung - 02.05.2016 (11)
  2. Spacekace-Ordner auf meinem PC entdeckt
    Log-Analyse und Auswertung - 04.04.2016 (1)
  3. Spacekace-Ordner
    Plagegeister aller Art und deren Bekämpfung - 10.03.2016 (3)
  4. Spacekace Ordner gefunden
    Lob, Kritik und Wünsche - 15.02.2016 (1)
  5. Spacekace Ordner gefunden
    Plagegeister aller Art und deren Bekämpfung - 14.02.2016 (20)
  6. Spacekace Ordner auf C: gefunden
    Plagegeister aller Art und deren Bekämpfung - 07.01.2016 (7)
  7. Ordner Spacekace auf Laufwerk C
    Plagegeister aller Art und deren Bekämpfung - 02.10.2015 (23)
  8. Spacekace Ordner -was ist das
    Plagegeister aller Art und deren Bekämpfung - 05.09.2015 (11)
  9. Ordner spacekace auf C - Was soll ich tun?
    Plagegeister aller Art und deren Bekämpfung - 20.08.2015 (8)
  10. Ordner Namens SpaceKace auf festplatte C:
    Plagegeister aller Art und deren Bekämpfung - 03.08.2015 (3)
  11. Spacekace Ordner auf Festplatte C gefunden... Virus?
    Plagegeister aller Art und deren Bekämpfung - 30.07.2015 (9)
  12. Win 7/8.1 [Spacekace Ordner aufgetaucht]
    Log-Analyse und Auswertung - 08.07.2015 (24)
  13. Win 7, neuer Ordner Spacekace
    Log-Analyse und Auswertung - 22.06.2015 (16)
  14. Ordner Spacekace mit deliverysystem-log in Laufwerk C / wo kommt der her? Trojaner? Maleware?
    Plagegeister aller Art und deren Bekämpfung - 10.02.2015 (11)
  15. Ordner Spacekace in Laufwerk C
    Log-Analyse und Auswertung - 31.01.2015 (20)
  16. Ordner Spacekace in Laufwerk C
    Plagegeister aller Art und deren Bekämpfung - 12.11.2014 (8)
  17. Ordner Spacekace in Laufwerk C. Gefährlich?
    Plagegeister aller Art und deren Bekämpfung - 08.09.2014 (13)

Zum Thema Spacekace Ordner im Laufwerk C: entdeckt - Hallo, ich habe heute durch Zufall den Ordner "Spacekace" im meinem Laufwerk C: entdeckt. Ich habe etwas gegooglet und bin auf dieses Forum gestoßen. Bin selbst aber Laie und weiß - Spacekace Ordner im Laufwerk C: entdeckt...
Archiv
Du betrachtest: Spacekace Ordner im Laufwerk C: entdeckt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.