| |
| |||||||
Log-Analyse und Auswertung: Spacekace Ordner im Laufwerk C: entdecktWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
29.05.2016, 15:03
| #1 |
 |  Spacekace Ordner im Laufwerk C: entdeckt Hallo, ich habe heute durch Zufall den Ordner "Spacekace" im meinem Laufwerk C: entdeckt. Ich habe etwas gegooglet und bin auf dieses Forum gestoßen. Bin selbst aber Laie und weiß nicht, wie ich den Ordner am Besten wieder los werde. Ich habe bis jetzt aber keine ungewöhnlichen Dinge feststellen können. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016 02
durchgeführt von Lennart (Administrator) auf LENNART-PC (29-05-2016 15:55:41)
Gestartet von F:\Downloads
Geladene Profile: Lennart (Verfügbare Profile: Lennart & DefaultAppPool)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(AVM GmbH) F:\Programme\Fritz\PowerlineService.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(SoftPerfect Research) F:\Programme\NetWorx\networx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mixesoft Project) C:\Users\Lennart\AppData\Local\Mixesoft\AppNHost\appnhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\ToolbarUpdater.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(VMware, Inc.) F:\Programme\VMware\vmware-authd.exe
(Dassault Systèmes SolidWorks Corp.) F:\Uni\Solidworks\SOLIDWORKS\sldworks_fs.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\loggingserver.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(LogMeIn Inc.) F:\Programme\Hamachi\hamachi-2.exe
(LogMeIn, Inc.) F:\Programme\Hamachi\LMIGuardianSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(LogMeIn Inc.) F:\Programme\Hamachi\hamachi-2-ui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(LogMeIn, Inc.) F:\Programme\Hamachi\LMIGuardianSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-23] (NVIDIA Corporation)
HKLM\...\Run: [NetWorx] => F:\Programme\NetWorx\networx.exe [6589136 2014-09-30] (SoftPerfect Research)
HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5212584 2016-02-05] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2569104 2016-01-02] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Run: [appnhost] => C:\Users\Lennart\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Mixesoft Project)
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Run: [GoogleChromeAutoLaunch_88C69AD90AECC9317436C0E3E7328581] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1008280 2016-05-11] (Google Inc.)
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\MountPoints2: {1be94695-f39b-11e3-9d4c-448a5b404961} - E:\Setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175368 2016-01-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [153392 2016-01-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2015 Schnellstart.lnk [2016-04-27]
ShortcutTarget: SOLIDWORKS 2015 Schnellstart.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{25DDDE53-0D5A-434E-81DC-F7399DF727D5}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{25DDDE53-0D5A-434E-81DC-F7399DF727D5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6CE4710C-C961-4160-BA19-D64995371EDF}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-27] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.5.0\ViProtocol.dll [2016-01-02] (AVG Secure Search)
FireFox:
========
FF ProfilePath: C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\3.5.0\\npsitesafety.dll [Keine Datei]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @phonostar.de/phonostar-Player -> F:\Programme\phonostar-Player\npphonostarDetectNP.dll [2015-02-26] ( )
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lennart\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-21] (Unity Technologies ApS)
FF Extension: QuickJava - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-05-22]
FF Extension: JavaScript on-off applet - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\extensions\{54e46280-0211-11e3-b778-0800200c9a66}.xpi [2016-05-22]
FF Extension: Adblock Plus - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-11]
StartMenuInternet: FIREFOX.EXE - F:\Programme\Firefox\firefox.exe
Chrome:
=======
CHR Session Restore: Profile 1 -> ist aktiviert.
CHR Profile: C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-22]
CHR Extension: (GeoGebra) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2016-05-22]
CHR Extension: (Adblock Plus) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-05-22]
CHR Extension: (Google-Suche) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-05-22]
CHR Extension: (AdBlock) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-22]
CHR Extension: (Google Mail) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Profile: C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Präsentationen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-14]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-05-24]
CHR Extension: (BetterTTV) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-10-09]
CHR Extension: (Google Docs) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-14]
CHR Extension: (Google Drive) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Honey) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-05-19]
CHR Extension: (Google Cast) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-03-24]
CHR Extension: (Adblock Plus) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09]
CHR Extension: (Google-Suche) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tampermonkey) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-04-17]
CHR Extension: (Google Tabellen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-14]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-05-10]
CHR Extension: (Google Docs Offline) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (ReChat for Twitch™) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ipplilmaapjjklilmmaccfemdmhkoacd [2016-03-04]
CHR Extension: (Todoist: To-Do Liste und Aufgabenverwaltung) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2016-03-18]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-03-18]
CHR Extension: (AVG Secure Search) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-05-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Google Mail) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-14]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1443144 2016-02-05] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3260328 2016-02-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301896 2016-02-05] (AVG Technologies CZ, s.r.o.)
R2 AVMPowerlineService; F:\Programme\Fritz\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-05-18] () [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [81408 2016-04-28] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe [68488 2016-04-14] (Google Inc.)
S3 CoordinatorServiceHost; F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [81400 2015-11-11] (Dassault Systèmes SolidWorks Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-23] (NVIDIA Corporation)
R2 Hamachi2Svc; F:\Programme\Hamachi\hamachi-2.exe [2552840 2016-05-06] (LogMeIn Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-21] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-23] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-23] (NVIDIA Corporation)
S3 OpenVPNService; F:\Programme\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1286896 2016-05-19] (Overwolf LTD)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2016-04-27] (SolidWorks) [Datei ist nicht signiert]
S2 TeamViewer9; F:\Programme\Neuer Ordner\TeamViewer_Service.exe [5024576 2014-04-25] (TeamViewer GmbH)
R2 VMAuthdService; F:\Programme\VMware\vmware-authd.exe [86744 2014-06-12] (VMware, Inc.)
R2 vToolbarUpdater3.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\ToolbarUpdater.exe [1829776 2016-01-02] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [237536 2015-05-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [369120 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [211936 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [276960 2015-05-18] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-14] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118504 2012-12-19] (Qualcomm Atheros Co., Ltd.)
S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R1 networx; C:\Windows\System32\drivers\networx.sys [60408 2014-08-01] (NetFilterSDK.com)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation )
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-29 15:55 - 2016-05-29 15:55 - 00000000 ____D C:\FRST
2016-05-22 17:22 - 2016-05-22 17:22 - 00003850 _____ C:\Windows\System32\Tasks\Google Update
2016-05-22 17:22 - 2016-05-22 17:22 - 00003704 _____ C:\Windows\System32\Tasks\Java Platform SE Auto Updater
2016-05-22 17:11 - 2016-05-22 17:26 - 00000000 ____D C:\Users\Lennart\AppData\Local\AvgSetupLog
2016-05-22 14:18 - 2016-05-22 14:18 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\dvdcss
2016-05-21 13:22 - 2016-05-28 19:42 - 00000000 _____ C:\Users\Lennart\AppData\Local\Temptable.xml
2016-05-17 16:40 - 2016-05-17 22:02 - 00032768 _____ C:\Users\Lennart\Desktop\MeA Testat 1b.xls
2016-05-14 21:28 - 2016-05-06 16:29 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-05-14 20:40 - 2016-05-14 20:40 - 00000000 ____D C:\Users\Lennart\AppData\Local\LogMeIn
2016-05-14 20:40 - 2016-05-14 20:40 - 00000000 ____D C:\ProgramData\LogMeIn
2016-05-14 20:32 - 2016-05-14 21:22 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\Tunngle
2016-05-14 20:32 - 2016-05-14 20:32 - 00000000 ____D C:\Users\Lennart\Documents\Tunngle
2016-05-14 20:32 - 2016-04-27 00:49 - 00039464 _____ (Tunngle.net GmbH) C:\Windows\system32\Drivers\tap0901t.sys
2016-05-14 20:13 - 2016-05-29 15:47 - 00000000 ____D C:\Users\Lennart\AppData\Local\LogMeIn Hamachi
2016-05-14 20:13 - 2016-05-14 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-05-14 20:11 - 2016-05-14 20:11 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-05-13 15:24 - 2016-05-13 15:28 - 00000000 ____D C:\Users\Lennart\Documents\OpenRA
2016-05-11 13:59 - 2016-04-23 19:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-11 13:59 - 2016-04-23 18:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-11 13:59 - 2016-04-23 07:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-11 13:59 - 2016-04-23 07:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-11 13:59 - 2016-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-11 13:59 - 2016-04-23 07:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-11 13:59 - 2016-04-23 07:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-11 13:59 - 2016-04-23 06:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-11 13:59 - 2016-04-23 06:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-11 13:59 - 2016-04-23 06:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-11 13:59 - 2016-04-23 06:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-11 13:59 - 2016-04-23 06:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-11 13:59 - 2016-04-23 06:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-11 13:59 - 2016-04-23 06:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-11 13:59 - 2016-04-23 06:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-11 13:59 - 2016-04-23 06:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-11 13:59 - 2016-04-23 06:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-11 13:59 - 2016-04-23 06:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-11 13:59 - 2016-04-23 06:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-11 13:59 - 2016-04-23 06:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-11 13:59 - 2016-04-23 06:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-11 13:59 - 2016-04-23 06:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-11 13:59 - 2016-04-23 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-05-11 13:59 - 2016-04-23 06:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-11 13:59 - 2016-04-23 06:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-11 13:59 - 2016-04-23 06:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-11 13:59 - 2016-04-23 06:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-11 13:59 - 2016-04-23 06:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-05-11 13:59 - 2016-04-23 06:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-05-11 13:59 - 2016-04-23 06:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-11 13:59 - 2016-04-23 06:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-05-11 13:59 - 2016-04-23 06:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-05-11 13:59 - 2016-04-23 06:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-11 13:59 - 2016-04-23 06:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-11 13:59 - 2016-04-23 06:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-11 13:59 - 2016-04-23 06:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-11 13:59 - 2016-04-23 06:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-05-11 13:59 - 2016-04-23 06:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-05-11 13:59 - 2016-04-23 06:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-11 13:59 - 2016-04-23 05:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-05-11 13:59 - 2016-04-23 05:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-11 13:59 - 2016-04-23 05:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-05-11 13:59 - 2016-04-23 05:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-05-11 13:59 - 2016-04-23 05:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-11 13:59 - 2016-04-23 05:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-05-11 13:59 - 2016-04-23 05:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-11 13:59 - 2016-04-23 05:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-05-11 13:59 - 2016-04-23 05:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-05-11 13:59 - 2016-04-23 05:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-05-11 13:59 - 2016-04-23 05:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-05-11 13:59 - 2016-04-23 05:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-11 13:59 - 2016-04-23 05:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-05-11 13:59 - 2016-04-23 05:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-11 13:59 - 2016-04-23 05:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-11 13:59 - 2016-04-23 05:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-11 13:59 - 2016-04-23 05:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-11 13:59 - 2016-04-23 05:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-05-11 13:59 - 2016-04-23 05:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-11 13:59 - 2016-04-23 05:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-11 13:59 - 2016-04-23 05:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-11 13:59 - 2016-04-23 05:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-11 13:59 - 2016-04-23 05:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-11 13:59 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-11 13:59 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-11 13:59 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-11 13:59 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-11 13:59 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-11 13:59 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-11 13:59 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-11 13:59 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-11 13:59 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-11 13:59 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-11 13:59 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-05-11 13:59 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-11 13:59 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-11 13:58 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-11 13:58 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-11 13:58 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-11 13:58 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-11 13:58 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-11 13:58 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-11 13:58 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-11 13:58 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-11 13:58 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-11 13:58 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-11 13:58 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-11 13:58 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-11 13:58 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-11 13:58 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-11 13:58 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-11 13:58 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-11 13:58 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-11 13:58 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-11 13:58 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-11 13:58 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-11 13:58 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-11 13:58 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-11 13:58 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-11 13:58 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-11 13:58 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-06 16:29 - 2016-05-06 16:29 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-29 15:47 - 2014-05-03 17:22 - 00000000 ____D C:\ProgramData\MFAData
2016-05-29 15:44 - 2015-09-04 20:56 - 00000436 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-05-29 15:44 - 2015-07-05 21:53 - 00000000 __SHD C:\Users\Lennart\IntelGraphicsProfiles
2016-05-29 15:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-05-29 15:42 - 2014-08-09 21:01 - 00000000 ____D C:\ProgramData\VMware
2016-05-29 15:41 - 2015-04-02 02:29 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-29 15:41 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-29 00:21 - 2014-08-01 12:41 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\vlc
2016-05-29 00:21 - 2009-07-14 06:45 - 00021744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-29 00:21 - 2009-07-14 06:45 - 00021744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-29 00:16 - 2015-02-28 20:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-28 23:37 - 2015-12-10 22:19 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA.job
2016-05-28 23:36 - 2015-04-02 02:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-28 19:55 - 2016-04-24 14:22 - 00000000 ____D C:\Users\Lennart\AppData\Local\TempSWSicherungsverzeichnis
2016-05-28 13:37 - 2015-12-10 22:19 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core.job
2016-05-27 12:21 - 2016-02-10 14:50 - 00097344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-05-27 12:21 - 2016-02-10 14:49 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-27 12:21 - 2015-12-20 15:57 - 00000000 ____D C:\Users\Lennart\.oracle_jre_usage
2016-05-27 12:21 - 2014-07-19 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-27 12:21 - 2014-05-03 17:44 - 00000000 ____D C:\ProgramData\Oracle
2016-05-26 12:30 - 2015-10-06 18:30 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-05-23 00:25 - 2010-11-21 08:22 - 00778516 _____ C:\Windows\system32\perfh007.dat
2016-05-23 00:25 - 2010-11-21 08:22 - 00177978 _____ C:\Windows\system32\perfc007.dat
2016-05-23 00:25 - 2009-07-14 07:13 - 01820656 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-23 00:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-22 17:26 - 2014-07-22 14:11 - 00000000 ____D C:\ProgramData\AVG
2016-05-22 17:15 - 2014-07-22 14:12 - 00000000 ____D C:\Users\Lennart\AppData\Local\AVG
2016-05-19 22:13 - 2015-12-19 01:19 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-18 08:21 - 2016-04-23 12:56 - 00000000 ____D C:\Users\Lennart\AppData\Local\SolidWorks
2016-05-17 11:58 - 2014-05-03 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-05-15 21:10 - 2015-11-03 19:53 - 00076488 _____ C:\Users\Lennart\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-14 21:33 - 2015-11-04 15:04 - 00309600 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-14 20:11 - 2014-10-20 17:15 - 00000000 ____D C:\Users\Lennart\AppData\Local\Downloaded Installations
2016-05-13 15:38 - 2015-04-02 02:29 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 15:38 - 2015-04-02 02:29 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-13 15:16 - 2015-02-28 20:58 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 15:16 - 2015-02-28 20:58 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 15:16 - 2015-02-28 20:58 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-12 18:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-11 23:09 - 2010-11-21 08:28 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 15:17 - 2014-05-06 13:52 - 00000000 ____D C:\Windows\system32\MRT
2016-05-11 15:03 - 2011-05-25 16:59 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-11 13:32 - 2015-12-10 22:19 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA
2016-05-11 13:32 - 2015-12-10 22:19 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core
2016-05-11 13:31 - 2015-04-02 02:29 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 13:31 - 2015-04-02 02:29 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-10 23:48 - 2014-12-11 10:09 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-10 23:46 - 2015-12-06 21:00 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-05-10 15:32 - 2014-12-25 13:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-10-21 23:03 - 2014-10-21 23:03 - 6000640 _____ () C:\Program Files (x86)\GUT1F15.tmp
2014-05-14 17:34 - 2014-05-14 17:35 - 0000000 _____ () C:\Users\Lennart\AppData\Roaming\27.wav
2014-05-12 16:40 - 2014-05-12 16:51 - 0000198 _____ () C:\Users\Lennart\AppData\Roaming\SpotifyRecorderSettings.ini
2014-05-03 22:07 - 2015-08-22 20:49 - 0007597 _____ () C:\Users\Lennart\AppData\Local\Resmon.ResmonCfg
2016-05-21 13:22 - 2016-05-28 19:42 - 0000000 _____ () C:\Users\Lennart\AppData\Local\Temptable.xml
2014-05-27 15:25 - 2014-05-27 15:25 - 0000000 _____ () C:\Users\Lennart\AppData\Local\{04DBC2F6-A796-49AF-8289-15D0A805295C}
2014-07-14 14:05 - 2014-07-14 14:05 - 0000088 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Einige Dateien in TEMP:
====================
C:\Users\Lennart\AppData\Local\Temp\GURE23.exe
C:\Users\Lennart\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Lennart\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Lennart\AppData\Local\Temp\uninstall.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-05-28 12:13
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
durchgeführt von Lennart (2016-05-29 15:56:20)
Gestartet von F:\Downloads
Windows 7 Enterprise Service Pack 1 (X64) (2014-05-03 13:55:49)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3922255045-3176004807-2504715946-500 - Administrator - Disabled)
Gast (S-1-5-21-3922255045-3176004807-2504715946-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3922255045-3176004807-2504715946-1003 - Limited - Enabled)
Lennart (S-1-5-21-3922255045-3176004807-2504715946-1000 - Administrator - Enabled) => C:\Users\Lennart
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: AVG Internet Security 2014 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2014 (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
AppNHost 1.0.5.1 (HKLM-x32\...\{A8CB86C7-CD4C-4C4F-AF6A-33D1CAC63562}) (Version: 1.0.5.1 - Mixesoft Project)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4855 - AVG Technologies)
AVG 2014 (Version: 14.0.4477 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4855 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.5.0.0 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG6400 series Benutzerregistrierung (HKLM-x32\...\Canon MG6400 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG6400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6400_series) (Version: 1.01 - Canon Inc.)
Canon MG6400 series On-screen Manual (HKLM-x32\...\Canon MG6400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 1.9.4.0 - Chip Digital GmbH)
Chrome Remote Desktop Host (HKLM-x32\...\{95EB2FCC-AE0B-40E9-B804-347C6358923B}) (Version: 51.0.2704.7 - Google Inc.)
ChromecastApp (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.4.0.28 - Swiss Academic Software)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FRITZ!Powerline (HKLM-x32\...\{F9C9378B-78D5-4CC0-8683-B7915DFEA9C5}) (Version: 01.00.65 - AVM Berlin)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Gauntlet™ (HKLM-x32\...\Steam App 258970) (Version: - Arrowhead Game Studios)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Golf With Friends (HKLM-x32\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.428 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.428 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version: - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 44.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.1 (x86 de)) (Version: 44.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetWorx 5.3.3 (HKLM\...\NetWorx_is1) (Version: - Softperfect Research)
NVIDIA GeForce Experience 2.9.1.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.35 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenVPN 2.3.6-I601 (HKLM\...\OpenVPN) (Version: 2.3.6-I601 - )
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.94.111.0 - Overwolf Ltd.)
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
phonostar-Player Version 3.03.6 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version: - )
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6914 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - REALTEK Semiconductor Corp.)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 2.2.3.24 - Steppschuh)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.35 - NVIDIA Corporation) Hidden
Sid Meier's Civilization 5 (HKLM-x32\...\Sid Meier's Civilization 5_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)
Skype™ 7.9 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.9.103 - Skype Technologies S.A.)
SleepTimer Ultimate 1.2 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version: - Christian Handorf)
SOLIDWORKS 2015 x64 Edition SP05 (HKLM-x32\...\SolidWorks Installation Manager 20150-40500-1100-100) (Version: 23.5.0.81 - SolidWorks Corporation)
SOLIDWORKS 2015 x64 Edition SP05 (Version: 23.150.81 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2015 x64 German Resources (Version: 23.150.81 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Composer Player 2015 SP05 x64 Edition (Version: 23.50.81 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2015 x64 Edition SP05 (Version: 15.5.0009 - Dassault Systèmes SolidWorks Corp) Hidden
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Spotify (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Spotify) (Version: 1.0.13.108.gcd94e7db - Spotify AB)
Stardew Valley (HKLM-x32\...\Steam App 413150) (Version: - ConcernedApe)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TeamSpeak 3 Client (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\TeamSpeak 3 Client) (Version: 3.0.18.2 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version: - Snowblind Studios)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56 - Ghisler Software GmbH)
Trials Fusion (HKLM-x32\...\Uplay Install 297) (Version: - Ubisoft)
Unity Web Player (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.3 - VMware, Inc)
VMware Player (Version: 6.0.3 - VMware, Inc.) Hidden
VPNAutoconnect (HKLM-x32\...\{8E557F21-99AE-440D-8058-CD8CB3302E13}) (Version: 1.15 - globalip)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version: - Team17 Digital Ltd.)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {2064EADA-C08A-4070-9FEE-9E1726C2812E} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-05-19] (Overwolf LTD)
Task: {2919E08B-DD8E-43C5-9AC5-834FF603585D} - System32\Tasks\{EA827FF7-917C-487A-A77D-4DEB9B3232FF} => pcalua.exe -a "D:\Win8 x86x64\WLAN\AZ_RTL8188CE_8188EE_8723AE_Win8_2007.11.0322.2013\Setup.exe" -d "D:\Win8 x86x64\WLAN\AZ_RTL8188CE_8188EE_8723AE_Win8_2007.11.0322.2013"
Task: {4BE52BCE-C1E2-4F99-ABB9-7F4B7D136FC1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {4CA12898-83C9-4099-A3F9-FA03D633F24C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {61FC2C01-2DFA-42DB-BF41-6319846A2E88} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-02] (Google Inc.)
Task: {6688AE84-AE1A-4CE8-A0E4-6EBB01904CBD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {831BC1F2-4E03-43D8-8070-161BDC8DCC0D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {8B77F6F1-214C-4725-913D-6095B3766DE7} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-05-20] (Oracle Corporation)
Task: {8D57DD65-D390-4FD7-9671-9F7F25CC4BF6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {969F969F-93D2-4F92-9AB1-C27ECDDDF971} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-02] (Google Inc.)
Task: {BBD65F62-EC8D-4BF5-AA8B-E1B29F832850} - System32\Tasks\Google Update => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {DBC97D98-E833-4717-A559-6DC784179D3A} - System32\Tasks\{6BC42E92-18FA-4D75-9D37-65F2C559C28A} => pcalua.exe -a F:\Programme\ShutDownPro\Uninstaller.exe
Task: {F1CAB074-1A14-40F9-A55D-E814A6E842A7} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core.job => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA.job => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-05-03 16:58 - 2016-01-23 05:42 - 00018880 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-03 16:21 - 2016-01-23 03:04 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-06 21:19 - 2013-05-14 11:50 - 00140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2016-01-29 22:26 - 2016-01-23 04:55 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2014-11-27 20:41 - 2014-06-06 16:41 - 00718336 _____ () F:\Programme\NetWorx\sqlite.dll
2015-11-11 13:05 - 2015-11-11 13:05 - 00268280 _____ () F:\Uni\Solidworks\SOLIDWORKS\sldBodyDiffu.dll
2016-01-02 23:22 - 2016-01-02 23:21 - 00168336 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\loggingserver.exe
2014-08-29 17:54 - 2016-01-02 23:21 - 02569104 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2016-05-13 15:38 - 2016-05-11 05:49 - 02224280 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 15:38 - 2016-05-11 05:49 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
2014-05-03 16:16 - 2015-08-09 05:50 - 00404376 _____ () C:\Windows\system32\igfxTray.exe
2016-01-29 22:26 - 2016-01-23 04:55 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-05-03 16:58 - 2016-01-23 05:42 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-06-12 18:22 - 2014-06-12 18:22 - 01261272 _____ () F:\Programme\VMware\libxml2.dll
2016-01-02 23:22 - 2016-01-02 23:21 - 00528272 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\log4cplusU.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lennart\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: bthserv => 3
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GoogleChromeAutoLaunch_88C69AD90AECC9317436C0E3E7328581 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: PDFPrint => F:\Programme\PDF24\pdf24.exe
MSCONFIG\startupreg: phonostar-PlayerTimer => "F:\Programme\phonostar-Player\phonostarTimer.exe"
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Lennart\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{BE866FCA-3264-4768-80BA-CCB5BAFAA33C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6D31F6BC-91EB-4FAE-8091-490E5D286560}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{51D766F7-4258-49B1-A537-836D93A94375}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{43C965FD-5037-4723-9BA1-4DE396F3652D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{E89508D7-489B-4B76-BA0B-1D7D5D7072E0}] => (Allow) C:\Users\Lennart\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{220FA349-F47F-4A27-90F5-9C5DC49446E3}] => (Allow) C:\Users\Lennart\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{B58C9990-3893-4E86-ABD4-BEBDCD524257}] => (Allow) F:\Programme\Steam\Steam.exe
FirewallRules: [{FBF12A09-BFC5-4DA4-86FF-37154A84F617}] => (Allow) F:\Programme\Steam\Steam.exe
FirewallRules: [{292DF4B5-0A80-44A0-BA88-8DFBE94F0A3A}] => (Allow) F:\Spiele\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [{447EA357-10E5-4A33-AE54-6A2731713A42}] => (Allow) F:\Spiele\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [{53264FC7-C236-4A7A-83E1-ADD2B2C92C40}] => (Allow) F:\Programme\Neuer Ordner\TeamViewer_Service.exe
FirewallRules: [{FE15D376-14D3-4D6C-979D-778A952AE62C}] => (Allow) F:\Programme\Neuer Ordner\TeamViewer_Service.exe
FirewallRules: [{77EE8E53-28B7-4D7B-935B-E8D440B48E19}] => (Allow) F:\Spiele\Battlenet\Hearthstone\Hearthstone.exe
FirewallRules: [{6B745F5E-970B-489D-8E78-76D892EC686D}] => (Allow) F:\Spiele\Battlenet\Hearthstone\Hearthstone.exe
FirewallRules: [{DD378677-BBB7-464B-8CB1-B378F479D44D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{5B8B276D-574C-4CFE-8C79-BFAEB2858C74}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{522A670C-D0D1-482B-8E43-2F274F1D5139}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{1E47496D-375C-45E9-BE3C-D4D6D318225B}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{8A27C84F-7D39-4EA6-A37E-0A1CB2C0B598}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{9DEE6FCF-27B3-4568-B2C3-895871FBD05F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{3B03FC34-3754-4525-9DFB-64B03137F596}] => (Allow) F:\Spiele\Battlenet\Diablo III\Diablo III.exe
FirewallRules: [{05032047-41C3-450F-8E93-56500D896F54}] => (Allow) F:\Spiele\Battlenet\Diablo III\Diablo III.exe
FirewallRules: [{8B0AE89D-F5B7-4339-8868-C195BB9A41D4}] => (Allow) F:\Programme\VMware\vmware-authd.exe
FirewallRules: [{FE0E74A6-4909-45D5-ABD1-162B7D97747E}] => (Allow) F:\Programme\VMware\vmware-authd.exe
FirewallRules: [{3F4FD639-8E6E-43E7-81FD-6FDB60D1C579}] => (Allow) F:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{EF9A9114-21B4-485C-924C-7B9A873438CF}] => (Allow) F:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{A0243140-06B6-41B2-8F85-9BA51555301A}] => (Allow) F:\Programme\NetWorx\networx.exe
FirewallRules: [{F249D332-8F91-4DD6-B8F4-BE7C9FB53430}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{375C05C4-DEC8-4E69-82CA-18F74701E42B}] => (Allow) F:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{F55C9D99-21B5-4F25-A486-2E860A9A34A0}] => (Allow) F:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [TCP Query User{16BF7C43-C377-431C-A584-17C796DA1B9D}F:\programme\openvpn\bin\openvpn.exe] => (Block) F:\programme\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{4CC052B1-257F-44CD-A8B2-AF41E018A094}F:\programme\openvpn\bin\openvpn.exe] => (Block) F:\programme\openvpn\bin\openvpn.exe
FirewallRules: [{292FC713-FE36-47E9-9AF0-BC09346BBF4B}] => (Allow) F:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{3738FA5A-D8F7-4160-B806-4C6737E75BF6}] => (Allow) F:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [TCP Query User{97293B85-8829-4372-BF08-E8A2CA4CFF23}C:\users\lennart\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lennart\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8FBD56B8-F800-4F81-9AB1-E5AAD7463924}C:\users\lennart\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lennart\appdata\roaming\spotify\spotify.exe
FirewallRules: [{14D48032-C819-4BD4-9FC4-55508C4729BD}] => (Allow) F:\Programme\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{DAC95C11-94A3-4BF7-9621-2045ED0A0BA1}] => (Allow) F:\Programme\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{CE75AA42-FBC5-48A6-A6A7-E58593809BAA}] => (Allow) F:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{D576B331-7430-4C25-8293-8A028D7EA9FB}] => (Allow) F:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{69C72D52-4596-43C0-914A-69F932D1BA78}] => (Allow) F:\Programme\Firefox\firefox.exe
FirewallRules: [{9D053025-1FC6-4978-894F-F4886E6E3C7F}] => (Allow) F:\Programme\Firefox\firefox.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{740FD91E-E0C1-4962-86B1-3B450BD8AA10}] => (Allow) F:\Programme\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{30E43AD6-460D-4DE0-A67D-BE8F6130E5B3}] => (Allow) F:\Programme\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{648E1615-5AA0-43E9-B092-55901DE6BE20}] => (Allow) F:\Programme\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{1DB2FDA1-79DF-4650-BF2E-BD6B83F01037}] => (Allow) F:\Programme\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{20AF9B64-72C9-4086-A5E1-A58DAFFC624B}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{67EE309E-5F22-49A2-B7CF-86FF60A198F8}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0487729D-A09C-41B4-98A3-4558442DA4CF}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C24443D5-0A91-4748-B049-1AFEBB2A7D65}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{195880AC-A350-4753-8155-2D812B0F1824}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7957764A-1E59-46C9-A496-65D8FCF66CD8}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{803158E8-335C-4A69-9A27-8294F7F2B6E5}] => (Allow) F:\Programme\Steam\SteamApps\common\War in the North\witn.exe
FirewallRules: [{E0158F8C-FA21-4D24-B650-9A9E5A675AE2}] => (Allow) F:\Programme\Steam\SteamApps\common\War in the North\witn.exe
FirewallRules: [{77F4958B-D02A-4F09-9378-4AF44681679F}] => (Allow) F:\Programme\Steam\SteamApps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{167060BC-F4A4-4C1A-8568-62029A4D76B0}] => (Allow) F:\Programme\Steam\SteamApps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{EF3DC89C-9873-460F-882C-5F916DFDF58C}] => (Allow) F:\Spiele\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{2C9D3F98-F993-4B4E-B137-3F974F60087A}] => (Allow) F:\Spiele\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{65131887-B913-41ED-9695-EE625C78BF79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EEB10DE0-E762-44FA-AC13-3860BD2DC8F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8396CD80-F3E7-4826-BC98-467AE4983B1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{533E5471-D6CF-4220-92C0-641F656CE424}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EDEBAB15-ED70-4194-9D90-BE68A7BDA363}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{952E0868-E38B-4666-AE58-61BF531A034C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{C78BE5FC-9F67-4939-B0CE-71E2A9269C01}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{9C2050FD-E221-4927-AFE2-CC6BF892FD49}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{A31C180E-1182-4DDC-AF8F-5CBCED7790D5}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{A0EFA816-32C4-420C-B285-8279D4CD670C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{38443952-5701-4E74-9B96-ECB636D70925}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{3EE2E637-4C43-4845-BC08-E54932BE0FA3}] => (Allow) F:\Programme\Steam\SteamApps\common\Golf With Friends\Golf With Friends.exe
FirewallRules: [{B2CBD638-11AB-4559-8A7D-A0014C0EC21A}] => (Allow) F:\Programme\Steam\SteamApps\common\Golf With Friends\Golf With Friends.exe
FirewallRules: [{327F2BFA-752F-4045-9CDD-8D694528C042}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{001F8689-2BDB-4306-B9F0-6E76C10A1088}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{CBCEAAB9-D1F1-413B-BE44-5E74D48E3C77}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{6478E1D2-0FE6-46A4-B699-B0E9C5BB0E63}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{9CDA1976-6891-404D-BB5E-632425CA09D5}] => (Allow) F:\Programme\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{4D5EF3A3-481F-4B6C-8CC2-DF317D8D095E}] => (Allow) F:\Programme\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{3970E144-323D-4119-BE2E-271A4BD95AF6}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
FirewallRules: [{BC1D3AAD-75E6-4101-8415-9BF5C8FD0DBC}] => (Allow) F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{ACEE974D-F96E-4E74-95FA-A7DFFC634CD4}] => (Allow) F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{D64AF5A7-426C-46E8-B089-0BB43B7A4885}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
10-05-2016 23:48:12 Windows Update
11-05-2016 15:01:15 Windows Update
12-05-2016 19:33:25 Windows Update
14-05-2016 20:12:21 Installed LogMeIn Hamachi
14-05-2016 20:34:17 Gerätetreiber-Paketinstallation: TAP-Win32 Provider V9 (Tunngle) Netzwerkadapter
22-05-2016 20:25:03 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/29/2016 03:54:25 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005
Error: (05/29/2016 03:42:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/29/2016 03:41:14 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (05/28/2016 11:54:45 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005
Error: (05/28/2016 10:54:45 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005
Error: (05/28/2016 10:29:46 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005
Error: (05/28/2016 09:54:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005
Error: (05/28/2016 08:54:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005
Error: (05/28/2016 08:29:44 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005
Error: (05/28/2016 08:20:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (05/29/2016 03:55:35 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/29/2016 03:54:25 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}
Error: (05/29/2016 03:53:46 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/29/2016 03:49:24 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}
Error: (05/29/2016 03:46:53 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/29/2016 03:46:31 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (05/29/2016 03:45:41 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/29/2016 03:45:25 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/29/2016 03:44:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/29/2016 03:44:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 8113.17 MB
Verfügbarer physikalischer RAM: 4800.8 MB
Summe virtueller Speicher: 16224.52 MB
Verfügbarer virtueller Speicher: 12791.57 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:230 GB) (Free:150.8 GB) NTFS
Drive f: (Volume) (Fixed) (Total:233.9 GB) (Free:45.01 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 96DBFA8A)
Partition 1: (Active) - (Size=1.9 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=230 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=233.9 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
30.05.2016, 13:30
| #2 | |
| /// TB-Ausbilder   | Spacekace Ordner im Laufwerk C: entdeckt Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zukünftig bitte beachten: Zitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter. Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
30.05.2016, 14:00
| #3 |
| | Spacekace Ordner im Laufwerk C: entdeckt Hallo Matthias, vielen Dank für Deine Hilfe. Hier die gewünschten Logdateien
__________________Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
durchgeführt von Lennart (2016-05-30 14:46:41)
Gestartet von C:\Users\Lennart\Desktop
Windows 7 Enterprise Service Pack 1 (X64) (2014-05-03 13:55:49)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3922255045-3176004807-2504715946-500 - Administrator - Disabled)
Gast (S-1-5-21-3922255045-3176004807-2504715946-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3922255045-3176004807-2504715946-1003 - Limited - Enabled)
Lennart (S-1-5-21-3922255045-3176004807-2504715946-1000 - Administrator - Enabled) => C:\Users\Lennart
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: AVG Internet Security 2014 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2014 (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
AppNHost 1.0.5.1 (HKLM-x32\...\{A8CB86C7-CD4C-4C4F-AF6A-33D1CAC63562}) (Version: 1.0.5.1 - Mixesoft Project)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4855 - AVG Technologies)
AVG 2014 (Version: 14.0.4477 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4855 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.5.0.0 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG6400 series Benutzerregistrierung (HKLM-x32\...\Canon MG6400 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG6400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6400_series) (Version: 1.01 - Canon Inc.)
Canon MG6400 series On-screen Manual (HKLM-x32\...\Canon MG6400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 1.9.4.0 - Chip Digital GmbH)
Chrome Remote Desktop Host (HKLM-x32\...\{95EB2FCC-AE0B-40E9-B804-347C6358923B}) (Version: 51.0.2704.7 - Google Inc.)
ChromecastApp (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.4.0.28 - Swiss Academic Software)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FRITZ!Powerline (HKLM-x32\...\{F9C9378B-78D5-4CC0-8683-B7915DFEA9C5}) (Version: 01.00.65 - AVM Berlin)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Gauntlet™ (HKLM-x32\...\Steam App 258970) (Version: - Arrowhead Game Studios)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Golf With Friends (HKLM-x32\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.428 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.428 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version: - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 44.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.1 (x86 de)) (Version: 44.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetWorx 5.3.3 (HKLM\...\NetWorx_is1) (Version: - Softperfect Research)
NVIDIA GeForce Experience 2.9.1.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.35 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenVPN 2.3.6-I601 (HKLM\...\OpenVPN) (Version: 2.3.6-I601 - )
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.94.111.0 - Overwolf Ltd.)
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
phonostar-Player Version 3.03.6 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version: - )
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6914 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - REALTEK Semiconductor Corp.)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 2.2.3.24 - Steppschuh)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.35 - NVIDIA Corporation) Hidden
Sid Meier's Civilization 5 (HKLM-x32\...\Sid Meier's Civilization 5_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)
Skype™ 7.9 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.9.103 - Skype Technologies S.A.)
SleepTimer Ultimate 1.2 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version: - Christian Handorf)
SOLIDWORKS 2015 x64 Edition SP05 (HKLM-x32\...\SolidWorks Installation Manager 20150-40500-1100-100) (Version: 23.5.0.81 - SolidWorks Corporation)
SOLIDWORKS 2015 x64 Edition SP05 (Version: 23.150.81 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2015 x64 German Resources (Version: 23.150.81 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Composer Player 2015 SP05 x64 Edition (Version: 23.50.81 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2015 x64 Edition SP05 (Version: 15.5.0009 - Dassault Systèmes SolidWorks Corp) Hidden
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Spotify (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Spotify) (Version: 1.0.13.108.gcd94e7db - Spotify AB)
Stardew Valley (HKLM-x32\...\Steam App 413150) (Version: - ConcernedApe)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TeamSpeak 3 Client (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\TeamSpeak 3 Client) (Version: 3.0.18.2 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version: - Snowblind Studios)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56 - Ghisler Software GmbH)
Trials Fusion (HKLM-x32\...\Uplay Install 297) (Version: - Ubisoft)
Unity Web Player (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.3 - VMware, Inc)
VMware Player (Version: 6.0.3 - VMware, Inc.) Hidden
VPNAutoconnect (HKLM-x32\...\{8E557F21-99AE-440D-8058-CD8CB3302E13}) (Version: 1.15 - globalip)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version: - Team17 Digital Ltd.)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {2064EADA-C08A-4070-9FEE-9E1726C2812E} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-05-19] (Overwolf LTD)
Task: {2919E08B-DD8E-43C5-9AC5-834FF603585D} - System32\Tasks\{EA827FF7-917C-487A-A77D-4DEB9B3232FF} => pcalua.exe -a "D:\Win8 x86x64\WLAN\AZ_RTL8188CE_8188EE_8723AE_Win8_2007.11.0322.2013\Setup.exe" -d "D:\Win8 x86x64\WLAN\AZ_RTL8188CE_8188EE_8723AE_Win8_2007.11.0322.2013"
Task: {4BE52BCE-C1E2-4F99-ABB9-7F4B7D136FC1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {4CA12898-83C9-4099-A3F9-FA03D633F24C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {61FC2C01-2DFA-42DB-BF41-6319846A2E88} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-02] (Google Inc.)
Task: {6688AE84-AE1A-4CE8-A0E4-6EBB01904CBD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {831BC1F2-4E03-43D8-8070-161BDC8DCC0D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {8B77F6F1-214C-4725-913D-6095B3766DE7} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-05-20] (Oracle Corporation)
Task: {8D57DD65-D390-4FD7-9671-9F7F25CC4BF6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {969F969F-93D2-4F92-9AB1-C27ECDDDF971} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-02] (Google Inc.)
Task: {BBD65F62-EC8D-4BF5-AA8B-E1B29F832850} - System32\Tasks\Google Update => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {DBC97D98-E833-4717-A559-6DC784179D3A} - System32\Tasks\{6BC42E92-18FA-4D75-9D37-65F2C559C28A} => pcalua.exe -a F:\Programme\ShutDownPro\Uninstaller.exe
Task: {F1CAB074-1A14-40F9-A55D-E814A6E842A7} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core.job => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA.job => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-05-03 16:58 - 2016-01-23 05:42 - 00018880 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-03 16:21 - 2016-01-23 03:04 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-03 17:33 - 2009-12-12 15:12 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2014-11-27 20:41 - 2014-06-06 16:41 - 00718336 _____ () F:\Programme\NetWorx\sqlite.dll
2015-11-11 13:05 - 2015-11-11 13:05 - 00268280 _____ () F:\Uni\Solidworks\SOLIDWORKS\sldBodyDiffu.dll
2014-08-29 17:54 - 2016-01-02 23:21 - 02569104 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2016-05-13 15:38 - 2016-05-11 05:49 - 02224280 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 15:38 - 2016-05-11 05:49 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
2015-12-06 21:19 - 2013-05-14 11:50 - 00140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2016-01-29 22:26 - 2016-01-23 04:55 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-01-02 23:22 - 2016-01-02 23:21 - 00168336 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\loggingserver.exe
2014-09-23 00:05 - 2014-09-23 00:05 - 00121875 _____ () F:\Programme\VLC\libvlc.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 02525203 _____ () F:\Programme\VLC\libvlccore.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00079379 _____ () F:\Programme\VLC\libgcc_s_seh-1.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00145427 _____ () F:\Programme\VLC\plugins\access\libdshow_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00980499 _____ () F:\Programme\VLC\libstdc++-6.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00031251 _____ () F:\Programme\VLC\plugins\audio_output\libdirectsound_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00034323 _____ () F:\Programme\VLC\plugins\audio_output\libwaveout_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00070675 _____ () F:\Programme\VLC\plugins\video_output\libdirectdraw_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 02380307 _____ () F:\Programme\VLC\plugins\access\liblibbluray_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00107027 _____ () F:\Programme\VLC\plugins\access\libaccess_bd_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00264211 _____ () F:\Programme\VLC\plugins\access\libdvdnav_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00081427 _____ () F:\Programme\VLC\plugins\access\libaccess_vdr_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00050707 _____ () F:\Programme\VLC\plugins\access\libfilesystem_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00064531 _____ () F:\Programme\VLC\plugins\stream_filter\libsmooth_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00609299 _____ () F:\Programme\VLC\plugins\stream_filter\libhttplive_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00151059 _____ () F:\Programme\VLC\plugins\stream_filter\libdash_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00125459 _____ () F:\Programme\VLC\plugins\access\libzip_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00044051 _____ () F:\Programme\VLC\plugins\access\libstream_filter_rar_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00017939 _____ () F:\Programme\VLC\plugins\stream_filter\librecord_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00140819 _____ () F:\Programme\VLC\plugins\demux\libplaylist_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00984083 _____ () F:\Programme\VLC\plugins\meta_engine\libtaglib_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00318995 _____ () F:\Programme\VLC\plugins\lua\liblua_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 01474067 _____ () F:\Programme\VLC\plugins\misc\libxml_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00190995 _____ () F:\Programme\VLC\plugins\demux\libmp4_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00058387 _____ () F:\Programme\VLC\plugins\control\libhotkeys_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00092179 _____ () F:\Programme\VLC\plugins\demux\libavi_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00043027 _____ () F:\Programme\VLC\plugins\control\libglobalhotkeys_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00071699 _____ () F:\Programme\VLC\plugins\demux\libasf_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00081939 _____ () F:\Programme\VLC\plugins\demux\libflacsys_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00028691 _____ () F:\Programme\VLC\plugins\demux\libes_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 11667987 _____ () F:\Programme\VLC\plugins\gui\libqt4_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00085523 _____ () F:\Programme\VLC\plugins\demux\libmpc_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00019475 _____ () F:\Programme\VLC\plugins\demux\libtta_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00025619 _____ () F:\Programme\VLC\plugins\demux\libnuv_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00024595 _____ () F:\Programme\VLC\plugins\demux\libwav_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00428563 _____ () F:\Programme\VLC\plugins\demux\libsid_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00126995 _____ () F:\Programme\VLC\plugins\services_discovery\libsap_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00153107 _____ () F:\Programme\VLC\plugins\demux\libogg_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00731155 _____ () F:\Programme\VLC\plugins\demux\libmkv_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00018451 _____ () F:\Programme\VLC\plugins\demux\libdirac_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00646675 _____ () F:\Programme\VLC\plugins\access\liblive555_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00023059 _____ () F:\Programme\VLC\plugins\demux\libsmf_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00021523 _____ () F:\Programme\VLC\plugins\demux\libpva_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00018451 _____ () F:\Programme\VLC\plugins\demux\libxa_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00019475 _____ () F:\Programme\VLC\plugins\demux\libaiff_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00021011 _____ () F:\Programme\VLC\plugins\demux\libvoc_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00018451 _____ () F:\Programme\VLC\plugins\demux\libau_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00374291 _____ () F:\Programme\VLC\plugins\demux\libgme_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00040979 _____ () F:\Programme\VLC\plugins\meta_engine\libfolder_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00300563 _____ () F:\Programme\VLC\plugins\services_discovery\libupnp_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00024595 _____ () F:\Programme\VLC\plugins\services_discovery\libpodcast_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00021523 _____ () F:\Programme\VLC\plugins\services_discovery\libmediadirs_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00018451 _____ () F:\Programme\VLC\plugins\services_discovery\libwindrive_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00124435 _____ () F:\Programme\VLC\plugins\access\libaccess_http_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00330771 _____ () F:\Programme\VLC\plugins\codec\libtheora_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00019987 _____ () F:\Programme\VLC\plugins\codec\librawvideo_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00190995 _____ () F:\Programme\VLC\plugins\codec\libspeex_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00833043 _____ () F:\Programme\VLC\plugins\codec\libvorbis_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00019475 _____ () F:\Programme\VLC\plugins\codec\libaes3_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00025619 _____ () F:\Programme\VLC\plugins\codec\liblpcm_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00024595 _____ () F:\Programme\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00035859 _____ () F:\Programme\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00024595 _____ () F:\Programme\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00072723 _____ () F:\Programme\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00341523 _____ () F:\Programme\VLC\plugins\codec\libpng_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00022035 _____ () F:\Programme\VLC\plugins\codec\libcdg_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 01526803 _____ () F:\Programme\VLC\plugins\codec\libschroedinger_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00023571 _____ () F:\Programme\VLC\plugins\codec\libdts_plugin.dll
2014-09-23 00:05 - 2014-09-23 00:05 - 00417811 _____ () F:\Programme\VLC\plugins\codec\libfaad_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00017427 _____ () F:\Programme\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 00022547 _____ () F:\Programme\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2014-09-23 00:06 - 2014-09-23 00:06 - 01506323 _____ () F:\Programme\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2014-05-03 16:16 - 2015-08-09 05:50 - 00404376 _____ () C:\Windows\system32\igfxTray.exe
2016-01-29 22:26 - 2016-01-23 04:55 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-05-03 16:58 - 2016-01-23 05:42 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2016-01-02 23:22 - 2016-01-02 23:21 - 00528272 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\log4cplusU.dll
2014-06-12 18:22 - 2014-06-12 18:22 - 01261272 _____ () F:\Programme\VMware\libxml2.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lennart\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: bthserv => 3
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GoogleChromeAutoLaunch_88C69AD90AECC9317436C0E3E7328581 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: PDFPrint => F:\Programme\PDF24\pdf24.exe
MSCONFIG\startupreg: phonostar-PlayerTimer => "F:\Programme\phonostar-Player\phonostarTimer.exe"
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Lennart\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{BE866FCA-3264-4768-80BA-CCB5BAFAA33C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6D31F6BC-91EB-4FAE-8091-490E5D286560}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{51D766F7-4258-49B1-A537-836D93A94375}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{43C965FD-5037-4723-9BA1-4DE396F3652D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{E89508D7-489B-4B76-BA0B-1D7D5D7072E0}] => (Allow) C:\Users\Lennart\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{220FA349-F47F-4A27-90F5-9C5DC49446E3}] => (Allow) C:\Users\Lennart\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{B58C9990-3893-4E86-ABD4-BEBDCD524257}] => (Allow) F:\Programme\Steam\Steam.exe
FirewallRules: [{FBF12A09-BFC5-4DA4-86FF-37154A84F617}] => (Allow) F:\Programme\Steam\Steam.exe
FirewallRules: [{292DF4B5-0A80-44A0-BA88-8DFBE94F0A3A}] => (Allow) F:\Spiele\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [{447EA357-10E5-4A33-AE54-6A2731713A42}] => (Allow) F:\Spiele\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [{53264FC7-C236-4A7A-83E1-ADD2B2C92C40}] => (Allow) F:\Programme\Neuer Ordner\TeamViewer_Service.exe
FirewallRules: [{FE15D376-14D3-4D6C-979D-778A952AE62C}] => (Allow) F:\Programme\Neuer Ordner\TeamViewer_Service.exe
FirewallRules: [{77EE8E53-28B7-4D7B-935B-E8D440B48E19}] => (Allow) F:\Spiele\Battlenet\Hearthstone\Hearthstone.exe
FirewallRules: [{6B745F5E-970B-489D-8E78-76D892EC686D}] => (Allow) F:\Spiele\Battlenet\Hearthstone\Hearthstone.exe
FirewallRules: [{DD378677-BBB7-464B-8CB1-B378F479D44D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{5B8B276D-574C-4CFE-8C79-BFAEB2858C74}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{522A670C-D0D1-482B-8E43-2F274F1D5139}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{1E47496D-375C-45E9-BE3C-D4D6D318225B}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{8A27C84F-7D39-4EA6-A37E-0A1CB2C0B598}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{9DEE6FCF-27B3-4568-B2C3-895871FBD05F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{3B03FC34-3754-4525-9DFB-64B03137F596}] => (Allow) F:\Spiele\Battlenet\Diablo III\Diablo III.exe
FirewallRules: [{05032047-41C3-450F-8E93-56500D896F54}] => (Allow) F:\Spiele\Battlenet\Diablo III\Diablo III.exe
FirewallRules: [{8B0AE89D-F5B7-4339-8868-C195BB9A41D4}] => (Allow) F:\Programme\VMware\vmware-authd.exe
FirewallRules: [{FE0E74A6-4909-45D5-ABD1-162B7D97747E}] => (Allow) F:\Programme\VMware\vmware-authd.exe
FirewallRules: [{3F4FD639-8E6E-43E7-81FD-6FDB60D1C579}] => (Allow) F:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{EF9A9114-21B4-485C-924C-7B9A873438CF}] => (Allow) F:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{A0243140-06B6-41B2-8F85-9BA51555301A}] => (Allow) F:\Programme\NetWorx\networx.exe
FirewallRules: [{F249D332-8F91-4DD6-B8F4-BE7C9FB53430}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{375C05C4-DEC8-4E69-82CA-18F74701E42B}] => (Allow) F:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{F55C9D99-21B5-4F25-A486-2E860A9A34A0}] => (Allow) F:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [TCP Query User{16BF7C43-C377-431C-A584-17C796DA1B9D}F:\programme\openvpn\bin\openvpn.exe] => (Block) F:\programme\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{4CC052B1-257F-44CD-A8B2-AF41E018A094}F:\programme\openvpn\bin\openvpn.exe] => (Block) F:\programme\openvpn\bin\openvpn.exe
FirewallRules: [{292FC713-FE36-47E9-9AF0-BC09346BBF4B}] => (Allow) F:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{3738FA5A-D8F7-4160-B806-4C6737E75BF6}] => (Allow) F:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [TCP Query User{97293B85-8829-4372-BF08-E8A2CA4CFF23}C:\users\lennart\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lennart\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8FBD56B8-F800-4F81-9AB1-E5AAD7463924}C:\users\lennart\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lennart\appdata\roaming\spotify\spotify.exe
FirewallRules: [{14D48032-C819-4BD4-9FC4-55508C4729BD}] => (Allow) F:\Programme\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{DAC95C11-94A3-4BF7-9621-2045ED0A0BA1}] => (Allow) F:\Programme\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{CE75AA42-FBC5-48A6-A6A7-E58593809BAA}] => (Allow) F:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{D576B331-7430-4C25-8293-8A028D7EA9FB}] => (Allow) F:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{69C72D52-4596-43C0-914A-69F932D1BA78}] => (Allow) F:\Programme\Firefox\firefox.exe
FirewallRules: [{9D053025-1FC6-4978-894F-F4886E6E3C7F}] => (Allow) F:\Programme\Firefox\firefox.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{740FD91E-E0C1-4962-86B1-3B450BD8AA10}] => (Allow) F:\Programme\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{30E43AD6-460D-4DE0-A67D-BE8F6130E5B3}] => (Allow) F:\Programme\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{648E1615-5AA0-43E9-B092-55901DE6BE20}] => (Allow) F:\Programme\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{1DB2FDA1-79DF-4650-BF2E-BD6B83F01037}] => (Allow) F:\Programme\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{20AF9B64-72C9-4086-A5E1-A58DAFFC624B}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{67EE309E-5F22-49A2-B7CF-86FF60A198F8}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0487729D-A09C-41B4-98A3-4558442DA4CF}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C24443D5-0A91-4748-B049-1AFEBB2A7D65}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{195880AC-A350-4753-8155-2D812B0F1824}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7957764A-1E59-46C9-A496-65D8FCF66CD8}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{803158E8-335C-4A69-9A27-8294F7F2B6E5}] => (Allow) F:\Programme\Steam\SteamApps\common\War in the North\witn.exe
FirewallRules: [{E0158F8C-FA21-4D24-B650-9A9E5A675AE2}] => (Allow) F:\Programme\Steam\SteamApps\common\War in the North\witn.exe
FirewallRules: [{77F4958B-D02A-4F09-9378-4AF44681679F}] => (Allow) F:\Programme\Steam\SteamApps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{167060BC-F4A4-4C1A-8568-62029A4D76B0}] => (Allow) F:\Programme\Steam\SteamApps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{EF3DC89C-9873-460F-882C-5F916DFDF58C}] => (Allow) F:\Spiele\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{2C9D3F98-F993-4B4E-B137-3F974F60087A}] => (Allow) F:\Spiele\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{65131887-B913-41ED-9695-EE625C78BF79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EEB10DE0-E762-44FA-AC13-3860BD2DC8F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8396CD80-F3E7-4826-BC98-467AE4983B1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{533E5471-D6CF-4220-92C0-641F656CE424}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EDEBAB15-ED70-4194-9D90-BE68A7BDA363}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{952E0868-E38B-4666-AE58-61BF531A034C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{C78BE5FC-9F67-4939-B0CE-71E2A9269C01}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{9C2050FD-E221-4927-AFE2-CC6BF892FD49}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{A31C180E-1182-4DDC-AF8F-5CBCED7790D5}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{A0EFA816-32C4-420C-B285-8279D4CD670C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{38443952-5701-4E74-9B96-ECB636D70925}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{3EE2E637-4C43-4845-BC08-E54932BE0FA3}] => (Allow) F:\Programme\Steam\SteamApps\common\Golf With Friends\Golf With Friends.exe
FirewallRules: [{B2CBD638-11AB-4559-8A7D-A0014C0EC21A}] => (Allow) F:\Programme\Steam\SteamApps\common\Golf With Friends\Golf With Friends.exe
FirewallRules: [{327F2BFA-752F-4045-9CDD-8D694528C042}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{001F8689-2BDB-4306-B9F0-6E76C10A1088}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{CBCEAAB9-D1F1-413B-BE44-5E74D48E3C77}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{6478E1D2-0FE6-46A4-B699-B0E9C5BB0E63}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{9CDA1976-6891-404D-BB5E-632425CA09D5}] => (Allow) F:\Programme\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{4D5EF3A3-481F-4B6C-8CC2-DF317D8D095E}] => (Allow) F:\Programme\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{3970E144-323D-4119-BE2E-271A4BD95AF6}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
FirewallRules: [{BC1D3AAD-75E6-4101-8415-9BF5C8FD0DBC}] => (Allow) F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{ACEE974D-F96E-4E74-95FA-A7DFFC634CD4}] => (Allow) F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{D64AF5A7-426C-46E8-B089-0BB43B7A4885}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
12-05-2016 19:33:25 Windows Update
14-05-2016 20:12:21 Installed LogMeIn Hamachi
14-05-2016 20:34:17 Gerätetreiber-Paketinstallation: TAP-Win32 Provider V9 (Tunngle) Netzwerkadapter
22-05-2016 20:25:03 Geplanter Prüfpunkt
29-05-2016 21:12:04 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/30/2016 02:38:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/30/2016 02:36:15 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (05/30/2016 12:29:01 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005
Error: (05/30/2016 12:03:55 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005
Error: (05/29/2016 11:52:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/29/2016 11:51:12 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (05/29/2016 11:19:28 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005
Error: (05/29/2016 10:19:28 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005
Error: (05/29/2016 09:54:31 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005
Error: (05/29/2016 09:19:28 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005
Systemfehler:
=============
Error: (05/30/2016 02:46:04 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}
Error: (05/30/2016 02:45:34 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/30/2016 02:44:37 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (05/30/2016 02:43:08 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (05/30/2016 02:42:45 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/30/2016 02:40:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Gatewaydienst auf Anwendungsebene" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/30/2016 02:40:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Gatewaydienst auf Anwendungsebene erreicht.
Error: (05/30/2016 02:39:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (05/30/2016 02:37:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NVIDIA GeForce Experience Service erreicht.
Error: (05/30/2016 02:36:25 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 51%
Installierter physikalischer RAM: 8113.17 MB
Verfügbarer physikalischer RAM: 3897.37 MB
Summe virtueller Speicher: 16224.52 MB
Verfügbarer virtueller Speicher: 12147.05 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:230 GB) (Free:153.74 GB) NTFS
Drive f: (Volume) (Fixed) (Total:233.9 GB) (Free:45.01 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 96DBFA8A)
Partition 1: (Active) - (Size=1.9 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=230 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=233.9 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016 02
durchgeführt von Lennart (Administrator) auf LENNART-PC (30-05-2016 14:44:00)
Gestartet von C:\Users\Lennart\Desktop
Geladene Profile: Lennart (Verfügbare Profile: Lennart & DefaultAppPool)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(AVM GmbH) F:\Programme\Fritz\PowerlineService.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(SoftPerfect Research) F:\Programme\NetWorx\networx.exe
(Mixesoft Project) C:\Users\Lennart\AppData\Local\Mixesoft\AppNHost\appnhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dassault Systèmes SolidWorks Corp.) F:\Uni\Solidworks\SOLIDWORKS\sldworks_fs.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(TeamViewer GmbH) F:\Programme\Neuer Ordner\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\ToolbarUpdater.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\loggingserver.exe
(VMware, Inc.) F:\Programme\VMware\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(LogMeIn Inc.) F:\Programme\Hamachi\hamachi-2.exe
(LogMeIn, Inc.) F:\Programme\Hamachi\LMIGuardianSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(LogMeIn Inc.) F:\Programme\Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) F:\Programme\Hamachi\LMIGuardianSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(VideoLAN) F:\Programme\VLC\vlc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Ghisler Software GmbH) F:\Programme\totalcmd\TOTALCMD.EXE
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-23] (NVIDIA Corporation)
HKLM\...\Run: [NetWorx] => F:\Programme\NetWorx\networx.exe [6589136 2014-09-30] (SoftPerfect Research)
HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5212584 2016-02-05] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2569104 2016-01-02] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Run: [appnhost] => C:\Users\Lennart\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Mixesoft Project)
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Run: [GoogleChromeAutoLaunch_88C69AD90AECC9317436C0E3E7328581] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1008280 2016-05-11] (Google Inc.)
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\MountPoints2: {1be94695-f39b-11e3-9d4c-448a5b404961} - E:\Setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175368 2016-01-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [153392 2016-01-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2015 Schnellstart.lnk [2016-04-27]
ShortcutTarget: SOLIDWORKS 2015 Schnellstart.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{25DDDE53-0D5A-434E-81DC-F7399DF727D5}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{25DDDE53-0D5A-434E-81DC-F7399DF727D5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6CE4710C-C961-4160-BA19-D64995371EDF}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960&q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-27] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.5.0\ViProtocol.dll [2016-01-02] (AVG Secure Search)
FireFox:
========
FF ProfilePath: C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\3.5.0\\npsitesafety.dll [Keine Datei]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @phonostar.de/phonostar-Player -> F:\Programme\phonostar-Player\npphonostarDetectNP.dll [2015-02-26] ( )
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lennart\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-21] (Unity Technologies ApS)
FF Extension: QuickJava - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-05-22]
FF Extension: JavaScript on-off applet - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\extensions\{54e46280-0211-11e3-b778-0800200c9a66}.xpi [2016-05-22]
FF Extension: Adblock Plus - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-11]
StartMenuInternet: FIREFOX.EXE - F:\Programme\Firefox\firefox.exe
Chrome:
=======
CHR Session Restore: Profile 1 -> ist aktiviert.
CHR Profile: C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-22]
CHR Extension: (GeoGebra) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2016-05-22]
CHR Extension: (Adblock Plus) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-05-22]
CHR Extension: (Google-Suche) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-05-22]
CHR Extension: (AdBlock) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-22]
CHR Extension: (Google Mail) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Profile: C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Präsentationen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-14]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-05-24]
CHR Extension: (BetterTTV) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-10-09]
CHR Extension: (Google Docs) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-14]
CHR Extension: (Google Drive) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Honey) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-05-19]
CHR Extension: (Google Cast) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-03-24]
CHR Extension: (Adblock Plus) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09]
CHR Extension: (Google-Suche) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tampermonkey) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-04-17]
CHR Extension: (Google Tabellen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-14]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-05-10]
CHR Extension: (Google Docs Offline) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (ReChat for Twitch™) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ipplilmaapjjklilmmaccfemdmhkoacd [2016-03-04]
CHR Extension: (Todoist: To-Do Liste und Aufgabenverwaltung) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2016-03-18]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-03-18]
CHR Extension: (AVG Secure Search) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-05-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Google Mail) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-14]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1443144 2016-02-05] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3260328 2016-02-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301896 2016-02-05] (AVG Technologies CZ, s.r.o.)
R2 AVMPowerlineService; F:\Programme\Fritz\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-05-18] () [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [81408 2016-04-28] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe [68488 2016-04-14] (Google Inc.)
S3 CoordinatorServiceHost; F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [81400 2015-11-11] (Dassault Systèmes SolidWorks Corporation)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-23] (NVIDIA Corporation)
R2 Hamachi2Svc; F:\Programme\Hamachi\hamachi-2.exe [2552840 2016-05-06] (LogMeIn Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-21] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-23] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-23] (NVIDIA Corporation)
S3 OpenVPNService; F:\Programme\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1286896 2016-05-19] (Overwolf LTD)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2016-04-27] (SolidWorks) [Datei ist nicht signiert]
R2 TeamViewer9; F:\Programme\Neuer Ordner\TeamViewer_Service.exe [5024576 2014-04-25] (TeamViewer GmbH)
R2 VMAuthdService; F:\Programme\VMware\vmware-authd.exe [86744 2014-06-12] (VMware, Inc.)
R2 vToolbarUpdater3.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\ToolbarUpdater.exe [1829776 2016-01-02] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [237536 2015-05-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [369120 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [211936 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [276960 2015-05-18] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-14] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118504 2012-12-19] (Qualcomm Atheros Co., Ltd.)
S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R1 networx; C:\Windows\System32\drivers\networx.sys [60408 2014-08-01] (NetFilterSDK.com)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation )
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-30 14:44 - 2016-05-30 14:45 - 00027287 _____ C:\Users\Lennart\Desktop\FRST.txt
2016-05-30 14:43 - 2016-05-29 15:53 - 02383872 _____ (Farbar) C:\Users\Lennart\Desktop\FRST64.exe
2016-05-29 15:55 - 2016-05-30 14:44 - 00000000 ____D C:\FRST
2016-05-22 17:22 - 2016-05-22 17:22 - 00003850 _____ C:\Windows\System32\Tasks\Google Update
2016-05-22 17:22 - 2016-05-22 17:22 - 00003704 _____ C:\Windows\System32\Tasks\Java Platform SE Auto Updater
2016-05-22 17:11 - 2016-05-22 17:26 - 00000000 ____D C:\Users\Lennart\AppData\Local\AvgSetupLog
2016-05-22 14:18 - 2016-05-22 14:18 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\dvdcss
2016-05-21 13:22 - 2016-05-29 17:46 - 00000000 _____ C:\Users\Lennart\AppData\Local\Temptable.xml
2016-05-17 16:40 - 2016-05-17 22:02 - 00032768 _____ C:\Users\Lennart\Desktop\MeA Testat 1b.xls
2016-05-14 21:28 - 2016-05-06 16:29 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-05-14 20:40 - 2016-05-14 20:40 - 00000000 ____D C:\Users\Lennart\AppData\Local\LogMeIn
2016-05-14 20:40 - 2016-05-14 20:40 - 00000000 ____D C:\ProgramData\LogMeIn
2016-05-14 20:32 - 2016-05-14 21:22 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\Tunngle
2016-05-14 20:32 - 2016-05-14 20:32 - 00000000 ____D C:\Users\Lennart\Documents\Tunngle
2016-05-14 20:32 - 2016-04-27 00:49 - 00039464 _____ (Tunngle.net GmbH) C:\Windows\system32\Drivers\tap0901t.sys
2016-05-14 20:13 - 2016-05-30 14:39 - 00000000 ____D C:\Users\Lennart\AppData\Local\LogMeIn Hamachi
2016-05-14 20:13 - 2016-05-14 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-05-14 20:11 - 2016-05-14 20:11 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-05-13 15:24 - 2016-05-13 15:28 - 00000000 ____D C:\Users\Lennart\Documents\OpenRA
2016-05-11 13:59 - 2016-04-23 19:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-11 13:59 - 2016-04-23 18:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-11 13:59 - 2016-04-23 07:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-11 13:59 - 2016-04-23 07:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-11 13:59 - 2016-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-11 13:59 - 2016-04-23 07:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-11 13:59 - 2016-04-23 07:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-11 13:59 - 2016-04-23 07:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-11 13:59 - 2016-04-23 06:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-11 13:59 - 2016-04-23 06:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-11 13:59 - 2016-04-23 06:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-11 13:59 - 2016-04-23 06:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-11 13:59 - 2016-04-23 06:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-11 13:59 - 2016-04-23 06:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-11 13:59 - 2016-04-23 06:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-11 13:59 - 2016-04-23 06:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-11 13:59 - 2016-04-23 06:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-11 13:59 - 2016-04-23 06:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-11 13:59 - 2016-04-23 06:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-11 13:59 - 2016-04-23 06:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-11 13:59 - 2016-04-23 06:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-11 13:59 - 2016-04-23 06:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-11 13:59 - 2016-04-23 06:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-11 13:59 - 2016-04-23 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-05-11 13:59 - 2016-04-23 06:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-11 13:59 - 2016-04-23 06:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-11 13:59 - 2016-04-23 06:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-11 13:59 - 2016-04-23 06:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-11 13:59 - 2016-04-23 06:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-05-11 13:59 - 2016-04-23 06:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-05-11 13:59 - 2016-04-23 06:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-11 13:59 - 2016-04-23 06:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-05-11 13:59 - 2016-04-23 06:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-05-11 13:59 - 2016-04-23 06:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-11 13:59 - 2016-04-23 06:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-11 13:59 - 2016-04-23 06:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-11 13:59 - 2016-04-23 06:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-11 13:59 - 2016-04-23 06:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-05-11 13:59 - 2016-04-23 06:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-05-11 13:59 - 2016-04-23 06:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-11 13:59 - 2016-04-23 05:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-05-11 13:59 - 2016-04-23 05:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-11 13:59 - 2016-04-23 05:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-05-11 13:59 - 2016-04-23 05:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-05-11 13:59 - 2016-04-23 05:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-11 13:59 - 2016-04-23 05:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-05-11 13:59 - 2016-04-23 05:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-11 13:59 - 2016-04-23 05:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-05-11 13:59 - 2016-04-23 05:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-05-11 13:59 - 2016-04-23 05:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-05-11 13:59 - 2016-04-23 05:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-05-11 13:59 - 2016-04-23 05:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-11 13:59 - 2016-04-23 05:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-05-11 13:59 - 2016-04-23 05:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-11 13:59 - 2016-04-23 05:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-11 13:59 - 2016-04-23 05:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-11 13:59 - 2016-04-23 05:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-11 13:59 - 2016-04-23 05:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-05-11 13:59 - 2016-04-23 05:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-11 13:59 - 2016-04-23 05:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-11 13:59 - 2016-04-23 05:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-11 13:59 - 2016-04-23 05:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-11 13:59 - 2016-04-23 05:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-11 13:59 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-11 13:59 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-11 13:59 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-11 13:59 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-11 13:59 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-11 13:59 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-11 13:59 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-11 13:59 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-11 13:59 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-11 13:59 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-11 13:59 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-05-11 13:59 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-11 13:59 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-11 13:58 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-11 13:58 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-11 13:58 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-11 13:58 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-11 13:58 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-11 13:58 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-11 13:58 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-11 13:58 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-11 13:58 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-11 13:58 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-11 13:58 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-11 13:58 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-11 13:58 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-11 13:58 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-11 13:58 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-11 13:58 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-11 13:58 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-11 13:58 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-11 13:58 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-11 13:58 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-11 13:58 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-11 13:58 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-11 13:58 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-11 13:58 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-11 13:58 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 13:58 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-11 13:58 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-06 16:29 - 2016-05-06 16:29 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-30 14:42 - 2014-05-03 17:22 - 00000000 ____D C:\ProgramData\MFAData
2016-05-30 14:41 - 2015-09-04 20:56 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-05-30 14:40 - 2015-07-05 21:53 - 00000000 __SHD C:\Users\Lennart\IntelGraphicsProfiles
2016-05-30 14:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-05-30 14:38 - 2014-08-09 21:01 - 00000000 ____D C:\ProgramData\VMware
2016-05-30 14:37 - 2015-12-10 22:19 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA.job
2016-05-30 14:36 - 2015-04-02 02:29 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-30 14:36 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-30 01:27 - 2009-07-14 06:45 - 00021744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-30 01:27 - 2009-07-14 06:45 - 00021744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-30 01:16 - 2015-02-28 20:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-30 00:36 - 2015-04-02 02:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-29 18:40 - 2016-04-24 14:22 - 00000000 ____D C:\Users\Lennart\AppData\Local\TempSWSicherungsverzeichnis
2016-05-29 00:21 - 2014-08-01 12:41 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\vlc
2016-05-28 13:37 - 2015-12-10 22:19 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core.job
2016-05-27 12:21 - 2016-02-10 14:50 - 00097344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-05-27 12:21 - 2016-02-10 14:49 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-27 12:21 - 2015-12-20 15:57 - 00000000 ____D C:\Users\Lennart\.oracle_jre_usage
2016-05-27 12:21 - 2014-07-19 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-27 12:21 - 2014-05-03 17:44 - 00000000 ____D C:\ProgramData\Oracle
2016-05-26 12:30 - 2015-10-06 18:30 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-05-23 00:25 - 2010-11-21 08:22 - 00778516 _____ C:\Windows\system32\perfh007.dat
2016-05-23 00:25 - 2010-11-21 08:22 - 00177978 _____ C:\Windows\system32\perfc007.dat
2016-05-23 00:25 - 2009-07-14 07:13 - 01820656 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-23 00:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-22 17:26 - 2014-07-22 14:11 - 00000000 ____D C:\ProgramData\AVG
2016-05-22 17:15 - 2014-07-22 14:12 - 00000000 ____D C:\Users\Lennart\AppData\Local\AVG
2016-05-19 22:13 - 2015-12-19 01:19 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-18 08:21 - 2016-04-23 12:56 - 00000000 ____D C:\Users\Lennart\AppData\Local\SolidWorks
2016-05-17 11:58 - 2014-05-03 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-05-15 21:10 - 2015-11-03 19:53 - 00076488 _____ C:\Users\Lennart\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-14 21:33 - 2015-11-04 15:04 - 00309600 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-14 20:11 - 2014-10-20 17:15 - 00000000 ____D C:\Users\Lennart\AppData\Local\Downloaded Installations
2016-05-13 15:38 - 2015-04-02 02:29 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 15:38 - 2015-04-02 02:29 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-13 15:16 - 2015-02-28 20:58 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 15:16 - 2015-02-28 20:58 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 15:16 - 2015-02-28 20:58 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-12 18:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-11 23:09 - 2010-11-21 08:28 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 15:17 - 2014-05-06 13:52 - 00000000 ____D C:\Windows\system32\MRT
2016-05-11 15:03 - 2011-05-25 16:59 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-11 13:32 - 2015-12-10 22:19 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA
2016-05-11 13:32 - 2015-12-10 22:19 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core
2016-05-11 13:31 - 2015-04-02 02:29 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 13:31 - 2015-04-02 02:29 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-10 23:48 - 2014-12-11 10:09 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-10 23:46 - 2015-12-06 21:00 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-05-10 15:32 - 2014-12-25 13:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-10-21 23:03 - 2014-10-21 23:03 - 6000640 _____ () C:\Program Files (x86)\GUT1F15.tmp
2014-05-14 17:34 - 2014-05-14 17:35 - 0000000 _____ () C:\Users\Lennart\AppData\Roaming\27.wav
2014-05-12 16:40 - 2014-05-12 16:51 - 0000198 _____ () C:\Users\Lennart\AppData\Roaming\SpotifyRecorderSettings.ini
2014-05-03 22:07 - 2015-08-22 20:49 - 0007597 _____ () C:\Users\Lennart\AppData\Local\Resmon.ResmonCfg
2016-05-21 13:22 - 2016-05-29 17:46 - 0000000 _____ () C:\Users\Lennart\AppData\Local\Temptable.xml
2014-05-27 15:25 - 2014-05-27 15:25 - 0000000 _____ () C:\Users\Lennart\AppData\Local\{04DBC2F6-A796-49AF-8289-15D0A805295C}
2014-07-14 14:05 - 2014-07-14 14:05 - 0000088 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Einige Dateien in TEMP:
====================
C:\Users\Lennart\AppData\Local\Temp\GURE23.exe
C:\Users\Lennart\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Lennart\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Lennart\AppData\Local\Temp\uninstall.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-05-28 12:13
==================== Ende von FRST.txt ============================
|
|
30.05.2016, 14:02
| #4 |
| | Spacekace Ordner im Laufwerk C: entdeckt Die Logs waren zu lang für eine Nachricht, deswegen hier noch die TDSSKiller log. Code:
ATTFilter 14:49:28.0845 0x1bcc TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
14:49:35.0707 0x1bcc ============================================================
14:49:35.0707 0x1bcc Current date / time: 2016/05/30 14:49:35.0707
14:49:35.0707 0x1bcc SystemInfo:
14:49:35.0707 0x1bcc
14:49:35.0707 0x1bcc OS Version: 6.1.7601 ServicePack: 1.0
14:49:35.0707 0x1bcc Product type: Workstation
14:49:35.0707 0x1bcc ComputerName: LENNART-PC
14:49:35.0707 0x1bcc UserName: Lennart
14:49:35.0707 0x1bcc Windows directory: C:\Windows
14:49:35.0707 0x1bcc System windows directory: C:\Windows
14:49:35.0707 0x1bcc Running under WOW64
14:49:35.0707 0x1bcc Processor architecture: Intel x64
14:49:35.0707 0x1bcc Number of processors: 8
14:49:35.0707 0x1bcc Page size: 0x1000
14:49:35.0707 0x1bcc Boot type: Normal boot
14:49:35.0707 0x1bcc ============================================================
14:49:38.0124 0x1bcc KLMD registered as C:\Windows\system32\drivers\39501581.sys
14:49:38.0906 0x1bcc System UUID: {8062337D-D6D3-01A1-62AC-43566FEF0ED9}
14:49:39.0237 0x1bcc Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:49:39.0242 0x1bcc ============================================================
14:49:39.0242 0x1bcc \Device\Harddisk0\DR0:
14:49:39.0242 0x1bcc MBR partitions:
14:49:39.0242 0x1bcc \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x3B90F4
14:49:39.0242 0x1bcc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3B9800, BlocksNum 0x1CC00000
14:49:39.0242 0x1bcc \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1CFB9800, BlocksNum 0x1D3CB800
14:49:39.0242 0x1bcc ============================================================
14:49:39.0272 0x1bcc C: <-> \Device\Harddisk0\DR0\Partition2
14:49:39.0316 0x1bcc F: <-> \Device\Harddisk0\DR0\Partition3
14:49:39.0316 0x1bcc ============================================================
14:49:39.0316 0x1bcc Initialize success
14:49:39.0316 0x1bcc ============================================================
14:51:11.0692 0x1738 ============================================================
14:51:11.0692 0x1738 Scan started
14:51:11.0692 0x1738 Mode: Manual; SigCheck; TDLFS;
14:51:11.0692 0x1738 ============================================================
14:51:11.0692 0x1738 KSN ping started
14:51:38.0198 0x1738 KSN ping finished: true
14:51:39.0593 0x1738 ================ Scan system memory ========================
14:51:39.0593 0x1738 System memory - ok
14:51:39.0593 0x1738 ================ Scan services =============================
14:51:39.0723 0x1738 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:51:39.0758 0x1738 1394ohci - ok
14:51:39.0798 0x1738 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:51:39.0808 0x1738 ACPI - ok
14:51:39.0823 0x1738 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:51:39.0848 0x1738 AcpiPmi - ok
14:51:39.0958 0x1738 [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:51:39.0963 0x1738 AdobeARMservice - ok
14:51:40.0088 0x1738 [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:51:40.0098 0x1738 AdobeFlashPlayerUpdateSvc - ok
14:51:40.0143 0x1738 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:51:40.0153 0x1738 adp94xx - ok
14:51:40.0183 0x1738 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:51:40.0198 0x1738 adpahci - ok
14:51:40.0208 0x1738 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:51:40.0218 0x1738 adpu320 - ok
14:51:40.0258 0x1738 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:51:40.0263 0x1738 AeLookupSvc - ok
14:51:40.0313 0x1738 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
14:51:40.0328 0x1738 AFD - ok
14:51:40.0363 0x1738 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
14:51:40.0373 0x1738 agp440 - ok
14:51:40.0408 0x1738 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
14:51:40.0418 0x1738 ALG - ok
14:51:40.0448 0x1738 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
14:51:40.0453 0x1738 aliide - ok
14:51:40.0468 0x1738 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
14:51:40.0478 0x1738 amdide - ok
14:51:40.0513 0x1738 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:51:40.0523 0x1738 AmdK8 - ok
14:51:40.0538 0x1738 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:51:40.0548 0x1738 AmdPPM - ok
14:51:40.0583 0x1738 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:51:40.0588 0x1738 amdsata - ok
14:51:40.0623 0x1738 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:51:40.0633 0x1738 amdsbs - ok
14:51:40.0653 0x1738 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:51:40.0658 0x1738 amdxata - ok
14:51:40.0728 0x1738 [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
14:51:40.0733 0x1738 AppHostSvc - ok
14:51:40.0783 0x1738 [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID C:\Windows\system32\drivers\appid.sys
14:51:40.0793 0x1738 AppID - ok
14:51:40.0818 0x1738 [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:51:40.0823 0x1738 AppIDSvc - ok
14:51:40.0873 0x1738 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
14:51:40.0883 0x1738 Appinfo - ok
14:51:40.0923 0x1738 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
14:51:40.0948 0x1738 AppMgmt - ok
14:51:40.0988 0x1738 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
14:51:40.0993 0x1738 arc - ok
14:51:41.0068 0x1738 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:51:41.0078 0x1738 arcsas - ok
14:51:41.0183 0x1738 [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:51:41.0208 0x1738 aspnet_state - ok
14:51:41.0243 0x1738 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:51:41.0263 0x1738 AsyncMac - ok
14:51:41.0288 0x1738 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
14:51:41.0298 0x1738 atapi - ok
14:51:41.0343 0x1738 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:51:41.0363 0x1738 AudioEndpointBuilder - ok
14:51:41.0388 0x1738 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:51:41.0403 0x1738 AudioSrv - ok
14:51:41.0433 0x1738 [ CDE60914D4ED81291F0CCFDB2CA311B9, 414D9BFF4E7DA17194695CB99B9E7F82C1616F4C228E6E9087208D290B9ED64D ] Avgdiska C:\Windows\system32\DRIVERS\avgdiska.sys
14:51:41.0443 0x1738 Avgdiska - ok
14:51:41.0473 0x1738 [ CA10D51653068DB6A0ADEEDDC4946C47, 6E731B28C38ED2BA48CF4855EBBF8B548D45C8DB8ABD9521E5516227CA68072B ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6a.sys
14:51:41.0483 0x1738 Avgfwfd - ok
14:51:41.0573 0x1738 [ 5D589ACCB1D1E03DC251FD34A6F1E0AA, 023502B77251F726CCBEAC96E922273B0B1D4304271326AC4DBAC5A202832C43 ] avgfws C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
14:51:41.0608 0x1738 avgfws - ok
14:51:41.0688 0x1738 [ 015F62C2F215D153DC2F403CA612328E, B77921AB0E37BBB872579A748A085AA28E150E182AFEC9058B5F7775D5F761E1 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
14:51:41.0743 0x1738 AVGIDSAgent - ok
14:51:41.0778 0x1738 [ E7E1A0AB30587BF3734A2EC66BBCE743, F2D662A2CC29B9B8C1D7AA3424CAAB18A78C60E9557D992EF14BC15DB1438B54 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
14:51:41.0788 0x1738 AVGIDSDriver - ok
14:51:41.0803 0x1738 [ 6805C3630FD401721200A9198553F09E, D81E5C126AFB9A51499C5794E9586175541D27B3A24FA24CDB5D1EFE43097FC6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
14:51:41.0813 0x1738 AVGIDSHA - ok
14:51:41.0853 0x1738 [ 5980222218A0773E2994E524E5BA2464, 56B39A8FFBB87B898D7206DE4BCD1E51D64A38588BFFD264CD75A2CAC19E911A ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
14:51:41.0863 0x1738 Avgldx64 - ok
14:51:41.0908 0x1738 [ C16CBC8EF6D8CC426F6C18D450A016A7, A8011DDBA41AAA3466280732D45119C410753E3E4EFDB6C62AFAF35C72B7D38E ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
14:51:41.0918 0x1738 Avgloga - ok
14:51:41.0948 0x1738 [ 3BEAEEFEFF30C99EA22D0F3942291433, C2FC7AAA298E4FEBD84F6438ACCC3F483486B74F40C7228128D31BB1BED9853A ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
14:51:41.0958 0x1738 Avgmfx64 - ok
14:51:41.0983 0x1738 [ C4F9056928B26BCAF15872E46B29184F, 0A1574937D120B8872947C4C68F1706BB9713B0D00AD62BE8082499C944114BA ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
14:51:41.0988 0x1738 Avgrkx64 - ok
14:51:42.0008 0x1738 [ 0D9C55812B8F8FD8F073AC6C1AF2DFE6, A9880A6BB17E168330AD7C0FD6ABB4DA0D1FD7753A2EA31F2DBD015B0B84ED40 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
14:51:42.0023 0x1738 Avgtdia - ok
14:51:42.0068 0x1738 [ CE51A17F0F8CBC0A0EB20B4BA3A48937, D807C8615347BB1ED367AB903855EC46D2A3CF45385076AAEE3AAA9ABE4B2240 ] avgwd C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
14:51:42.0078 0x1738 avgwd - ok
14:51:42.0163 0x1738 [ F161CF8F628130B464E6A908723D488C, 95D40B679C132989B6031CC566235033400DA88006CF258F1CEFFB0D105E3B5B ] AVMPowerlineService F:\Programme\Fritz\PowerlineService.exe
14:51:42.0168 0x1738 AVMPowerlineService - detected UnsignedFile.Multi.Generic ( 1 )
14:51:43.0784 0x085c Object required for P2P: [ 6A050671F2C76FB48131F12786802807 ] AdobeFlashPlayerUpdateSvc
14:51:44.0694 0x1738 Detect skipped due to KSN trusted
14:51:44.0694 0x1738 AVMPowerlineService - ok
14:51:44.0779 0x1738 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:51:44.0794 0x1738 AxInstSV - ok
14:51:44.0839 0x1738 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:51:44.0854 0x1738 b06bdrv - ok
14:51:44.0879 0x1738 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:51:44.0889 0x1738 b57nd60a - ok
14:51:44.0904 0x1738 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
14:51:44.0914 0x1738 BDESVC - ok
14:51:44.0934 0x1738 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
14:51:44.0969 0x1738 Beep - ok
14:51:45.0024 0x1738 [ B1359701847FF1FF415FA083F1610F48, 991F995B9CF614549F5F7EB5C5B2D47F34EFF0F47B35C4BF4CE716666B9DA1D3 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
14:51:45.0024 0x1738 BEService - detected UnsignedFile.Multi.Generic ( 1 )
14:51:46.0384 0x085c Object send P2P result: true
14:51:47.0564 0x1738 BEService ( UnsignedFile.Multi.Generic ) - warning
14:51:50.0471 0x1738 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
14:51:50.0491 0x1738 BFE - ok
14:51:50.0535 0x1738 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
14:51:50.0602 0x1738 BITS - ok
14:51:50.0632 0x1738 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:51:50.0637 0x1738 blbdrive - ok
14:51:50.0657 0x1738 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:51:50.0667 0x1738 bowser - ok
14:51:50.0687 0x1738 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:51:50.0697 0x1738 BrFiltLo - ok
14:51:50.0702 0x1738 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:51:50.0712 0x1738 BrFiltUp - ok
14:51:50.0757 0x1738 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
14:51:50.0767 0x1738 Browser - ok
14:51:50.0789 0x1738 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:51:50.0799 0x1738 Brserid - ok
14:51:50.0809 0x1738 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:51:50.0819 0x1738 BrSerWdm - ok
14:51:50.0839 0x1738 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:51:50.0849 0x1738 BrUsbMdm - ok
14:51:50.0869 0x1738 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:51:50.0878 0x1738 BrUsbSer - ok
14:51:51.0043 0x1738 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:51:51.0048 0x1738 BthEnum - ok
14:51:51.0073 0x1738 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:51:51.0088 0x1738 BTHMODEM - ok
14:51:51.0118 0x1738 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:51:51.0128 0x1738 BthPan - ok
14:51:51.0158 0x1738 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:51:51.0173 0x1738 BTHPORT - ok
14:51:51.0198 0x1738 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
14:51:51.0218 0x1738 bthserv - ok
14:51:51.0228 0x1738 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:51:51.0233 0x1738 BTHUSB - ok
14:51:51.0263 0x1738 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:51:51.0288 0x1738 cdfs - ok
14:51:51.0333 0x1738 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:51:51.0343 0x1738 cdrom - ok
14:51:51.0368 0x1738 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
14:51:51.0388 0x1738 CertPropSvc - ok
14:51:51.0463 0x1738 [ 8010F7A8C5CCD34120542DB3E0A37A14, F44922EEB9EDF527349BFC226B24AF1231EFE5BB1A6D4A4916B086CEB19092C1 ] chip1click C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
14:51:51.0468 0x1738 chip1click - detected UnsignedFile.Multi.Generic ( 1 )
14:51:53.0959 0x1738 chip1click ( UnsignedFile.Multi.Generic ) - warning
14:51:56.0585 0x1738 [ 12DFF15C9BE0292E4B0A455BD7DEB021, 754A593782D638DCA7AA969138305FA3E5E8352882F15C5BAF958AFFA5BDF328 ] chromoting C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
14:51:56.0590 0x1738 chromoting - ok
14:51:56.0615 0x1738 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
14:51:56.0625 0x1738 circlass - ok
14:51:56.0675 0x1738 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
14:51:56.0685 0x1738 CLFS - ok
14:51:56.0735 0x1738 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:51:56.0775 0x1738 clr_optimization_v2.0.50727_32 - ok
14:51:56.0810 0x1738 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:51:56.0817 0x1738 clr_optimization_v2.0.50727_64 - ok
14:51:56.0897 0x1738 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:51:56.0922 0x1738 clr_optimization_v4.0.30319_32 - ok
14:51:56.0937 0x1738 [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:51:56.0957 0x1738 clr_optimization_v4.0.30319_64 - ok
14:51:56.0982 0x1738 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:51:56.0987 0x1738 CmBatt - ok
14:51:57.0042 0x1738 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:51:57.0047 0x1738 cmdide - ok
14:51:57.0167 0x1738 [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG C:\Windows\system32\Drivers\cng.sys
14:51:57.0182 0x1738 CNG - ok
14:51:57.0247 0x1738 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:51:57.0252 0x1738 Compbatt - ok
14:51:57.0292 0x1738 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:51:57.0302 0x1738 CompositeBus - ok
14:51:57.0322 0x1738 COMSysApp - ok
14:51:58.0515 0x1738 [ 4D6AED006B4EE831C391D617EA725391, 7AAD2A6ED75CCACE0D143BBDFCD6848D21DF3EF899129EDE1918EB1C93626BE8 ] CoordinatorServiceHost F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
14:51:58.0520 0x1738 CoordinatorServiceHost - ok
14:51:58.0685 0x1738 [ DAC4D7D79C07957F237E1A4F24435E96, F0D5C21A403580D71F1F6B049C5BB043D3257D39FABCDE623E81CD48034610AC ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
14:51:58.0695 0x1738 cphs - ok
14:51:58.0755 0x1738 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:51:58.0765 0x1738 crcdisk - ok
14:51:58.0840 0x1738 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:51:58.0850 0x1738 CryptSvc - ok
14:51:58.0875 0x1738 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
14:51:58.0890 0x1738 CSC - ok
14:51:58.0925 0x1738 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
14:51:58.0940 0x1738 CscService - ok
14:51:58.0990 0x1738 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
14:51:59.0005 0x1738 DcomLaunch - ok
14:51:59.0015 0x1738 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
14:51:59.0040 0x1738 defragsvc - ok
14:51:59.0055 0x1738 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:51:59.0075 0x1738 DfsC - ok
14:51:59.0100 0x1738 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:51:59.0120 0x1738 Dhcp - ok
14:51:59.0200 0x1738 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
14:51:59.0230 0x1738 DiagTrack - ok
14:51:59.0270 0x1738 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
14:51:59.0290 0x1738 discache - ok
14:51:59.0345 0x1738 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
14:51:59.0350 0x1738 Disk - ok
14:51:59.0365 0x1738 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
14:51:59.0375 0x1738 dmvsc - ok
14:51:59.0395 0x1738 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:51:59.0405 0x1738 Dnscache - ok
14:51:59.0420 0x1738 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
14:51:59.0445 0x1738 dot3svc - ok
14:51:59.0480 0x1738 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
14:51:59.0500 0x1738 DPS - ok
14:51:59.0550 0x1738 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:51:59.0560 0x1738 drmkaud - ok
14:51:59.0590 0x1738 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:51:59.0600 0x1738 dtsoftbus01 - ok
14:51:59.0660 0x1738 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:51:59.0680 0x1738 DXGKrnl - ok
14:51:59.0705 0x1738 [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD, 967829CE37158020F6026C588260FCFC6F9852DDDACD622FAF7AB75121DF5B3D ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
14:51:59.0715 0x1738 E1G60 - ok
14:51:59.0747 0x1738 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
14:51:59.0767 0x1738 EapHost - ok
14:51:59.0847 0x1738 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:51:59.0902 0x1738 ebdrv - ok
14:51:59.0932 0x1738 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] EFS C:\Windows\System32\lsass.exe
14:51:59.0937 0x1738 EFS - ok
14:51:59.0998 0x1738 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:52:00.0028 0x1738 ehRecvr - ok
14:52:00.0033 0x1738 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
14:52:00.0043 0x1738 ehSched - ok
14:52:00.0083 0x1738 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:52:00.0093 0x1738 elxstor - ok
14:52:00.0113 0x1738 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:52:00.0118 0x1738 ErrDev - ok
14:52:00.0158 0x1738 [ 39EC51A5BC3E1C0D438E8AC70956DE0A, 456AE9C6E059442CA627AAB667CA498AA6F6A6812A177DCCB36D9CC24F11231A ] ETD C:\Windows\system32\DRIVERS\ETD.sys
14:52:00.0168 0x1738 ETD - ok
14:52:00.0218 0x1738 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
14:52:00.0243 0x1738 EventSystem - ok
14:52:00.0283 0x1738 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
14:52:00.0308 0x1738 exfat - ok
14:52:00.0343 0x1738 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:52:00.0363 0x1738 fastfat - ok
14:52:00.0408 0x1738 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
14:52:00.0428 0x1738 Fax - ok
14:52:00.0443 0x1738 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
14:52:00.0448 0x1738 fdc - ok
14:52:00.0478 0x1738 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
14:52:00.0503 0x1738 fdPHost - ok
14:52:00.0503 0x1738 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
14:52:00.0528 0x1738 FDResPub - ok
14:52:00.0548 0x1738 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:52:00.0558 0x1738 FileInfo - ok
14:52:00.0563 0x1738 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:52:00.0588 0x1738 Filetrace - ok
14:52:00.0703 0x1738 [ 00EDB531DFB127197D625204B138269B, 0CE6536344CE30F06C6CD04BEB202C935B10439200B9CE792B4440D2EE3CB9D9 ] FlexNet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
14:52:00.0723 0x1738 FlexNet Licensing Service - ok
14:52:00.0813 0x1738 [ 668D43EFEB7F129584100CF6320E8A6F, 093254127A63420F93001BA63CF323AA4C17A38914D5B991E31F3B8C1971E9D7 ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
14:52:00.0838 0x1738 FlexNet Licensing Service 64 - ok
14:52:00.0853 0x1738 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:52:00.0858 0x1738 flpydisk - ok
14:52:00.0878 0x1738 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:52:00.0888 0x1738 FltMgr - ok
14:52:00.0953 0x1738 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
14:52:00.0978 0x1738 FontCache - ok
14:52:01.0008 0x1738 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:52:01.0013 0x1738 FontCache3.0.0.0 - ok
14:52:01.0028 0x1738 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:52:01.0033 0x1738 FsDepends - ok
14:52:01.0058 0x1738 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:52:01.0068 0x1738 Fs_Rec - ok
14:52:01.0098 0x1738 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:52:01.0113 0x1738 fvevol - ok
14:52:01.0148 0x1738 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:52:01.0158 0x1738 gagp30kx - ok
14:52:01.0243 0x1738 [ CBD39E74C61C3A3EF695DB25792F32E6, 95454F245DB818227BFE92EBA927A68FA78FB87E7BF5C28761046FF36C56CF32 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
14:52:01.0268 0x1738 GfExperienceService - ok
14:52:01.0313 0x1738 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
14:52:01.0343 0x1738 gpsvc - ok
14:52:01.0393 0x1738 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:52:01.0403 0x1738 gupdate - ok
14:52:01.0403 0x1738 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:52:01.0408 0x1738 gupdatem - ok
14:52:01.0448 0x1738 [ 9D327D726F1F805CCC33AD7D40B01747, 4EC94313FE623D478D66686E4028D3D100704B1E4E54B45224E3817D01CFF631 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
14:52:01.0458 0x1738 hamachi - ok
14:52:01.0498 0x1738 Hamachi2Svc - ok
14:52:01.0548 0x1738 [ BDDBCFF870442B3C24C158CD53079132, 62314C296ACF1EF9EB38FB70B66B57D1BB9917C8536B39892272D172BC58A5C3 ] hcmon C:\Windows\system32\drivers\hcmon.sys
14:52:01.0558 0x1738 hcmon - ok
14:52:01.0573 0x1738 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:52:01.0583 0x1738 hcw85cir - ok
14:52:01.0623 0x1738 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:52:01.0638 0x1738 HdAudAddService - ok
14:52:01.0648 0x1738 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:52:01.0658 0x1738 HDAudBus - ok
14:52:01.0673 0x1738 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:52:01.0683 0x1738 HidBatt - ok
14:52:01.0693 0x1738 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:52:01.0703 0x1738 HidBth - ok
14:52:01.0723 0x1738 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
14:52:01.0733 0x1738 HidIr - ok
14:52:01.0758 0x1738 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
14:52:01.0778 0x1738 hidserv - ok
14:52:01.0823 0x1738 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:52:01.0833 0x1738 HidUsb - ok
14:52:01.0868 0x1738 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:52:01.0888 0x1738 hkmsvc - ok
14:52:01.0903 0x1738 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:52:01.0918 0x1738 HomeGroupListener - ok
14:52:01.0928 0x1738 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:52:01.0938 0x1738 HomeGroupProvider - ok
14:52:01.0983 0x1738 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:52:01.0988 0x1738 HpSAMD - ok
14:52:02.0053 0x1738 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:52:02.0073 0x1738 HTTP - ok
14:52:02.0088 0x1738 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:52:02.0098 0x1738 hwpolicy - ok
14:52:02.0103 0x1738 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:52:02.0113 0x1738 i8042prt - ok
14:52:02.0148 0x1738 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:52:02.0163 0x1738 iaStorV - ok
14:52:02.0218 0x1738 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:52:02.0238 0x1738 idsvc - ok
14:52:02.0248 0x1738 IEEtwCollectorService - ok
14:52:02.0798 0x1738 [ 5863E2DD2E5C2D1B1F70C3826C162A7B, A6A0DBFA91F53D116AFFC1644F636A9D33A20B00A842A190190584F8AE2D1FF0 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:52:02.0878 0x1738 igfx - ok
14:52:02.0923 0x1738 [ C5202C7669226FF13A74228BD42AD982, BA843DEF6649DF34F9D0D0A380E77557D7785B8239A61EA33EFF08AEF0C8E6DE ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
14:52:02.0938 0x1738 igfxCUIService1.0.0.0 - ok
14:52:02.0968 0x1738 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:52:02.0973 0x1738 iirsp - ok
14:52:03.0033 0x1738 [ AB55B8A9B13130F638546881CE4425F8, 8427E67BE02ECABAA3F0C48BD4205BCBD4C978B48AE4E7336DA5821DFC49029E ] IISADMIN C:\Windows\system32\inetsrv\inetinfo.exe
14:52:03.0043 0x1738 IISADMIN - ok
14:52:03.0133 0x1738 [ C5E4602D85029C666A42890A3B2DFA45, 0D462704C507A83CB447AA0DF8A9FFAE2A16DD2D6882798E26C03F8B2C8A2C62 ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
14:52:03.0138 0x1738 IJPLMSVC - ok
14:52:03.0178 0x1738 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
14:52:03.0198 0x1738 IKEEXT - ok
14:52:03.0313 0x1738 [ D739148367AAE1DA0C12160DE141ECED, 471E6EA03F2BD7DD1E2812B56EFB00EDDCAA87E974833B75114B8EE93DC358A5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:52:03.0368 0x1738 IntcAzAudAddService - ok
14:52:03.0408 0x1738 [ 9D01DDF5EA8494BBCBB73FF385E35D35, C575DC65275BEA8558A855C7DC6CFA84BD7F48D24BB0C522084E89DDC5CB02A7 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:52:03.0423 0x1738 IntcDAud - ok
14:52:03.0453 0x1738 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
14:52:03.0458 0x1738 intelide - ok
14:52:03.0478 0x1738 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:52:03.0488 0x1738 intelppm - ok
14:52:03.0523 0x1738 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:52:03.0548 0x1738 IPBusEnum - ok
14:52:03.0558 0x1738 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:52:03.0578 0x1738 IpFilterDriver - ok
14:52:03.0638 0x1738 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:52:03.0653 0x1738 iphlpsvc - ok
14:52:03.0668 0x1738 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:52:03.0678 0x1738 IPMIDRV - ok
14:52:03.0693 0x1738 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:52:03.0718 0x1738 IPNAT - ok
14:52:03.0748 0x1738 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:52:03.0758 0x1738 IRENUM - ok
14:52:03.0773 0x1738 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:52:03.0778 0x1738 isapnp - ok
14:52:03.0813 0x1738 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:52:03.0823 0x1738 iScsiPrt - ok
14:52:03.0843 0x1738 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:52:03.0850 0x1738 kbdclass - ok
14:52:03.0871 0x1738 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:52:03.0876 0x1738 kbdhid - ok
14:52:03.0896 0x1738 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] KeyIso C:\Windows\system32\lsass.exe
14:52:03.0906 0x1738 KeyIso - ok
14:52:03.0936 0x1738 [ 0878723427BA190E5ABA5AA0112FA4D4, E332C83D3F4DF71761AA3DAC2C721FC2029F71ECC88A66E175BA56510855C4D4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:52:03.0946 0x1738 KSecDD - ok
14:52:03.0956 0x1738 [ C08CCCE2BE68D04E6C142614736959DA, AEC0AFC5C28DDC14DD6918BB6E236FA1C85CC30D69DA9AE40F9962D88248040F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:52:03.0961 0x1738 KSecPkg - ok
14:52:03.0971 0x1738 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:52:03.0991 0x1738 ksthunk - ok
14:52:04.0026 0x1738 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
14:52:04.0051 0x1738 KtmRm - ok
14:52:04.0091 0x1738 [ A6131EE7C440992458688C7D0989C584, 94FEB4A6677262BAA590F77329141D9F539D3466D6E9473D639880AA6D5A103C ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
14:52:04.0096 0x1738 L1C - ok
14:52:04.0156 0x1738 [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
14:52:04.0166 0x1738 LADF_CaptureOnly - ok
14:52:04.0181 0x1738 [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
14:52:04.0191 0x1738 LADF_RenderOnly - ok
14:52:04.0226 0x1738 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:52:04.0251 0x1738 LanmanServer - ok
14:52:04.0291 0x1738 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:52:04.0316 0x1738 LanmanWorkstation - ok
14:52:04.0376 0x1738 [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
14:52:04.0386 0x1738 LGBusEnum - ok
14:52:04.0401 0x1738 [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore C:\Windows\system32\drivers\LGJoyXlCore.sys
14:52:04.0411 0x1738 LGJoyXlCore - ok
14:52:04.0441 0x1738 [ 8F4DA100274CF85D94FBA8CA76125255, 1ADA7C36C915CB9BD41CF291F8E6990746A83F4D2ABCC5CAF765A3CE388BE5E5 ] LGSUsbFilt C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys
14:52:04.0446 0x1738 LGSUsbFilt - ok
14:52:04.0491 0x1738 [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
14:52:04.0501 0x1738 LGVirHid - ok
14:52:04.0531 0x1738 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:52:04.0556 0x1738 lltdio - ok
14:52:04.0591 0x1738 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:52:04.0616 0x1738 lltdsvc - ok
14:52:04.0641 0x1738 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:52:04.0666 0x1738 lmhosts - ok
14:52:04.0691 0x1738 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:52:04.0696 0x1738 LSI_FC - ok
14:52:04.0726 0x1738 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:52:04.0736 0x1738 LSI_SAS - ok
14:52:04.0746 0x1738 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:52:04.0751 0x1738 LSI_SAS2 - ok
14:52:04.0761 0x1738 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:52:04.0771 0x1738 LSI_SCSI - ok
14:52:04.0796 0x1738 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
14:52:04.0821 0x1738 luafv - ok
14:52:04.0841 0x1738 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
14:52:04.0846 0x1738 MBfilt - ok
14:52:04.0875 0x1738 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:52:04.0885 0x1738 Mcx2Svc - ok
14:52:04.0905 0x1738 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
14:52:04.0915 0x1738 megasas - ok
14:52:04.0935 0x1738 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:52:04.0945 0x1738 MegaSR - ok
14:52:04.0980 0x1738 [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:52:04.0990 0x1738 MEIx64 - ok
14:52:05.0000 0x1738 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
14:52:05.0025 0x1738 MMCSS - ok
14:52:05.0035 0x1738 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
14:52:05.0055 0x1738 Modem - ok
14:52:05.0070 0x1738 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:52:05.0080 0x1738 monitor - ok
14:52:05.0105 0x1738 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:52:05.0110 0x1738 mouclass - ok
14:52:05.0130 0x1738 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:52:05.0135 0x1738 mouhid - ok
14:52:05.0175 0x1738 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:52:05.0185 0x1738 mountmgr - ok
14:52:05.0265 0x1738 [ 98DA127D0AB8B6CB5773546AF60D9217, BB07F34552342CA40E843F80AA32C928C29EF81789605E53C795EFD564F2DA7F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:52:05.0275 0x1738 MozillaMaintenance - ok
14:52:05.0305 0x1738 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:52:05.0315 0x1738 mpio - ok
14:52:05.0330 0x1738 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:52:05.0350 0x1738 mpsdrv - ok
14:52:05.0390 0x1738 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:52:05.0420 0x1738 MpsSvc - ok
14:52:05.0455 0x1738 [ CD22D2563039DDA6793F7624719363A7, 82C91467EDCB61B1DD086A1D25925E4D89E43EF6EFAE3C59AFF3D73280119AF6 ] MQAC C:\Windows\system32\drivers\mqac.sys
14:52:05.0465 0x1738 MQAC - ok
14:52:05.0490 0x1738 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:52:05.0500 0x1738 MRxDAV - ok
14:52:05.0530 0x1738 [ 035C0A9A63DF3F3A52B90D8F6BF0F166, F409C8A31156E31A6D16D2B34EEE3098CE0D76A4DB7B49810EDDA2E2E19B2E26 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:52:05.0540 0x1738 mrxsmb - ok
14:52:05.0575 0x1738 [ 8308FC2E9147D7632221E3279BB14660, 3051FF91493FD03B7EDD4EDB23B2DE8DD7E03D46E231BC5925502BE98E78B1CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:52:05.0585 0x1738 mrxsmb10 - ok
14:52:05.0615 0x1738 [ 1F8DA4ECAEA7E2BCD97E738795817431, FBEF64C7067F5AFF864EF7E220C8A47AC43EB0BFD9A4E4C908F9D9D159AC5139 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:52:05.0625 0x1738 mrxsmb20 - ok
14:52:05.0655 0x1738 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
14:52:05.0660 0x1738 msahci - ok
14:52:05.0690 0x1738 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:52:05.0700 0x1738 msdsm - ok
14:52:05.0705 0x1738 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
14:52:05.0720 0x1738 MSDTC - ok
14:52:05.0755 0x1738 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:52:05.0775 0x1738 Msfs - ok
14:52:05.0785 0x1738 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:52:05.0805 0x1738 mshidkmdf - ok
14:52:05.0810 0x1738 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:52:05.0820 0x1738 msisadrv - ok
14:52:05.0855 0x1738 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:52:05.0880 0x1738 MSiSCSI - ok
14:52:05.0880 0x1738 msiserver - ok
14:52:05.0900 0x1738 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:52:05.0920 0x1738 MSKSSRV - ok
14:52:05.0965 0x1738 [ FAAEAEF99E53561BEEE58F946CA56F0D, 78AC692C4B80616E4C44ED20954B8D2FCE2215056C2ED3522123E5B50A7CE67A ] MSMQ C:\Windows\system32\mqsvc.exe
14:52:05.0975 0x1738 MSMQ - ok
14:52:05.0990 0x1738 [ 59ED174FD4314B0218DC91F9BFA6CD3D, 13B95FA9892D09341CE46FA7EEB01FF9C88AA9DCB8FBF0A73FFAE567AAA4E02A ] MSMQTriggers C:\Windows\system32\mqtgsvc.exe
14:52:06.0000 0x1738 MSMQTriggers - ok
14:52:06.0015 0x1738 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:52:06.0040 0x1738 MSPCLOCK - ok
14:52:06.0070 0x1738 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:52:06.0095 0x1738 MSPQM - ok
14:52:06.0110 0x1738 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:52:06.0120 0x1738 MsRPC - ok
14:52:06.0138 0x1738 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:52:06.0145 0x1738 mssmbios - ok
14:52:06.0152 0x1738 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:52:06.0170 0x1738 MSTEE - ok
14:52:06.0180 0x1738 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:52:06.0190 0x1738 MTConfig - ok
14:52:06.0200 0x1738 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
14:52:06.0210 0x1738 Mup - ok
14:52:06.0240 0x1738 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
14:52:06.0265 0x1738 napagent - ok
14:52:06.0290 0x1738 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:52:06.0305 0x1738 NativeWifiP - ok
14:52:06.0350 0x1738 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:52:06.0370 0x1738 NDIS - ok
14:52:06.0385 0x1738 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:52:06.0405 0x1738 NdisCap - ok
14:52:06.0430 0x1738 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:52:06.0450 0x1738 NdisTapi - ok
14:52:06.0465 0x1738 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:52:06.0485 0x1738 Ndisuio - ok
14:52:06.0495 0x1738 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:52:06.0520 0x1738 NdisWan - ok
14:52:06.0530 0x1738 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:52:06.0555 0x1738 NDProxy - ok
14:52:06.0570 0x1738 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:52:06.0590 0x1738 NetBIOS - ok
14:52:06.0605 0x1738 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:52:06.0630 0x1738 NetBT - ok
14:52:06.0650 0x1738 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] Netlogon C:\Windows\system32\lsass.exe
14:52:06.0660 0x1738 Netlogon - ok
14:52:06.0695 0x1738 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
14:52:06.0720 0x1738 Netman - ok
14:52:06.0785 0x1738 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:52:06.0795 0x1738 NetMsmqActivator - ok
14:52:06.0800 0x1738 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:52:06.0810 0x1738 NetPipeActivator - ok
14:52:06.0835 0x1738 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
14:52:06.0860 0x1738 netprofm - ok
14:52:06.0875 0x1738 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:52:06.0885 0x1738 NetTcpActivator - ok
14:52:06.0890 0x1738 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:52:06.0900 0x1738 NetTcpPortSharing - ok
14:52:06.0920 0x1738 [ 1D0FA98056D436B14C2BBBF450B59866, 51B796C9AE64079A9F07FD0645488043B942A141CB2FFAB3D36010FFF4BA770F ] networx C:\Windows\system32\drivers\networx.sys
14:52:06.0930 0x1738 networx - ok
14:52:06.0965 0x1738 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:52:06.0970 0x1738 nfrd960 - ok
14:52:07.0111 0x1738 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:52:07.0121 0x1738 NlaSvc - ok
14:52:07.0361 0x1738 [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf C:\Windows\system32\drivers\npf.sys
14:52:07.0366 0x1738 npf - ok
14:52:07.0381 0x1738 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:52:07.0421 0x1738 Npfs - ok
14:52:07.0431 0x1738 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
14:52:07.0451 0x1738 nsi - ok
14:52:07.0501 0x1738 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:52:07.0521 0x1738 nsiproxy - ok
14:52:07.0681 0x1738 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:52:07.0716 0x1738 Ntfs - ok
14:52:07.0741 0x1738 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
14:52:07.0766 0x1738 Null - ok
14:52:08.0261 0x1738 [ DA35308DEDB50C91EFD46B42F991DE26, 86E72D446014ED655E3DD2BB85A1A21BF0BF3C0EE5266E8E3D893FCDE25F9BE4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:52:08.0451 0x1738 nvlddmkm - ok
14:52:08.0541 0x1738 [ 855093AFA0B795914D6DD5EF4796D38C, A19B94449DBA50BCC2C09D42DEA1BF29CEF3C79B8F7F384904189A579AAA85A0 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
14:52:08.0576 0x1738 NvNetworkService - ok
14:52:08.0606 0x1738 [ 125610D6C319C94D161CF58D525F6E68, 6148EC12096219466C7969B8AD790F97A20B5033C7B212E8EACD74AB85BBD7F9 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
14:52:08.0611 0x1738 nvpciflt - ok
14:52:08.0651 0x1738 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:52:08.0656 0x1738 nvraid - ok
14:52:08.0686 0x1738 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:52:08.0691 0x1738 nvstor - ok
14:52:08.0766 0x1738 [ BD96CA245DA2933BB68605D0C2075A72, E406CD97FA1A640C1C5FE01B360A0A9DED6E696F2765E395C16AAFF59F24B7B4 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
14:52:08.0776 0x1738 NvStreamKms - ok
14:52:08.0946 0x1738 [ CF27CDA72455B4A7853ED98CFC57218A, D66C3AECF8AAE38ED2DAFF9ABB38FE0301A85375250A8CDEF50F68DECE8BBC64 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
14:52:09.0046 0x1738 NvStreamNetworkSvc - ok
14:52:09.0171 0x1738 [ 40BA84AD3348573609095D8F3FD2DA9F, FF68F2352AFCB8C278A2E704F3E9DCC4393299DEAECD9ACF96F2D7FD9830EDF1 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
14:52:09.0251 0x1738 NvStreamSvc - ok
14:52:09.0306 0x1738 [ A9FE27CA00E66C455520E8B75883B630, D2FEFC75C0881ECC0A80EA2DD92DD9D2A28EB26F81085F8C17DCEA3F717D86E9 ] nvsvc C:\Windows\system32\nvvsvc.exe
14:52:09.0331 0x1738 nvsvc - ok
14:52:09.0361 0x1738 [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
14:52:09.0366 0x1738 nvvad_WaveExtensible - ok
14:52:09.0391 0x1738 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:52:09.0401 0x1738 nv_agp - ok
14:52:09.0421 0x1738 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:52:09.0431 0x1738 ohci1394 - ok
14:52:09.0511 0x1738 [ 4DE56CE5F4F191C6F040B6C8AA776794, 19E61A561AEE7B49C6B0915EE0FA66047930D46B5FF233608F368A5FF824A156 ] OpenVPNService F:\Programme\OpenVPN\bin\openvpnserv.exe
14:52:09.0516 0x1738 OpenVPNService - ok
14:52:09.0566 0x1738 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:52:09.0576 0x1738 ose - ok
14:52:09.0681 0x1738 [ 705E5D37BDCB2236923E517D8338F587, D2A2605F15A12B65ED8EA0A0F818368D440FD7C9C8C4F6D28092D671A51C86DB ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
14:52:09.0701 0x1738 OverwolfUpdater - ok
14:52:09.0726 0x1738 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:52:09.0741 0x1738 p2pimsvc - ok
14:52:09.0776 0x1738 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
14:52:09.0786 0x1738 p2psvc - ok
14:52:09.0811 0x1738 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
14:52:09.0821 0x1738 Parport - ok
14:52:09.0841 0x1738 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:52:09.0851 0x1738 partmgr - ok
14:52:09.0921 0x1738 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:52:09.0936 0x1738 PcaSvc - ok
14:52:09.0996 0x1738 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
14:52:10.0006 0x1738 pci - ok
14:52:10.0021 0x1738 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
14:52:10.0031 0x1738 pciide - ok
14:52:10.0051 0x1738 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:52:10.0061 0x1738 pcmcia - ok
14:52:10.0066 0x1738 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
14:52:10.0076 0x1738 pcw - ok
14:52:10.0121 0x1738 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:52:10.0141 0x1738 PEAUTH - ok
14:52:10.0191 0x1738 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:52:10.0221 0x1738 PeerDistSvc - ok
14:52:10.0291 0x1738 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:52:10.0301 0x1738 PerfHost - ok
14:52:10.0341 0x1738 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
14:52:10.0381 0x1738 pla - ok
14:52:10.0431 0x1738 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:52:10.0446 0x1738 PlugPlay - ok
14:52:10.0451 0x1738 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:52:10.0461 0x1738 PNRPAutoReg - ok
14:52:10.0481 0x1738 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:52:10.0496 0x1738 PNRPsvc - ok
14:52:10.0531 0x1738 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:52:10.0561 0x1738 PolicyAgent - ok
14:52:10.0576 0x1738 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
14:52:10.0601 0x1738 Power - ok
14:52:10.0626 0x1738 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:52:10.0646 0x1738 PptpMiniport - ok
14:52:10.0656 0x1738 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
14:52:10.0666 0x1738 Processor - ok
14:52:10.0681 0x1738 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
14:52:10.0691 0x1738 ProfSvc - ok
14:52:10.0706 0x1738 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:52:10.0711 0x1738 ProtectedStorage - ok
14:52:10.0741 0x1738 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:52:10.0761 0x1738 Psched - ok
14:52:10.0816 0x1738 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:52:10.0846 0x1738 ql2300 - ok
14:52:10.0872 0x1738 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:52:10.0882 0x1738 ql40xx - ok
14:52:10.0907 0x1738 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
14:52:10.0922 0x1738 QWAVE - ok
14:52:10.0932 0x1738 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:52:10.0942 0x1738 QWAVEdrv - ok
14:52:10.0952 0x1738 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:52:10.0977 0x1738 RasAcd - ok
14:52:11.0012 0x1738 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:52:11.0032 0x1738 RasAgileVpn - ok
14:52:11.0058 0x1738 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
14:52:11.0081 0x1738 RasAuto - ok
14:52:11.0091 0x1738 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:52:11.0116 0x1738 Rasl2tp - ok
14:52:11.0136 0x1738 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
14:52:11.0161 0x1738 RasMan - ok
14:52:11.0176 0x1738 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:52:11.0196 0x1738 RasPppoe - ok
14:52:11.0211 0x1738 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:52:11.0236 0x1738 RasSstp - ok
14:52:11.0261 0x1738 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:52:11.0286 0x1738 rdbss - ok
14:52:11.0301 0x1738 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:52:11.0308 0x1738 rdpbus - ok
14:52:11.0354 0x1738 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:52:11.0379 0x1738 RDPCDD - ok
14:52:11.0402 0x1738 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:52:11.0412 0x1738 RDPDR - ok
14:52:11.0417 0x1738 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:52:11.0437 0x1738 RDPENCDD - ok
14:52:11.0452 0x1738 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:52:11.0472 0x1738 RDPREFMP - ok
14:52:11.0538 0x1738 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:52:11.0546 0x1738 RdpVideoMiniport - ok
14:52:11.0567 0x1738 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:52:11.0579 0x1738 RDPWD - ok
14:52:11.0614 0x1738 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:52:11.0624 0x1738 rdyboost - ok
14:52:11.0646 0x1738 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:52:11.0668 0x1738 RemoteAccess - ok
14:52:11.0683 0x1738 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:52:11.0708 0x1738 RemoteRegistry - ok
14:52:11.0743 0x1738 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:52:11.0753 0x1738 RFCOMM - ok
14:52:11.0788 0x1738 [ 5BD6B1EC997FF3DD779D62E05D2079A8, BE4BDE29C134BAEDE4D35C777F2C6195F8C12FEF4583FAD2A442F8D1678B7FF7 ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
14:52:11.0798 0x1738 RMCAST - ok
14:52:11.0808 0x1738 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:52:11.0828 0x1738 RpcEptMapper - ok
14:52:11.0843 0x1738 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
14:52:11.0853 0x1738 RpcLocator - ok
14:52:11.0885 0x1738 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
14:52:11.0905 0x1738 RpcSs - ok
14:52:11.0923 0x1738 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:52:11.0948 0x1738 rspndr - ok
14:52:11.0983 0x1738 [ 135A64530D7699AD48F29D73A658DD11, 35838AE8ACFD9047C68DD0C8910557A82998E5CD778D5B98D4767AFA4BCE85BB ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
14:52:11.0993 0x1738 RSUSBSTOR - ok
14:52:12.0038 0x1738 [ F84917461BDB7C51B2ED7FF062B3A64A, 0DC81BA49BDDB4F425F526A21357E1CF70C94D67E99B3020E9FF14B680851EEC ] RTWlanE C:\Windows\system32\DRIVERS\rtwlane.sys
14:52:12.0068 0x1738 RTWlanE - ok
14:52:12.0087 0x1738 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:52:12.0098 0x1738 s3cap - ok
14:52:12.0112 0x1738 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] SamSs C:\Windows\system32\lsass.exe
14:52:12.0119 0x1738 SamSs - ok
14:52:12.0138 0x1738 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:52:12.0148 0x1738 sbp2port - ok
14:52:12.0168 0x1738 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:52:12.0198 0x1738 SCardSvr - ok
14:52:12.0213 0x1738 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:52:12.0238 0x1738 scfilter - ok
14:52:12.0288 0x1738 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
14:52:12.0318 0x1738 Schedule - ok
14:52:12.0338 0x1738 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:52:12.0358 0x1738 SCPolicySvc - ok
14:52:12.0383 0x1738 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:52:12.0393 0x1738 SDRSVC - ok
14:52:12.0414 0x1738 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:52:12.0431 0x1738 secdrv - ok
14:52:12.0452 0x1738 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
14:52:12.0461 0x1738 seclogon - ok
14:52:12.0468 0x1738 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
14:52:12.0493 0x1738 SENS - ok
14:52:12.0503 0x1738 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:52:12.0512 0x1738 SensrSvc - ok
14:52:12.0521 0x1738 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
14:52:12.0530 0x1738 Serenum - ok
14:52:12.0551 0x1738 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
14:52:12.0561 0x1738 Serial - ok
14:52:12.0586 0x1738 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:52:12.0596 0x1738 sermouse - ok
14:52:12.0628 0x1738 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
14:52:12.0653 0x1738 SessionEnv - ok
14:52:12.0663 0x1738 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:52:12.0673 0x1738 sffdisk - ok
14:52:12.0683 0x1738 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:52:12.0692 0x1738 sffp_mmc - ok
14:52:12.0729 0x1738 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:52:12.0739 0x1738 sffp_sd - ok
14:52:12.0793 0x1738 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:52:12.0801 0x1738 sfloppy - ok
14:52:12.0924 0x1738 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:52:12.0952 0x1738 SharedAccess - ok
14:52:12.0985 0x1738 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:52:13.0014 0x1738 ShellHWDetection - ok
14:52:13.0042 0x1738 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:52:13.0050 0x1738 SiSRaid2 - ok
14:52:13.0068 0x1738 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:52:13.0075 0x1738 SiSRaid4 - ok
14:52:13.0160 0x1738 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:52:13.0172 0x1738 SkypeUpdate - ok
14:52:13.0199 0x1738 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:52:13.0223 0x1738 Smb - ok
14:52:13.0270 0x1738 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:52:13.0280 0x1738 SNMPTRAP - ok
14:52:13.0355 0x1738 [ 4945020BC094C322571184A6E8056B3A, 9E09257411F7C3631537D0198E0E64CDD1A697D80430F6379139B15A2BA8A6C9 ] SolidWorks Licensing Service C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
14:52:13.0359 0x1738 SolidWorks Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
14:52:15.0960 0x1738 Detect skipped due to KSN trusted
14:52:15.0960 0x1738 SolidWorks Licensing Service - ok
14:52:16.0011 0x1738 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
14:52:16.0018 0x1738 spldr - ok
14:52:16.0054 0x1738 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
14:52:16.0071 0x1738 Spooler - ok
14:52:16.0166 0x1738 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
14:52:16.0243 0x1738 sppsvc - ok
14:52:16.0261 0x1738 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:52:16.0284 0x1738 sppuinotify - ok
14:52:16.0314 0x1738 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:52:16.0330 0x1738 srv - ok
14:52:16.0346 0x1738 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:52:16.0360 0x1738 srv2 - ok
14:52:16.0370 0x1738 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:52:16.0380 0x1738 srvnet - ok
14:52:16.0408 0x1738 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:52:16.0435 0x1738 SSDPSRV - ok
14:52:16.0444 0x1738 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:52:16.0469 0x1738 SstpSvc - ok
14:52:16.0547 0x1738 [ 591249EA969797C2A24629AF7C71A6F8, 61F28FB495657916514DE2A7FFD4AD833A1B2BBA5591616BE0C9CCD7DAFA40B7 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:52:16.0564 0x1738 Steam Client Service - ok
14:52:16.0587 0x1738 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:52:16.0594 0x1738 stexstor - ok
14:52:16.0631 0x1738 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
14:52:16.0652 0x1738 stisvc - ok
14:52:16.0668 0x1738 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:52:16.0673 0x1738 storflt - ok
14:52:16.0703 0x1738 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
14:52:16.0712 0x1738 StorSvc - ok
14:52:16.0735 0x1738 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:52:16.0742 0x1738 storvsc - ok
14:52:16.0756 0x1738 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:52:16.0761 0x1738 swenum - ok
14:52:16.0786 0x1738 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
14:52:16.0816 0x1738 swprv - ok
14:52:16.0826 0x1738 [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc C:\Windows\system32\drivers\Synth3dVsc.sys
14:52:16.0836 0x1738 Synth3dVsc - ok
14:52:16.0906 0x1738 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
14:52:16.0941 0x1738 SysMain - ok
14:52:16.0961 0x1738 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:52:16.0979 0x1738 TabletInputService - ok
14:52:17.0044 0x1738 [ 134B275751051C5D03F9ACCDC4F8CAAB, D50F96485AF6F26EA9A5A3A2ADEACC2DFD3B2ABCDAB88195B75CC72EAC543BE2 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
14:52:17.0052 0x1738 tap0901 - ok
14:52:17.0090 0x1738 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
14:52:17.0116 0x1738 TapiSrv - ok
14:52:17.0230 0x1738 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:52:17.0264 0x1738 Tcpip - ok
14:52:17.0330 0x1738 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:52:17.0364 0x1738 TCPIP6 - ok
14:52:17.0389 0x1738 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:52:17.0399 0x1738 tcpipreg - ok
14:52:17.0424 0x1738 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:52:17.0434 0x1738 TDPIPE - ok
14:52:17.0454 0x1738 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:52:17.0464 0x1738 TDTCP - ok
14:52:17.0494 0x1738 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:52:17.0504 0x1738 tdx - ok
14:52:17.0679 0x1738 [ 97F6FFB8A305A77D25C6C0E07B71D252, 97C5FC73A250FC2016E29148A6A37E54BD74AE983D99AAF4890C059719C93EC2 ] TeamViewer9 F:\Programme\Neuer Ordner\TeamViewer_Service.exe
14:52:17.0758 0x1738 TeamViewer9 - ok
14:52:17.0798 0x1738 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:52:17.0808 0x1738 TermDD - ok
14:52:17.0840 0x1738 [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt C:\Windows\system32\drivers\terminpt.sys
14:52:17.0847 0x1738 terminpt - ok
14:52:17.0878 0x1738 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
14:52:17.0897 0x1738 TermService - ok
14:52:17.0912 0x1738 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
14:52:17.0924 0x1738 Themes - ok
14:52:17.0941 0x1738 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
14:52:17.0966 0x1738 THREADORDER - ok
14:52:18.0001 0x1738 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
14:52:18.0021 0x1738 TrkWks - ok
14:52:18.0136 0x1738 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:52:18.0156 0x1738 TrustedInstaller - ok
14:52:18.0210 0x1738 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:52:18.0215 0x1738 tssecsrv - ok
14:52:18.0245 0x1738 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:52:18.0255 0x1738 TsUsbFlt - ok
14:52:18.0285 0x1738 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:52:18.0295 0x1738 TsUsbGD - ok
14:52:18.0320 0x1738 [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
14:52:18.0330 0x1738 tsusbhub - ok
14:52:18.0355 0x1738 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:52:18.0380 0x1738 tunnel - ok
14:52:18.0395 0x1738 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:52:18.0400 0x1738 uagp35 - ok
14:52:18.0420 0x1738 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:52:18.0445 0x1228 Object required for P2P: [ CF27CDA72455B4A7853ED98CFC57218A ] NvStreamNetworkSvc
14:52:18.0450 0x1738 udfs - ok
14:52:18.0470 0x1738 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:52:18.0480 0x1738 UI0Detect - ok
14:52:18.0500 0x1738 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:52:18.0510 0x1738 uliagpkx - ok
14:52:18.0530 0x1738 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:52:18.0540 0x1738 umbus - ok
14:52:18.0565 0x1738 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
14:52:18.0570 0x1738 UmPass - ok
14:52:18.0585 0x1738 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
14:52:18.0595 0x1738 UmRdpService - ok
14:52:18.0610 0x1738 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
14:52:18.0635 0x1738 upnphost - ok
14:52:18.0660 0x1738 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:52:18.0665 0x1738 usbaudio - ok
14:52:18.0710 0x1738 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:52:18.0715 0x1738 usbccgp - ok
14:52:18.0735 0x1738 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:52:18.0745 0x1738 usbcir - ok
14:52:18.0760 0x1738 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:52:18.0765 0x1738 usbehci - ok
14:52:18.0790 0x1738 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:52:18.0805 0x1738 usbhub - ok
14:52:18.0820 0x1738 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:52:18.0830 0x1738 usbohci - ok
14:52:18.0864 0x1738 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:52:18.0873 0x1738 usbprint - ok
14:52:18.0895 0x1738 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:52:18.0900 0x1738 usbscan - ok
14:52:18.0940 0x1738 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\DRIVERS\usbser.sys
14:52:18.0945 0x1738 usbser - ok
14:52:18.0975 0x1738 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:52:18.0985 0x1738 USBSTOR - ok
14:52:19.0015 0x1738 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:52:19.0025 0x1738 usbuhci - ok
14:52:19.0075 0x1738 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:52:19.0085 0x1738 usbvideo - ok
14:52:19.0105 0x1738 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
14:52:19.0125 0x1738 UxSms - ok
14:52:19.0140 0x1738 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] VaultSvc C:\Windows\system32\lsass.exe
14:52:19.0145 0x1738 VaultSvc - ok
14:52:19.0185 0x1738 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:52:19.0190 0x1738 vdrvroot - ok
14:52:19.0215 0x1738 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
14:52:19.0245 0x1738 vds - ok
14:52:19.0255 0x1738 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:52:19.0265 0x1738 vga - ok
14:52:19.0275 0x1738 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:52:19.0300 0x1738 VgaSave - ok
14:52:19.0300 0x1738 VGPU - ok
14:52:19.0315 0x1738 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:52:19.0325 0x1738 vhdmp - ok
14:52:19.0355 0x1738 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
14:52:19.0360 0x1738 viaide - ok
14:52:19.0455 0x1738 [ 2562943B90AFA9829097FB4274276D1D, EE003EF7A3EC49CFEF2EED841482721D7A89368967BFC44CE8DD9D3BDAF0572F ] VMAuthdService F:\Programme\VMware\vmware-authd.exe
14:52:19.0460 0x1738 VMAuthdService - ok
14:52:19.0505 0x1738 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:52:19.0513 0x1738 vmbus - ok
14:52:19.0524 0x1738 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:52:19.0529 0x1738 VMBusHID - ok
14:52:19.0549 0x1738 [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci C:\Windows\system32\DRIVERS\vmci.sys
14:52:19.0554 0x1738 vmci - ok
14:52:19.0588 0x1738 [ 4F19996D0765835797EC7B5F35D12240, FD4D222A373C3DF2B9FC7877C0EC050BF71A6C700FB52984E44FD25E49755A11 ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
14:52:19.0593 0x1738 vmkbd - ok
14:52:19.0603 0x1738 [ 18AA5F4A3B1204AD00045EE5AD39BCDB, 0211A8E94F169A2A52CD39CD580293907EBE104E52038DC36B988DE1CA7F2392 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
14:52:19.0609 0x1738 VMnetAdapter - ok
14:52:19.0639 0x1738 [ 04CD4347CD9E8C40F78AD51F7FF426D0, BCA3E593E118BCA30142B23CD1CBE6905442D31C3DEB4C71B06D721E601F7BD8 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
14:52:19.0648 0x1738 VMnetBridge - ok
14:52:19.0650 0x1738 VMnetDHCP - ok
14:52:19.0665 0x1738 [ F550680013FEA869820CB8320FAA2352, AA98DB7E71737DD8574ADB2DD9531C1DD46BABE99F89ED87D681D6C21BFA0D1C ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
14:52:19.0672 0x1738 VMnetuserif - ok
14:52:19.0702 0x1738 [ 5E6B64631689382413131EF2E959E35D, 2C7CC2735B60CD05854AB19418BB637105A4D5FA114F56EDC40D82B8B430F107 ] vmusb C:\Windows\system32\DRIVERS\vmusb.sys
14:52:19.0709 0x1738 vmusb - ok
14:52:19.0761 0x1738 [ 41FAE6618768DC93D98DDAF3F8282D3E, 95995542026CC111B8FFAA01AC9E55B2F942A9108F5F00502A35339C13BBF20D ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
14:52:19.0781 0x1738 VMUSBArbService - ok
14:52:19.0781 0x1738 VMware NAT Service - ok
14:52:19.0802 0x1738 [ 227E4EA654B4D52C2AAA8B1DCD5C45DE, 7D9A675A6481D288846D7F22AE15EC62DF31C9385C83D875586EE371CC9C3410 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
14:52:19.0812 0x1738 vmx86 - ok
14:52:19.0822 0x1738 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:52:19.0832 0x1738 volmgr - ok
14:52:19.0867 0x1738 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:52:19.0882 0x1738 volmgrx - ok
14:52:19.0897 0x1738 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:52:19.0907 0x1738 volsnap - ok
14:52:19.0933 0x1738 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:52:19.0943 0x1738 vsmraid - ok
14:52:19.0954 0x1738 [ CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D, 32A891045AF36FEAC62373894B98ABDCEA437978BDE027169C22EBC2C72D586E ] vsock C:\Windows\system32\drivers\vsock.sys
14:52:19.0959 0x1738 vsock - ok
14:52:20.0004 0x1738 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
14:52:20.0049 0x1738 VSS - ok
14:52:20.0174 0x1738 [ 6BFD538788E468AE314173C6E7C0E7AC, 7C4D7C4E96AFDEE5E3F698486B03291AC75428AA4B4120FD7412EAA3398BB4CD ] vToolbarUpdater3.5.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\ToolbarUpdater.exe
14:52:20.0204 0x1738 vToolbarUpdater3.5.0 - ok
14:52:20.0224 0x1738 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:52:20.0234 0x1738 vwifibus - ok
14:52:20.0239 0x1738 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:52:20.0249 0x1738 vwififlt - ok
14:52:20.0259 0x1738 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:52:20.0269 0x1738 vwifimp - ok
14:52:20.0304 0x1738 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
14:52:20.0334 0x1738 W32Time - ok
14:52:20.0399 0x1738 [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
14:52:20.0414 0x1738 W3SVC - ok
14:52:20.0434 0x1738 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:52:20.0439 0x1738 WacomPen - ok
14:52:20.0463 0x1738 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:52:20.0483 0x1738 WANARP - ok
14:52:20.0493 0x1738 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:52:20.0518 0x1738 Wanarpv6 - ok
14:52:20.0553 0x1738 [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
14:52:20.0568 0x1738 WAS - ok
14:52:20.0642 0x1738 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:52:20.0669 0x1738 WatAdminSvc - ok
14:52:20.0726 0x1738 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
14:52:20.0761 0x1738 wbengine - ok
14:52:20.0771 0x1738 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:52:20.0786 0x1738 WbioSrvc - ok
14:52:20.0806 0x1738 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:52:20.0821 0x1738 wcncsvc - ok
14:52:20.0836 0x1738 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:52:20.0846 0x1738 WcsPlugInService - ok
14:52:20.0871 0x1738 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
14:52:20.0876 0x1738 Wd - ok
14:52:21.0039 0x1738 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:52:21.0058 0x1738 Wdf01000 - ok
14:52:21.0084 0x1738 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:52:21.0094 0x1738 WdiServiceHost - ok
14:52:21.0097 0x1738 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:52:21.0106 0x1738 WdiSystemHost - ok
14:52:21.0130 0x1738 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
14:52:21.0142 0x1738 WebClient - ok
14:52:21.0143 0x1228 Object send P2P result: true
14:52:21.0145 0x1228 Object required for P2P: [ A9FE27CA00E66C455520E8B75883B630 ] nvsvc
14:52:21.0168 0x1738 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:52:21.0198 0x1738 Wecsvc - ok
14:52:21.0213 0x1738 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:52:21.0233 0x1738 wercplsupport - ok
14:52:21.0263 0x1738 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
14:52:21.0288 0x1738 WerSvc - ok
14:52:21.0318 0x1738 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:52:21.0343 0x1738 WfpLwf - ok
14:52:21.0353 0x1738 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:52:21.0358 0x1738 WIMMount - ok
14:52:21.0378 0x1738 WinDefend - ok
14:52:21.0383 0x1738 WinHttpAutoProxySvc - ok
14:52:21.0443 0x1738 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:52:21.0468 0x1738 Winmgmt - ok
14:52:21.0523 0x1738 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
14:52:21.0563 0x1738 WinRM - ok
14:52:21.0598 0x1738 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:52:21.0608 0x1738 WinUsb - ok
14:52:21.0651 0x1738 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:52:21.0673 0x1738 Wlansvc - ok
14:52:21.0708 0x1738 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:52:21.0718 0x1738 WmiAcpi - ok
14:52:21.0747 0x1738 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:52:21.0760 0x1738 wmiApSrv - ok
14:52:21.0795 0x1738 WMPNetworkSvc - ok
14:52:21.0813 0x1738 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:52:21.0822 0x1738 WPCSvc - ok
14:52:21.0837 0x1738 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:52:21.0848 0x1738 WPDBusEnum - ok
14:52:21.0873 0x1738 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:52:21.0895 0x1738 ws2ifsl - ok
14:52:21.0911 0x1738 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
14:52:21.0925 0x1738 wscsvc - ok
14:52:21.0970 0x1738 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
14:52:21.0980 0x1738 WSDPrintDevice - ok
14:52:22.0005 0x1738 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
14:52:22.0013 0x1738 WSDScan - ok
14:52:22.0016 0x1738 WSearch - ok
14:52:22.0109 0x1738 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
14:52:22.0161 0x1738 wuauserv - ok
14:52:22.0185 0x1738 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:52:22.0193 0x1738 WudfPf - ok
14:52:22.0219 0x1738 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:52:22.0231 0x1738 WUDFRd - ok
14:52:22.0253 0x1738 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:52:22.0274 0x1738 wudfsvc - ok
14:52:22.0305 0x1738 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:52:22.0316 0x1738 WwanSvc - ok
14:52:22.0353 0x1738 ================ Scan global ===============================
14:52:22.0377 0x1738 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
14:52:22.0410 0x1738 [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
14:52:22.0419 0x1738 [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
14:52:22.0449 0x1738 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:52:22.0486 0x1738 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
14:52:22.0491 0x1738 [ Global ] - ok
14:52:22.0492 0x1738 ================ Scan MBR ==================================
14:52:22.0499 0x1738 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:52:23.0729 0x1228 Object send P2P result: true
14:52:26.0659 0x1738 \Device\Harddisk0\DR0 - ok
14:52:26.0659 0x1738 ================ Scan VBR ==================================
14:52:26.0660 0x1738 [ A705A0646D49F3C476282CEF4D3C1BC6 ] \Device\Harddisk0\DR0\Partition1
14:52:26.0712 0x1738 \Device\Harddisk0\DR0\Partition1 - ok
14:52:26.0727 0x1738 [ 90AC4E976B77ECBF5808B7EE69FEF4B1 ] \Device\Harddisk0\DR0\Partition2
14:52:26.0728 0x1738 \Device\Harddisk0\DR0\Partition2 - ok
14:52:26.0749 0x1738 [ 1D159B527AE398EA5CF10F7CF7FF6A8C ] \Device\Harddisk0\DR0\Partition3
14:52:26.0750 0x1738 \Device\Harddisk0\DR0\Partition3 - ok
14:52:26.0751 0x1738 ================ Scan generic autorun ======================
14:52:26.0783 0x1738 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
14:52:26.0794 0x1738 ShadowPlay - ok
14:52:27.0112 0x1738 [ E05849E5D0E51EB52080E7D2987B9D3B, E68E43CF0FFD69C193C5B692A019CE13D3FB58197E5827720B3ACDDE0812AAFA ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
14:52:27.0311 0x1738 RTHDVCPL - ok
14:52:27.0406 0x1738 [ F4CD6DA32F5FA8DF305C22A444DD7B5D, E8978FDB71597A4501429787E4729555C47292BD40AFDA2487C6D88DFDBD806C ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
14:52:27.0451 0x1738 NvBackend - ok
14:52:27.0647 0x1738 [ D56A00F9BA547A10EB8F827DC2243E4B, AA41F0CC4D32134939637F38A87FF2302F219073CE5D605CDED6433F6E7BC995 ] F:\Programme\NetWorx\networx.exe
14:52:27.0827 0x1738 NetWorx - ok
14:52:27.0832 0x1738 MsmqIntCert - ok
14:52:27.0997 0x1738 [ FAE0703D9079B34BAA27202AFB06CBA8, D9D4AACBBDB1C8DD7CA34D8F0278C7B72713FE5213576CAD37BCE3FDBCF1B470 ] C:\Program Files (x86)\AVG\AVG2014\avgui.exe
14:52:28.0127 0x1738 AVG_UI - ok
14:52:28.0222 0x1738 [ BCAEE3BE2AA87180E00279BC7689A9F2, 5D244F29E992A8776C60A89C2F5F46D757A3A89338AEC17AF6B9B1FD2873BE5F ] C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
14:52:28.0302 0x1738 vProt - ok
14:52:28.0353 0x1738 [ 059B8158C08C82C78DC6A8153A2467A4, 8E88DBC785CF679D238DC5CCBF0C79B03B30F742CF0FC6427AD0AD2AD5943169 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
14:52:28.0363 0x1738 SunJavaUpdateSched - ok
14:52:28.0443 0x1738 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:52:28.0523 0x1738 Sidebar - ok
14:52:28.0543 0x1738 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:52:28.0553 0x1738 mctadmin - ok
14:52:28.0573 0x1738 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:52:28.0598 0x1738 Sidebar - ok
14:52:28.0603 0x1738 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:52:28.0613 0x1738 mctadmin - ok
14:52:28.0673 0x1738 [ F25E2808F14C90D05B0363E59C016943, 94107D947061930DFD27A207FA33D365E376441777D740916A967C575BEDC4D9 ] C:\Users\Lennart\AppData\Local\Mixesoft\AppNHost\appnhost.exe
14:52:28.0683 0x1738 appnhost - ok
14:52:28.0743 0x1738 [ E4DDD0E18D73C3333F141937281805DB, E021B04F9244F734BE29D766A243E0681D4ED003E75952A5EEEF24C961B214D6 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
14:52:28.0783 0x1738 GoogleChromeAutoLaunch_88C69AD90AECC9317436C0E3E7328581 - ok
14:52:28.0818 0x1738 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:52:28.0843 0x1738 Sidebar - ok
14:52:28.0853 0x1738 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:52:28.0863 0x1738 mctadmin - ok
14:52:28.0863 0x1738 Waiting for KSN requests completion. In queue: 141
14:52:29.0863 0x1738 Waiting for KSN requests completion. In queue: 141
14:52:30.0863 0x1738 Waiting for KSN requests completion. In queue: 141
14:52:31.0863 0x1738 Waiting for KSN requests completion. In queue: 141
14:52:32.0863 0x1738 Waiting for KSN requests completion. In queue: 141
14:52:33.0863 0x1738 Waiting for KSN requests completion. In queue: 141
14:52:34.0863 0x1738 Waiting for KSN requests completion. In queue: 141
14:52:35.0863 0x1738 Waiting for KSN requests completion. In queue: 141
14:52:36.0864 0x1738 Waiting for KSN requests completion. In queue: 141
14:52:37.0864 0x1738 Waiting for KSN requests completion. In queue: 141
14:52:38.0864 0x1738 Waiting for KSN requests completion. In queue: 141
14:52:39.0864 0x1738 Waiting for KSN requests completion. In queue: 141
14:52:40.0864 0x1738 Waiting for KSN requests completion. In queue: 141
14:52:41.0864 0x1738 Waiting for KSN requests completion. In queue: 141
14:52:42.0864 0x1738 Waiting for KSN requests completion. In queue: 141
14:52:43.0864 0x1738 Waiting for KSN requests completion. In queue: 141
14:52:44.0864 0x1738 Waiting for KSN requests completion. In queue: 141
14:52:45.0864 0x1738 Waiting for KSN requests completion. In queue: 15
14:52:46.0864 0x1738 Waiting for KSN requests completion. In queue: 15
14:52:47.0864 0x1738 Waiting for KSN requests completion. In queue: 15
14:52:48.0864 0x1738 Waiting for KSN requests completion. In queue: 15
14:52:49.0943 0x1738 AV detected via SS2: AVG Internet Security 2014, C:\Program Files (x86)\AVG\AVG2014\avgwsc.exe ( 14.0.0.4855 ), 0x41000 ( enabled : updated )
14:52:49.0944 0x1738 FW detected via SS2: AVG Internet Security 2014, C:\Program Files (x86)\AVG\AVG2014\avgwsc.exe ( 14.0.0.4855 ), 0x41010 ( enabled )
14:52:53.0176 0x1738 ============================================================
14:52:53.0176 0x1738 Scan finished
14:52:53.0176 0x1738 ============================================================
14:52:53.0182 0x10f8 Detected object count: 2
14:52:53.0182 0x10f8 Actual detected object count: 2
14:53:26.0465 0x10f8 BEService ( UnsignedFile.Multi.Generic ) - skipped by user
14:53:26.0465 0x10f8 BEService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:53:26.0465 0x10f8 chip1click ( UnsignedFile.Multi.Generic ) - skipped by user
14:53:26.0465 0x10f8 chip1click ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:54:46.0342 0x2268 Deinitialize success
|
|
30.05.2016, 14:40
| #5 |
| /// TB-Ausbilder | Spacekace Ordner im Laufwerk C: entdeckt Servus, Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
30.05.2016, 15:21
| #6 |
| | Spacekace Ordner im Laufwerk C: entdeckt Zu Schritt 1 Habe die checkbox beim ersten Mal ausversehen abgewählt, deswegen 2 logs. Code:
ATTFilter # AdwCleaner v5.118 - Bericht erstellt am 30/05/2016 um 16:05:36
# Aktualisiert am 23/05/2016 von Xplode
# Datenbank : 2016-05-30.1 [Server]
# Betriebssystem : Windows 7 Enterprise Service Pack 1 (X64)
# Benutzername : Lennart - LENNART-PC
# Gestartet von : C:\Users\Lennart\Desktop\AdwCleaner_5.118.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
[x] Dienst Nicht gelöscht : vToolbarUpdater3.5.0
***** [ Ordner ] *****
[-] Ordner gelöscht : C:\ProgramData\AVG Secure Search
[-] Ordner gelöscht : C:\ProgramData\AVG Security Toolbar
[-] Ordner gelöscht : C:\ProgramData\WindowsMangerProtect
[-] Ordner gelöscht : C:\ProgramData\avg web tuneup
[-] Ordner gelöscht : C:\ProgramData\13773405251871534736
[-] Ordner gelöscht : C:\ProgramData\{c3da3271-ec2c-8953-c3da-a3271ec2c9c7}
[-] Ordner gelöscht : C:\Program Files (x86)\avg web tuneup
[-] Ordner gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Ordner gelöscht : C:\Users\Lennart\AppData\Local\AVG SafeGuard toolbar
[-] Ordner gelöscht : C:\Users\Lennart\AppData\Local\FileViewPro
[-] Ordner gelöscht : C:\Users\Lennart\AppData\Local\avg web tuneup
[-] Ordner gelöscht : C:\Users\Lennart\AppData\LocalLow\avg web tuneup
[-] Ordner gelöscht : C:\Users\Lennart\AppData\Roaming\sweet-page
***** [ Dateien ] *****
[-] Datei gelöscht : C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Schlüssel gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Schlüssel gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Schlüssel gelöscht : HKCU\Software\InstallCore
[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKCU\Software\torch
[-] Schlüssel gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
[-] Schlüssel gelöscht : HKLM\SOFTWARE\sweet-pageSoftware
[-] Schlüssel gelöscht : HKLM\SOFTWARE\torch
[-] Schlüssel gelöscht : HKLM\SOFTWARE\AVG Tuneup
[-] Schlüssel gelöscht : HKU\.DEFAULT\Software\OCS
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt : HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Daten wiederhergestellt : HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mystart.uninstallmaster.com
[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Schlüssel gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WindowsMangerProtect
[-] Schlüssel gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Wpm
***** [ Internetbrowser ] *****
[-] [C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] gelöscht : mysearch.avg.com
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [7123 Bytes] - [30/05/2016 16:05:36]
C:\AdwCleaner\AdwCleaner[R0].txt - [11953 Bytes] - [09/05/2014 23:53:10]
C:\AdwCleaner\AdwCleaner[S0].txt - [9193 Bytes] - [09/05/2014 23:54:13]
C:\AdwCleaner\AdwCleaner[S1].txt - [8819 Bytes] - [30/05/2016 16:04:35]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7416 Bytes] ##########
Code:
ATTFilter # AdwCleaner v5.118 - Bericht erstellt am 30/05/2016 um 16:13:38
# Aktualisiert am 23/05/2016 von Xplode
# Datenbank : 2016-05-30.1 [Server]
# Betriebssystem : Windows 7 Enterprise Service Pack 1 (X64)
# Benutzername : Lennart - LENNART-PC
# Gestartet von : C:\Users\Lennart\Desktop\AdwCleaner_5.118.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
[-] Dienst gelöscht : vToolbarUpdater3.5.0
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [7511 Bytes] - [30/05/2016 16:05:36]
C:\AdwCleaner\AdwCleaner[C2].txt - [1041 Bytes] - [30/05/2016 16:13:38]
C:\AdwCleaner\AdwCleaner[R0].txt - [11953 Bytes] - [09/05/2014 23:53:10]
C:\AdwCleaner\AdwCleaner[S0].txt - [9193 Bytes] - [09/05/2014 23:54:13]
C:\AdwCleaner\AdwCleaner[S1].txt - [8819 Bytes] - [30/05/2016 16:04:35]
C:\AdwCleaner\AdwCleaner[S2].txt - [1184 Bytes] - [30/05/2016 16:10:26]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1407 Bytes] ##########
|
|
30.05.2016, 15:25
| #7 |
| /// TB-Ausbilder | Spacekace Ordner im Laufwerk C: entdeckt Servus, gut gemacht.  Dann weiter mit den anderen Schritten. |
|
30.05.2016, 16:01
| #8 |
| | Spacekace Ordner im Laufwerk C: entdeckt mbam Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 30.05.2016 Suchlaufzeit: 16:24 Protokolldatei: mbamlog.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.05.30.05 Rootkit-Datenbank: v2016.05.27.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Lennart Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 339736 Abgelaufene Zeit: 17 Min., 14 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 19 PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\OCComSDK.ComSDK.1, In Quarantäne, [b55895475445ce687b2dfc43e02442be], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\OCComSDK.ComSDK, In Quarantäne, [b55895475445ce687b2dfc43e02442be], PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\OCComSDK.ComSDK, In Quarantäne, [b55895475445ce687b2dfc43e02442be], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\OCComSDK.ComSDK, In Quarantäne, [b55895475445ce687b2dfc43e02442be], PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\OCComSDK.ComSDK.1, In Quarantäne, [b55895475445ce687b2dfc43e02442be], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\OCComSDK.ComSDK.1, In Quarantäne, [b55895475445ce687b2dfc43e02442be], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}, In Quarantäne, [b55895475445ce687b2dfc43e02442be], Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 1 PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[c8452eaeb8e1b77fad7d1245bf452dd3] Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 1 PUP.Optional.OpenCandy, C:\Users\Lennart\AppData\Local\Temp\HYDBA10.tmp.1447707832\HTA\3rdparty\OCComSDK.dll, In Quarantäne, [b55895475445ce687b2dfc43e02442be], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Enterprise x64
Ran by Lennart (Administrator) on 30.05.2016 at 16:51:14,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 19
Successfully deleted: C:\Users\Lennart\AppData\Local\ggempire (Folder)
Successfully deleted: C:\Windows\system32\Tasks\Google Update (Task)
Successfully deleted: C:\Program Files (x86)\GUT1F15.tmp (File)
Successfully deleted: C:\Users\Lennart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lennart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\30XF9ZYQ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lennart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4QQ5WTN1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lennart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lennart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYWM6030 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lennart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lennart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lennart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W8OS6M42 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\30XF9ZYQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4QQ5WTN1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYWM6030 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W8OS6M42 (Temporary Internet Files Folder)
Deleted the following from C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\prefs.js
user_pref(browser.urlbar.suggest.searches, true);
Registry: 1
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_88C69AD90AECC9317436C0E3E7328581 (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.05.2016 at 16:55:39,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016 02 durchgeführt von Lennart (Administrator) auf LENNART-PC (30-05-2016 16:58:50) Gestartet von C:\Users\Lennart\Desktop Geladene Profile: Lennart (Verfügbare Profile: Lennart & DefaultAppPool) Platform: Windows 7 Enterprise Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVM GmbH) F:\Programme\Fritz\PowerlineService.exe (Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (TeamViewer GmbH) F:\Programme\Neuer Ordner\TeamViewer_Service.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe (VMware, Inc.) F:\Programme\VMware\vmware-authd.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (LogMeIn Inc.) F:\Programme\Hamachi\hamachi-2.exe (LogMeIn, Inc.) F:\Programme\Hamachi\LMIGuardianSvc.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-23] (NVIDIA Corporation) HKLM\...\Run: [NetWorx] => F:\Programme\NetWorx\networx.exe [6589136 2014-09-30] (SoftPerfect Research) HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5212584 2016-02-05] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Run: [appnhost] => C:\Users\Lennart\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Mixesoft Project) HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Run: [GoogleChromeAutoLaunch_88C69AD90AECC9317436C0E3E7328581] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1008280 2016-05-11] (Google Inc.) HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\MountPoints2: {1be94695-f39b-11e3-9d4c-448a5b404961} - E:\Setup.exe AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175368 2016-01-23] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [153392 2016-01-23] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2015 Schnellstart.lnk [2016-04-27] ShortcutTarget: SOLIDWORKS 2015 Schnellstart.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{25DDDE53-0D5A-434E-81DC-F7399DF727D5}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{25DDDE53-0D5A-434E-81DC-F7399DF727D5}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6CE4710C-C961-4160-BA19-D64995371EDF}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.) BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.) BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-27] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-27] (Oracle Corporation) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.) FireFox: ======== FF ProfilePath: C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] () FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-27] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-27] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @phonostar.de/phonostar-Player -> F:\Programme\phonostar-Player\npphonostarDetectNP.dll [2015-02-26] ( ) FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lennart\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-21] (Unity Technologies ApS) FF Extension: QuickJava - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-05-22] FF Extension: JavaScript on-off applet - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\extensions\{54e46280-0211-11e3-b778-0800200c9a66}.xpi [2016-05-22] FF Extension: Adblock Plus - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-11] StartMenuInternet: FIREFOX.EXE - F:\Programme\Firefox\firefox.exe Chrome: ======= CHR Session Restore: Profile 1 -> ist aktiviert. CHR Profile: C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-22] CHR Extension: (GeoGebra) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2016-05-22] CHR Extension: (Adblock Plus) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-05-22] CHR Extension: (Google-Suche) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-05-22] CHR Extension: (AdBlock) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-22] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-22] CHR Extension: (Google Mail) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] CHR Profile: C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Präsentationen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-14] CHR Extension: (Magic Actions for YouTube™) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-05-30] CHR Extension: (BetterTTV) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-10-09] CHR Extension: (Google Docs) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-14] CHR Extension: (Google Drive) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Honey) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-05-19] CHR Extension: (Google Cast) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-03-24] CHR Extension: (Adblock Plus) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09] CHR Extension: (Google-Suche) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Tampermonkey) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-04-17] CHR Extension: (Google Tabellen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-14] CHR Extension: (Chrome Remote Desktop) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-05-10] CHR Extension: (Google Docs Offline) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (ReChat for Twitch™) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ipplilmaapjjklilmmaccfemdmhkoacd [2016-03-04] CHR Extension: (Todoist: To-Do Liste und Aufgabenverwaltung) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2016-03-18] CHR Extension: (Reddit Enhancement Suite) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-03-18] CHR Extension: (AVG Secure Search) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-05-14] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04] CHR Extension: (Google Mail) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-14] CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1443144 2016-02-05] (AVG Technologies CZ, s.r.o.) S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3260328 2016-02-05] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301896 2016-02-05] (AVG Technologies CZ, s.r.o.) R2 AVMPowerlineService; F:\Programme\Fritz\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert] S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-05-18] () [Datei ist nicht signiert] R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [81408 2016-04-28] (Chip Digital GmbH) [Datei ist nicht signiert] R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe [68488 2016-04-14] (Google Inc.) S3 CoordinatorServiceHost; F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [81400 2015-11-11] (Dassault Systèmes SolidWorks Corporation) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-23] (NVIDIA Corporation) R2 Hamachi2Svc; F:\Programme\Hamachi\hamachi-2.exe [2552840 2016-05-06] (LogMeIn Inc.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation) R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] () R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-21] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-23] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-23] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-23] (NVIDIA Corporation) S3 OpenVPNService; F:\Programme\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1286896 2016-05-19] (Overwolf LTD) S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2016-04-27] (SolidWorks) [Datei ist nicht signiert] R2 TeamViewer9; F:\Programme\Neuer Ordner\TeamViewer_Service.exe [5024576 2014-04-25] (TeamViewer GmbH) R2 VMAuthdService; F:\Programme\VMware\vmware-authd.exe [86744 2014-06-12] (VMware, Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.) R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [237536 2015-05-26] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [369120 2015-05-26] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [211936 2015-05-26] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [276960 2015-05-18] (AVG Technologies CZ, s.r.o.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-14] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118504 2012-12-19] (Qualcomm Atheros Co., Ltd.) S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.) S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-30] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation) R1 networx; C:\Windows\System32\drivers\networx.sys [60408 2014-08-01] (NetFilterSDK.com) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-23] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation) R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation ) R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-30 16:55 - 2016-05-30 16:55 - 00003718 _____ C:\Users\Lennart\Desktop\JRT.txt 2016-05-30 16:50 - 2016-05-30 16:50 - 01610816 _____ (Malwarebytes) C:\Users\Lennart\Desktop\JRT.exe 2016-05-30 16:50 - 2016-05-30 16:50 - 00004313 _____ C:\Users\Lennart\Desktop\mbamlog.txt 2016-05-30 16:23 - 2016-05-30 16:46 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-05-30 16:22 - 2016-05-30 16:22 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-05-30 16:22 - 2016-05-30 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-05-30 16:22 - 2016-05-30 16:22 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-05-30 16:22 - 2016-05-30 16:22 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-05-30 16:22 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-05-30 16:22 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-05-30 16:22 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-05-30 16:21 - 2016-05-30 16:21 - 22851472 _____ (Malwarebytes ) C:\Users\Lennart\Desktop\mbam-setup-2.2.1.1043.exe 2016-05-30 15:59 - 2016-05-30 15:59 - 03678272 _____ C:\Users\Lennart\Desktop\AdwCleaner_5.118.exe 2016-05-30 14:49 - 2016-05-30 14:54 - 00235108 _____ C:\TDSSKiller.3.1.0.9_30.05.2016_14.49.28_log.txt 2016-05-30 14:49 - 2016-05-30 14:49 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Lennart\Desktop\tdsskiller.exe 2016-05-30 14:46 - 2016-05-30 14:48 - 00050441 _____ C:\Users\Lennart\Desktop\Addition.txt 2016-05-30 14:44 - 2016-05-30 16:59 - 00023411 _____ C:\Users\Lennart\Desktop\FRST.txt 2016-05-30 14:43 - 2016-05-29 15:53 - 02383872 _____ (Farbar) C:\Users\Lennart\Desktop\FRST64.exe 2016-05-29 15:55 - 2016-05-30 16:58 - 00000000 ____D C:\FRST 2016-05-22 17:22 - 2016-05-22 17:22 - 00003704 _____ C:\Windows\System32\Tasks\Java Platform SE Auto Updater 2016-05-22 17:11 - 2016-05-22 17:26 - 00000000 ____D C:\Users\Lennart\AppData\Local\AvgSetupLog 2016-05-22 14:18 - 2016-05-22 14:18 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\dvdcss 2016-05-21 13:22 - 2016-05-29 17:46 - 00000000 _____ C:\Users\Lennart\AppData\Local\Temptable.xml 2016-05-17 16:40 - 2016-05-17 22:02 - 00032768 _____ C:\Users\Lennart\Desktop\MeA Testat 1b.xls 2016-05-14 21:28 - 2016-05-06 16:29 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys 2016-05-14 20:40 - 2016-05-14 20:40 - 00000000 ____D C:\Users\Lennart\AppData\Local\LogMeIn 2016-05-14 20:40 - 2016-05-14 20:40 - 00000000 ____D C:\ProgramData\LogMeIn 2016-05-14 20:32 - 2016-05-14 21:22 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\Tunngle 2016-05-14 20:32 - 2016-05-14 20:32 - 00000000 ____D C:\Users\Lennart\Documents\Tunngle 2016-05-14 20:32 - 2016-04-27 00:49 - 00039464 _____ (Tunngle.net GmbH) C:\Windows\system32\Drivers\tap0901t.sys 2016-05-14 20:13 - 2016-05-30 16:46 - 00000000 ____D C:\Users\Lennart\AppData\Local\LogMeIn Hamachi 2016-05-14 20:13 - 2016-05-14 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2016-05-14 20:11 - 2016-05-14 20:11 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH 2016-05-13 15:24 - 2016-05-13 15:28 - 00000000 ____D C:\Users\Lennart\Documents\OpenRA 2016-05-11 13:59 - 2016-04-23 19:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-05-11 13:59 - 2016-04-23 18:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-05-11 13:59 - 2016-04-23 07:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-05-11 13:59 - 2016-04-23 07:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-05-11 13:59 - 2016-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-05-11 13:59 - 2016-04-23 07:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-05-11 13:59 - 2016-04-23 07:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-05-11 13:59 - 2016-04-23 07:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-05-11 13:59 - 2016-04-23 07:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-05-11 13:59 - 2016-04-23 07:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-05-11 13:59 - 2016-04-23 07:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-05-11 13:59 - 2016-04-23 06:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-05-11 13:59 - 2016-04-23 06:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-05-11 13:59 - 2016-04-23 06:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-05-11 13:59 - 2016-04-23 06:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-05-11 13:59 - 2016-04-23 06:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-05-11 13:59 - 2016-04-23 06:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-05-11 13:59 - 2016-04-23 06:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-05-11 13:59 - 2016-04-23 06:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-05-11 13:59 - 2016-04-23 06:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-05-11 13:59 - 2016-04-23 06:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-05-11 13:59 - 2016-04-23 06:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-05-11 13:59 - 2016-04-23 06:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-05-11 13:59 - 2016-04-23 06:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-05-11 13:59 - 2016-04-23 06:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-05-11 13:59 - 2016-04-23 06:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-05-11 13:59 - 2016-04-23 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-05-11 13:59 - 2016-04-23 06:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-05-11 13:59 - 2016-04-23 06:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-05-11 13:59 - 2016-04-23 06:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-05-11 13:59 - 2016-04-23 06:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-05-11 13:59 - 2016-04-23 06:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-05-11 13:59 - 2016-04-23 06:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-05-11 13:59 - 2016-04-23 06:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-05-11 13:59 - 2016-04-23 06:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-05-11 13:59 - 2016-04-23 06:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-05-11 13:59 - 2016-04-23 06:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-05-11 13:59 - 2016-04-23 06:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-05-11 13:59 - 2016-04-23 06:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-05-11 13:59 - 2016-04-23 06:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-05-11 13:59 - 2016-04-23 06:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-05-11 13:59 - 2016-04-23 06:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-05-11 13:59 - 2016-04-23 06:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-05-11 13:59 - 2016-04-23 05:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-05-11 13:59 - 2016-04-23 05:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-05-11 13:59 - 2016-04-23 05:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-05-11 13:59 - 2016-04-23 05:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-05-11 13:59 - 2016-04-23 05:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-05-11 13:59 - 2016-04-23 05:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-05-11 13:59 - 2016-04-23 05:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-05-11 13:59 - 2016-04-23 05:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-05-11 13:59 - 2016-04-23 05:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-05-11 13:59 - 2016-04-23 05:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-05-11 13:59 - 2016-04-23 05:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-05-11 13:59 - 2016-04-23 05:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-05-11 13:59 - 2016-04-23 05:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-05-11 13:59 - 2016-04-23 05:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-05-11 13:59 - 2016-04-23 05:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-05-11 13:59 - 2016-04-23 05:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-05-11 13:59 - 2016-04-23 05:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-05-11 13:59 - 2016-04-23 05:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-05-11 13:59 - 2016-04-23 05:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-05-11 13:59 - 2016-04-23 05:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-05-11 13:59 - 2016-04-23 05:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-05-11 13:59 - 2016-04-23 05:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-05-11 13:59 - 2016-04-23 05:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-05-11 13:59 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2016-05-11 13:59 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2016-05-11 13:59 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2016-05-11 13:59 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2016-05-11 13:59 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2016-05-11 13:59 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-05-11 13:59 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2016-05-11 13:59 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-05-11 13:59 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2016-05-11 13:59 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-05-11 13:59 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2016-05-11 13:59 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2016-05-11 13:59 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2016-05-11 13:58 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-05-11 13:58 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-05-11 13:58 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-05-11 13:58 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-05-11 13:58 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-05-11 13:58 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-05-11 13:58 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-05-11 13:58 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-05-11 13:58 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-05-11 13:58 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-05-11 13:58 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-05-11 13:58 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-05-11 13:58 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-05-11 13:58 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-05-11 13:58 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-05-11 13:58 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-05-11 13:58 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-05-11 13:58 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-05-11 13:58 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-05-11 13:58 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-05-11 13:58 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-05-11 13:58 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-05-11 13:58 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-05-11 13:58 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-05-11 13:58 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2016-05-11 13:58 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2016-05-06 16:29 - 2016-05-06 16:29 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-30 16:50 - 2010-11-21 08:22 - 00778516 _____ C:\Windows\system32\perfh007.dat 2016-05-30 16:50 - 2010-11-21 08:22 - 00177978 _____ C:\Windows\system32\perfc007.dat 2016-05-30 16:50 - 2009-07-14 07:13 - 01820656 _____ C:\Windows\system32\PerfStringBackup.INI 2016-05-30 16:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2016-05-30 16:46 - 2015-09-04 20:56 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2016-05-30 16:46 - 2015-07-05 21:53 - 00000000 __SHD C:\Users\Lennart\IntelGraphicsProfiles 2016-05-30 16:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv 2016-05-30 16:44 - 2015-04-02 02:29 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-05-30 16:44 - 2014-08-09 21:01 - 00000000 ____D C:\ProgramData\VMware 2016-05-30 16:44 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-05-30 16:43 - 2010-11-21 08:28 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents 2016-05-30 16:43 - 2009-07-14 06:45 - 00021744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-05-30 16:43 - 2009-07-14 06:45 - 00021744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-05-30 16:37 - 2015-12-10 22:19 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA.job 2016-05-30 16:36 - 2015-04-02 02:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-05-30 16:13 - 2014-05-09 23:53 - 00000000 ____D C:\AdwCleaner 2016-05-30 16:00 - 2014-08-01 12:41 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\vlc 2016-05-30 15:27 - 2014-05-03 17:22 - 00000000 ____D C:\ProgramData\MFAData 2016-05-30 15:16 - 2015-02-28 20:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-05-29 18:40 - 2016-04-24 14:22 - 00000000 ____D C:\Users\Lennart\AppData\Local\TempSWSicherungsverzeichnis 2016-05-28 13:37 - 2015-12-10 22:19 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core.job 2016-05-27 12:21 - 2016-02-10 14:50 - 00097344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-05-27 12:21 - 2016-02-10 14:49 - 00000000 ____D C:\Program Files (x86)\Java 2016-05-27 12:21 - 2015-12-20 15:57 - 00000000 ____D C:\Users\Lennart\.oracle_jre_usage 2016-05-27 12:21 - 2014-07-19 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-05-27 12:21 - 2014-05-03 17:44 - 00000000 ____D C:\ProgramData\Oracle 2016-05-26 12:30 - 2015-10-06 18:30 - 00000000 ____D C:\Program Files (x86)\Overwolf 2016-05-22 17:26 - 2014-07-22 14:11 - 00000000 ____D C:\ProgramData\AVG 2016-05-22 17:15 - 2014-07-22 14:12 - 00000000 ____D C:\Users\Lennart\AppData\Local\AVG 2016-05-19 22:13 - 2015-12-19 01:19 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-05-18 08:21 - 2016-04-23 12:56 - 00000000 ____D C:\Users\Lennart\AppData\Local\SolidWorks 2016-05-17 11:58 - 2014-05-03 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-05-15 21:10 - 2015-11-03 19:53 - 00076488 _____ C:\Users\Lennart\AppData\Local\GDIPFONTCACHEV1.DAT 2016-05-14 21:33 - 2015-11-04 15:04 - 00309600 _____ C:\Windows\system32\FNTCACHE.DAT 2016-05-14 20:11 - 2014-10-20 17:15 - 00000000 ____D C:\Users\Lennart\AppData\Local\Downloaded Installations 2016-05-13 15:38 - 2015-04-02 02:29 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-05-13 15:38 - 2015-04-02 02:29 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-05-13 15:16 - 2015-02-28 20:58 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-05-13 15:16 - 2015-02-28 20:58 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-05-13 15:16 - 2015-02-28 20:58 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-05-12 18:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2016-05-11 23:09 - 2010-11-21 08:28 - 00000000 ____D C:\Program Files\Windows Journal 2016-05-11 15:17 - 2014-05-06 13:52 - 00000000 ____D C:\Windows\system32\MRT 2016-05-11 15:03 - 2011-05-25 16:59 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-05-11 13:32 - 2015-12-10 22:19 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA 2016-05-11 13:32 - 2015-12-10 22:19 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core 2016-05-11 13:31 - 2015-04-02 02:29 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-05-11 13:31 - 2015-04-02 02:29 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-05-10 23:48 - 2014-12-11 10:09 - 00000000 ____D C:\Windows\system32\appraiser 2016-05-10 23:46 - 2015-12-06 21:00 - 00000000 ____D C:\ProgramData\CanonIJPLM 2016-05-10 15:32 - 2014-12-25 13:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-05-14 17:34 - 2014-05-14 17:35 - 0000000 _____ () C:\Users\Lennart\AppData\Roaming\27.wav 2014-05-12 16:40 - 2014-05-12 16:51 - 0000198 _____ () C:\Users\Lennart\AppData\Roaming\SpotifyRecorderSettings.ini 2014-05-03 22:07 - 2015-08-22 20:49 - 0007597 _____ () C:\Users\Lennart\AppData\Local\Resmon.ResmonCfg 2016-05-21 13:22 - 2016-05-29 17:46 - 0000000 _____ () C:\Users\Lennart\AppData\Local\Temptable.xml 2014-05-27 15:25 - 2014-05-27 15:25 - 0000000 _____ () C:\Users\Lennart\AppData\Local\{04DBC2F6-A796-49AF-8289-15D0A805295C} 2014-07-14 14:05 - 2014-07-14 14:05 - 0000088 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc Einige Dateien in TEMP: ==================== C:\Users\Lennart\AppData\Local\Temp\GURE23.exe C:\Users\Lennart\AppData\Local\Temp\libeay32.dll C:\Users\Lennart\AppData\Local\Temp\MSETUP4.EXE C:\Users\Lennart\AppData\Local\Temp\msvcr120.dll C:\Users\Lennart\AppData\Local\Temp\SkypeSetup.exe C:\Users\Lennart\AppData\Local\Temp\sqlite3.dll C:\Users\Lennart\AppData\Local\Temp\uninstall.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-05-28 12:13 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
durchgeführt von Lennart (2016-05-30 16:59:21)
Gestartet von C:\Users\Lennart\Desktop
Windows 7 Enterprise Service Pack 1 (X64) (2014-05-03 13:55:49)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3922255045-3176004807-2504715946-500 - Administrator - Disabled)
Gast (S-1-5-21-3922255045-3176004807-2504715946-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3922255045-3176004807-2504715946-1003 - Limited - Enabled)
Lennart (S-1-5-21-3922255045-3176004807-2504715946-1000 - Administrator - Enabled) => C:\Users\Lennart
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: AVG Internet Security 2014 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2014 (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
AppNHost 1.0.5.1 (HKLM-x32\...\{A8CB86C7-CD4C-4C4F-AF6A-33D1CAC63562}) (Version: 1.0.5.1 - Mixesoft Project)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4855 - AVG Technologies)
AVG 2014 (Version: 14.0.4477 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4855 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.5.0.0 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG6400 series Benutzerregistrierung (HKLM-x32\...\Canon MG6400 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG6400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6400_series) (Version: 1.01 - Canon Inc.)
Canon MG6400 series On-screen Manual (HKLM-x32\...\Canon MG6400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 1.9.4.0 - Chip Digital GmbH)
Chrome Remote Desktop Host (HKLM-x32\...\{95EB2FCC-AE0B-40E9-B804-347C6358923B}) (Version: 51.0.2704.7 - Google Inc.)
ChromecastApp (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.4.0.28 - Swiss Academic Software)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FRITZ!Powerline (HKLM-x32\...\{F9C9378B-78D5-4CC0-8683-B7915DFEA9C5}) (Version: 01.00.65 - AVM Berlin)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Gauntlet™ (HKLM-x32\...\Steam App 258970) (Version: - Arrowhead Game Studios)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Golf With Friends (HKLM-x32\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.428 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.428 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version: - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 44.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.1 (x86 de)) (Version: 44.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetWorx 5.3.3 (HKLM\...\NetWorx_is1) (Version: - Softperfect Research)
NVIDIA GeForce Experience 2.9.1.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.35 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenVPN 2.3.6-I601 (HKLM\...\OpenVPN) (Version: 2.3.6-I601 - )
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.94.111.0 - Overwolf Ltd.)
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
phonostar-Player Version 3.03.6 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version: - )
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6914 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - REALTEK Semiconductor Corp.)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 2.2.3.24 - Steppschuh)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.35 - NVIDIA Corporation) Hidden
Sid Meier's Civilization 5 (HKLM-x32\...\Sid Meier's Civilization 5_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)
Skype™ 7.9 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.9.103 - Skype Technologies S.A.)
SleepTimer Ultimate 1.2 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version: - Christian Handorf)
SOLIDWORKS 2015 x64 Edition SP05 (HKLM-x32\...\SolidWorks Installation Manager 20150-40500-1100-100) (Version: 23.5.0.81 - SolidWorks Corporation)
SOLIDWORKS 2015 x64 Edition SP05 (Version: 23.150.81 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2015 x64 German Resources (Version: 23.150.81 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Composer Player 2015 SP05 x64 Edition (Version: 23.50.81 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2015 x64 Edition SP05 (Version: 15.5.0009 - Dassault Systèmes SolidWorks Corp) Hidden
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Spotify (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Spotify) (Version: 1.0.13.108.gcd94e7db - Spotify AB)
Stardew Valley (HKLM-x32\...\Steam App 413150) (Version: - ConcernedApe)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TeamSpeak 3 Client (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\TeamSpeak 3 Client) (Version: 3.0.18.2 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version: - Snowblind Studios)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56 - Ghisler Software GmbH)
Trials Fusion (HKLM-x32\...\Uplay Install 297) (Version: - Ubisoft)
Unity Web Player (HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.3 - VMware, Inc)
VMware Player (Version: 6.0.3 - VMware, Inc.) Hidden
VPNAutoconnect (HKLM-x32\...\{8E557F21-99AE-440D-8058-CD8CB3302E13}) (Version: 1.15 - globalip)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version: - Team17 Digital Ltd.)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3922255045-3176004807-2504715946-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {2064EADA-C08A-4070-9FEE-9E1726C2812E} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-05-19] (Overwolf LTD)
Task: {2919E08B-DD8E-43C5-9AC5-834FF603585D} - System32\Tasks\{EA827FF7-917C-487A-A77D-4DEB9B3232FF} => pcalua.exe -a "D:\Win8 x86x64\WLAN\AZ_RTL8188CE_8188EE_8723AE_Win8_2007.11.0322.2013\Setup.exe" -d "D:\Win8 x86x64\WLAN\AZ_RTL8188CE_8188EE_8723AE_Win8_2007.11.0322.2013"
Task: {4BE52BCE-C1E2-4F99-ABB9-7F4B7D136FC1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {4CA12898-83C9-4099-A3F9-FA03D633F24C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {61FC2C01-2DFA-42DB-BF41-6319846A2E88} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-02] (Google Inc.)
Task: {6688AE84-AE1A-4CE8-A0E4-6EBB01904CBD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {831BC1F2-4E03-43D8-8070-161BDC8DCC0D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {8B77F6F1-214C-4725-913D-6095B3766DE7} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-05-20] (Oracle Corporation)
Task: {8D57DD65-D390-4FD7-9671-9F7F25CC4BF6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {969F969F-93D2-4F92-9AB1-C27ECDDDF971} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-02] (Google Inc.)
Task: {DBC97D98-E833-4717-A559-6DC784179D3A} - System32\Tasks\{6BC42E92-18FA-4D75-9D37-65F2C559C28A} => pcalua.exe -a F:\Programme\ShutDownPro\Uninstaller.exe
Task: {F1CAB074-1A14-40F9-A55D-E814A6E842A7} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core.job => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA.job => C:\Users\Lennart\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-05-03 16:58 - 2016-01-23 05:42 - 00018880 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-03 17:33 - 2009-12-12 15:12 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2015-12-06 21:19 - 2013-05-14 11:50 - 00140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2016-01-29 22:26 - 2016-01-23 04:55 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-13 15:38 - 2016-05-11 05:49 - 02224280 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 15:38 - 2016-05-11 05:49 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
2014-06-12 18:22 - 2014-06-12 18:22 - 01261272 _____ () F:\Programme\VMware\libxml2.dll
2014-05-03 16:58 - 2016-01-23 05:42 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lennart\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: bthserv => 3
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GoogleChromeAutoLaunch_88C69AD90AECC9317436C0E3E7328581 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: PDFPrint => F:\Programme\PDF24\pdf24.exe
MSCONFIG\startupreg: phonostar-PlayerTimer => "F:\Programme\phonostar-Player\phonostarTimer.exe"
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Lennart\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{BE866FCA-3264-4768-80BA-CCB5BAFAA33C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6D31F6BC-91EB-4FAE-8091-490E5D286560}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{51D766F7-4258-49B1-A537-836D93A94375}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{43C965FD-5037-4723-9BA1-4DE396F3652D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{E89508D7-489B-4B76-BA0B-1D7D5D7072E0}] => (Allow) C:\Users\Lennart\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{220FA349-F47F-4A27-90F5-9C5DC49446E3}] => (Allow) C:\Users\Lennart\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{B58C9990-3893-4E86-ABD4-BEBDCD524257}] => (Allow) F:\Programme\Steam\Steam.exe
FirewallRules: [{FBF12A09-BFC5-4DA4-86FF-37154A84F617}] => (Allow) F:\Programme\Steam\Steam.exe
FirewallRules: [{292DF4B5-0A80-44A0-BA88-8DFBE94F0A3A}] => (Allow) F:\Spiele\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [{447EA357-10E5-4A33-AE54-6A2731713A42}] => (Allow) F:\Spiele\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [{53264FC7-C236-4A7A-83E1-ADD2B2C92C40}] => (Allow) F:\Programme\Neuer Ordner\TeamViewer_Service.exe
FirewallRules: [{FE15D376-14D3-4D6C-979D-778A952AE62C}] => (Allow) F:\Programme\Neuer Ordner\TeamViewer_Service.exe
FirewallRules: [{77EE8E53-28B7-4D7B-935B-E8D440B48E19}] => (Allow) F:\Spiele\Battlenet\Hearthstone\Hearthstone.exe
FirewallRules: [{6B745F5E-970B-489D-8E78-76D892EC686D}] => (Allow) F:\Spiele\Battlenet\Hearthstone\Hearthstone.exe
FirewallRules: [{DD378677-BBB7-464B-8CB1-B378F479D44D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{5B8B276D-574C-4CFE-8C79-BFAEB2858C74}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{522A670C-D0D1-482B-8E43-2F274F1D5139}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{1E47496D-375C-45E9-BE3C-D4D6D318225B}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{8A27C84F-7D39-4EA6-A37E-0A1CB2C0B598}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{9DEE6FCF-27B3-4568-B2C3-895871FBD05F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{3B03FC34-3754-4525-9DFB-64B03137F596}] => (Allow) F:\Spiele\Battlenet\Diablo III\Diablo III.exe
FirewallRules: [{05032047-41C3-450F-8E93-56500D896F54}] => (Allow) F:\Spiele\Battlenet\Diablo III\Diablo III.exe
FirewallRules: [{8B0AE89D-F5B7-4339-8868-C195BB9A41D4}] => (Allow) F:\Programme\VMware\vmware-authd.exe
FirewallRules: [{FE0E74A6-4909-45D5-ABD1-162B7D97747E}] => (Allow) F:\Programme\VMware\vmware-authd.exe
FirewallRules: [{3F4FD639-8E6E-43E7-81FD-6FDB60D1C579}] => (Allow) F:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{EF9A9114-21B4-485C-924C-7B9A873438CF}] => (Allow) F:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{A0243140-06B6-41B2-8F85-9BA51555301A}] => (Allow) F:\Programme\NetWorx\networx.exe
FirewallRules: [{F249D332-8F91-4DD6-B8F4-BE7C9FB53430}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{375C05C4-DEC8-4E69-82CA-18F74701E42B}] => (Allow) F:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{F55C9D99-21B5-4F25-A486-2E860A9A34A0}] => (Allow) F:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [TCP Query User{16BF7C43-C377-431C-A584-17C796DA1B9D}F:\programme\openvpn\bin\openvpn.exe] => (Block) F:\programme\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{4CC052B1-257F-44CD-A8B2-AF41E018A094}F:\programme\openvpn\bin\openvpn.exe] => (Block) F:\programme\openvpn\bin\openvpn.exe
FirewallRules: [{292FC713-FE36-47E9-9AF0-BC09346BBF4B}] => (Allow) F:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{3738FA5A-D8F7-4160-B806-4C6737E75BF6}] => (Allow) F:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [TCP Query User{97293B85-8829-4372-BF08-E8A2CA4CFF23}C:\users\lennart\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lennart\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8FBD56B8-F800-4F81-9AB1-E5AAD7463924}C:\users\lennart\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lennart\appdata\roaming\spotify\spotify.exe
FirewallRules: [{14D48032-C819-4BD4-9FC4-55508C4729BD}] => (Allow) F:\Programme\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{DAC95C11-94A3-4BF7-9621-2045ED0A0BA1}] => (Allow) F:\Programme\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{CE75AA42-FBC5-48A6-A6A7-E58593809BAA}] => (Allow) F:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{D576B331-7430-4C25-8293-8A028D7EA9FB}] => (Allow) F:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{69C72D52-4596-43C0-914A-69F932D1BA78}] => (Allow) F:\Programme\Firefox\firefox.exe
FirewallRules: [{9D053025-1FC6-4978-894F-F4886E6E3C7F}] => (Allow) F:\Programme\Firefox\firefox.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{740FD91E-E0C1-4962-86B1-3B450BD8AA10}] => (Allow) F:\Programme\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{30E43AD6-460D-4DE0-A67D-BE8F6130E5B3}] => (Allow) F:\Programme\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{648E1615-5AA0-43E9-B092-55901DE6BE20}] => (Allow) F:\Programme\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{1DB2FDA1-79DF-4650-BF2E-BD6B83F01037}] => (Allow) F:\Programme\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{20AF9B64-72C9-4086-A5E1-A58DAFFC624B}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{67EE309E-5F22-49A2-B7CF-86FF60A198F8}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0487729D-A09C-41B4-98A3-4558442DA4CF}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C24443D5-0A91-4748-B049-1AFEBB2A7D65}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{195880AC-A350-4753-8155-2D812B0F1824}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7957764A-1E59-46C9-A496-65D8FCF66CD8}] => (Allow) C:\Users\Lennart\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{803158E8-335C-4A69-9A27-8294F7F2B6E5}] => (Allow) F:\Programme\Steam\SteamApps\common\War in the North\witn.exe
FirewallRules: [{E0158F8C-FA21-4D24-B650-9A9E5A675AE2}] => (Allow) F:\Programme\Steam\SteamApps\common\War in the North\witn.exe
FirewallRules: [{77F4958B-D02A-4F09-9378-4AF44681679F}] => (Allow) F:\Programme\Steam\SteamApps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{167060BC-F4A4-4C1A-8568-62029A4D76B0}] => (Allow) F:\Programme\Steam\SteamApps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{EF3DC89C-9873-460F-882C-5F916DFDF58C}] => (Allow) F:\Spiele\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{2C9D3F98-F993-4B4E-B137-3F974F60087A}] => (Allow) F:\Spiele\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{65131887-B913-41ED-9695-EE625C78BF79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EEB10DE0-E762-44FA-AC13-3860BD2DC8F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8396CD80-F3E7-4826-BC98-467AE4983B1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{533E5471-D6CF-4220-92C0-641F656CE424}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EDEBAB15-ED70-4194-9D90-BE68A7BDA363}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{952E0868-E38B-4666-AE58-61BF531A034C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{C78BE5FC-9F67-4939-B0CE-71E2A9269C01}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{9C2050FD-E221-4927-AFE2-CC6BF892FD49}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{A31C180E-1182-4DDC-AF8F-5CBCED7790D5}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{A0EFA816-32C4-420C-B285-8279D4CD670C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{38443952-5701-4E74-9B96-ECB636D70925}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{3EE2E637-4C43-4845-BC08-E54932BE0FA3}] => (Allow) F:\Programme\Steam\SteamApps\common\Golf With Friends\Golf With Friends.exe
FirewallRules: [{B2CBD638-11AB-4559-8A7D-A0014C0EC21A}] => (Allow) F:\Programme\Steam\SteamApps\common\Golf With Friends\Golf With Friends.exe
FirewallRules: [{327F2BFA-752F-4045-9CDD-8D694528C042}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{001F8689-2BDB-4306-B9F0-6E76C10A1088}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{CBCEAAB9-D1F1-413B-BE44-5E74D48E3C77}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{6478E1D2-0FE6-46A4-B699-B0E9C5BB0E63}] => (Allow) F:\Programme\Ubisoft Game Launcher\games\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{9CDA1976-6891-404D-BB5E-632425CA09D5}] => (Allow) F:\Programme\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{4D5EF3A3-481F-4B6C-8CC2-DF317D8D095E}] => (Allow) F:\Programme\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{3970E144-323D-4119-BE2E-271A4BD95AF6}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
FirewallRules: [{BC1D3AAD-75E6-4101-8415-9BF5C8FD0DBC}] => (Allow) F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{ACEE974D-F96E-4E74-95FA-A7DFFC634CD4}] => (Allow) F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{D64AF5A7-426C-46E8-B089-0BB43B7A4885}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
12-05-2016 19:33:25 Windows Update
14-05-2016 20:12:21 Installed LogMeIn Hamachi
14-05-2016 20:34:17 Gerätetreiber-Paketinstallation: TAP-Win32 Provider V9 (Tunngle) Netzwerkadapter
22-05-2016 20:25:03 Geplanter Prüfpunkt
29-05-2016 21:12:04 Geplanter Prüfpunkt
30-05-2016 16:51:22 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/30/2016 04:54:57 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005
Error: (05/30/2016 04:44:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/30/2016 04:44:06 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (05/30/2016 04:29:03 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005
Error: (05/30/2016 04:19:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/30/2016 04:17:56 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (05/30/2016 04:08:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/30/2016 04:07:21 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (05/30/2016 03:16:10 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005
Error: (05/30/2016 02:51:05 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005
Systemfehler:
=============
Error: (05/30/2016 04:54:57 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}
Error: (05/30/2016 04:51:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/30/2016 04:49:38 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/30/2016 04:48:45 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (05/30/2016 04:48:20 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/30/2016 04:47:38 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/30/2016 04:46:35 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/30/2016 04:45:58 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (05/30/2016 04:44:10 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (05/30/2016 04:44:10 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 8113.17 MB
Verfügbarer physikalischer RAM: 4791.8 MB
Summe virtueller Speicher: 16224.52 MB
Verfügbarer virtueller Speicher: 12408.94 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:230 GB) (Free:152.98 GB) NTFS
Drive f: (Volume) (Fixed) (Total:233.9 GB) (Free:45.01 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 96DBFA8A)
Partition 1: (Active) - (Size=1.9 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=230 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=233.9 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
31.05.2016, 20:09
| #9 |
| /// TB-Ausbilder | Spacekace Ordner im Laufwerk C: entdeckt Servus, Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit) | SystemLook (64 bit)
|
|
01.06.2016, 19:06
| #10 |
| | Spacekace Ordner im Laufwerk C: entdecktCode:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 19:57 on 01/06/2016 by Lennart
Administrator - Elevation successful
========== regfind ==========
Searching for "OpenCandy"
No data found.
Searching for "AVG Secure Search"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}]
"AppPath"="C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\3.5.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp]
"FFNativeApi"="C:\Program Files (x86)\Common Files\AVG Secure Search\NativeBrowserApi\3.5.0\\NativeBrowserApi.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp\Initialize\DSP]
"DISPLAY_NAME"="AVG Secure Search"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp\Initialize\HOSTS]
"3"="AVG Secure Search"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}]
"AppPath"="C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\3.5.0"
Searching for "AVG Security Toolbar"
No data found.
Searching for "WindowsMangerProtect"
No data found.
Searching for "avg web tuneup"
[HKEY_CURRENT_USER\Software\AVG Web TuneUp]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp]
"ToolbarPath"="C:\Program Files (x86)\AVG Web TuneUp\3.5.0.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp]
"Uninstall"="C:\Program Files (x86)\AVG Web TuneUp\UNINSTALL.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp]
"TBAPIPath"="C:\Program Files (x86)\AVG Web TuneUp\TBAPI.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp\Initialize\CONFIGXML]
"Installation/DSP/DisplayName"="AVG Web TuneUp"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp\Initialize\General]
"PARTNER_NAME"="AVG Web TuneUp"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp]
"UninstallString"="C:\Program Files (x86)\AVG Web TuneUp\UNINSTALL.exe /PROMPT /UNINSTALL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp]
"DisplayIcon"="C:\Program Files (x86)\AVG Web TuneUp\favicon.ico"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp]
"DisplayName"="AVG Web TuneUp"
[HKEY_USERS\.DEFAULT\Software\AVG Web TuneUp]
[HKEY_USERS\S-1-5-21-3922255045-3176004807-2504715946-1000\Software\AVG Web TuneUp]
[HKEY_USERS\S-1-5-18\Software\AVG Web TuneUp]
Searching for "AVG SafeGuard toolbar"
[HKEY_USERS\.DEFAULT\Software\AVG SafeGuard toolbar]
[HKEY_USERS\S-1-5-18\Software\AVG SafeGuard toolbar]
Searching for "sweet-page"
[HKEY_CURRENT_USER\Software\AVG Web TuneUp\IE]
"Revert_HP"="hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960"
[HKEY_USERS\S-1-5-21-3922255045-3176004807-2504715946-1000\Software\AVG Web TuneUp\IE]
"Revert_HP"="hxxp://www.sweet-page.com/?type=hp&ts=1405789090&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41AA3U6960U6960"
Searching for " "
[HKEY_LOCAL_MACHINE\SOFTWARE\Canon\WIA\Devices\MG6400 series]
"ProductId"="MG6400 "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{03A0E6DA-8AC2-4F24-9346-45736C55FC8D}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
<Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{78D8CC82-372F-44e4-B70C-8944DB7BCC24}">
<Descriptor descriptorID="{ABE23B46-7F9F-495b-B4A9-87F41743727F}"/>
<Descriptor descriptorID="{4BDB9E0D-53CF-4a28-865F-B315818E7627}"/>
</Rating>
<Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{E2681CD6-318A-4935-8275-AF657045C333}">
<Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
</Rating>
<Rating ratingSystemID="{5B39D1B8-ED49-4055-8A47-04B29A579AD6}" ratingID="{60665875-9C7B-4104-8124-C2094BA9A48B}">
<Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
</Rating>
<Rating ratingSystemID="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{67463BDA-4620-455B-AEE5-17986581DB0C}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
<Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{9DD9B30C-E89F-4d1c-AEC4-174D7432C39B}">
<Descriptor descriptorID="{1A796A5D-1E25-4862-9443-1550578FF4C4}"/>
<Descriptor descriptorID="{F8635B3A-C121-480a-9090-31DAA90490D0}"/>
<Descriptor descriptorID="{E04AAEE8-950C-43c4-B75C-D87736A7FAFD}"/>
</Rating>
<Rating ratingSystemID="{1943DF5C-C7D6-44CA-90F1-41181F5CCA0A}" ratingID="{D56B59B2-673E-4039-9155-93BA25030FE5}"/>
<Rating ratingSystemID="{03CF34A3-D6AA-49CF-8C6C-547ECC507CCF}" ratingID="{D15D23D5-3055-49D2-AD15-4EAFB31FD6E8}"/>
<Rating ratingSystemID="{48FADB07-3DF2-4B2C-9D01-EEE9FC102290}" ratingID="{36A7E8F4-F659-4B10-9256-A97F2EDCE2F2}"/>
<Rating ratingSystemID="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"=" <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="1" XmlRenderingType="text" > <InitializationParameters> <Param Name="PSVersion" Value="2.0"/> </InitializationParameters> <Resources> <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" SupportsOptions="true" ExactMatch="true"> <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/> <Capability Type="Shell"/> </Resource> </Res
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell32]
"ConfigXML"="<PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell32" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="1" XmlRenderingType="text" Architecture="32" > <InitializationParameters> <Param Name="PSVersion" Value="2.0"/> </InitializationParameters> <Resources> <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" SupportsOptions="true" ExactMatch="true"> <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SANDISK&PROD_CRUZER&REV_8.02#0774031B5263461A&0#]
"DeviceDesc"="Cruzer "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SANDISK&PROD_CRUZER&REV_8.02#431843057ED19C94&0#]
"DeviceDesc"="Cruzer "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SONY&PROD_WALKMAN&REV_1.00#10433F11099566&0#]
"DeviceDesc"="WALKMAN "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SANDISK&PROD_CRUZER&REV_8.02#0774031B5263461A&0#]
"DeviceDesc"="Cruzer "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SANDISK&PROD_CRUZER&REV_8.02#431843057ED19C94&0#]
"DeviceDesc"="Cruzer "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SONY&PROD_WALKMAN&REV_1.00#10433F11099566&0#]
"DeviceDesc"="WALKMAN "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SANDISK&PROD_CRUZER&REV_8.02#0774031B5263461A&0#]
"DeviceDesc"="Cruzer "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SANDISK&PROD_CRUZER&REV_8.02#431843057ED19C94&0#]
"DeviceDesc"="Cruzer "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SONY&PROD_WALKMAN&REV_1.00#10433F11099566&0#]
"DeviceDesc"="WALKMAN "
-= EOF =-
|
|
02.06.2016, 13:51
| #11 |
| /// TB-Ausbilder | Spacekace Ordner im Laufwerk C: entdeckt Servus, wir entfernen die letzten Reste und kontrollieren nochmal alles.  Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
CHR Extension: (AVG Secure Search) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-05-14]
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVG Web TuneUp
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
DeleteKey: HKEY_CURRENT_USER\Software\AVG Web TuneUp
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp
DeleteKey: HKEY_USERS\.DEFAULT\Software\AVG Web TuneUp
DeleteKey: HKEY_USERS\.DEFAULT\Software\AVG SafeGuard toolbar
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 4
Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
02.06.2016, 14:33
| #12 |
| | Spacekace Ordner im Laufwerk C: entdeckt Hallo Matthias, ich wollte dir nur kurz bescheid geben, dass ich nicht weiß, ob ich es in den nächsten 24h schaffe die Schritte durchzuführen und zu antworten. Ich werde es morgen machen, sobald es mir möglich ist. |
|
02.06.2016, 18:06
| #13 |
| /// TB-Ausbilder | Spacekace Ordner im Laufwerk C: entdeckt Ok, danke für die Info. |
|
04.06.2016, 19:44
| #14 |
| | Spacekace Ordner im Laufwerk C: entdeckt Entschuldige bitte, dass ich erst jetzt antworte, ich habe es nicht früher geschafft. Den ersten Schritt habe ich schon erledigt. Der zweite läuft seit fast 2h und ist bei 42% aber ich wollte mich schon mal melden, nicht dass du denkst von mir kommt nichts mehr. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016 02 durchgeführt von Lennart (Administrator) auf LENNART-PC (30-05-2016 16:58:50) Gestartet von C:\Users\Lennart\Desktop Geladene Profile: Lennart (Verfügbare Profile: Lennart & DefaultAppPool) Platform: Windows 7 Enterprise Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVM GmbH) F:\Programme\Fritz\PowerlineService.exe (Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (TeamViewer GmbH) F:\Programme\Neuer Ordner\TeamViewer_Service.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe (VMware, Inc.) F:\Programme\VMware\vmware-authd.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (LogMeIn Inc.) F:\Programme\Hamachi\hamachi-2.exe (LogMeIn, Inc.) F:\Programme\Hamachi\LMIGuardianSvc.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-23] (NVIDIA Corporation) HKLM\...\Run: [NetWorx] => F:\Programme\NetWorx\networx.exe [6589136 2014-09-30] (SoftPerfect Research) HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5212584 2016-02-05] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Run: [appnhost] => C:\Users\Lennart\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Mixesoft Project) HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\Run: [GoogleChromeAutoLaunch_88C69AD90AECC9317436C0E3E7328581] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1008280 2016-05-11] (Google Inc.) HKU\S-1-5-21-3922255045-3176004807-2504715946-1000\...\MountPoints2: {1be94695-f39b-11e3-9d4c-448a5b404961} - E:\Setup.exe AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175368 2016-01-23] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [153392 2016-01-23] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2015 Schnellstart.lnk [2016-04-27] ShortcutTarget: SOLIDWORKS 2015 Schnellstart.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{25DDDE53-0D5A-434E-81DC-F7399DF727D5}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{25DDDE53-0D5A-434E-81DC-F7399DF727D5}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6CE4710C-C961-4160-BA19-D64995371EDF}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.) BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.) BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-27] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-27] (Oracle Corporation) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.) FireFox: ======== FF ProfilePath: C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] () FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-27] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-27] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @phonostar.de/phonostar-Player -> F:\Programme\phonostar-Player\npphonostarDetectNP.dll [2015-02-26] ( ) FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Lennart\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin HKU\S-1-5-21-3922255045-3176004807-2504715946-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lennart\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-21] (Unity Technologies ApS) FF Extension: QuickJava - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-05-22] FF Extension: JavaScript on-off applet - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\extensions\{54e46280-0211-11e3-b778-0800200c9a66}.xpi [2016-05-22] FF Extension: Adblock Plus - C:\Users\Lennart\AppData\Roaming\Mozilla\Firefox\Profiles\1cqf47fl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-11] StartMenuInternet: FIREFOX.EXE - F:\Programme\Firefox\firefox.exe Chrome: ======= CHR Session Restore: Profile 1 -> ist aktiviert. CHR Profile: C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-22] CHR Extension: (GeoGebra) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2016-05-22] CHR Extension: (Adblock Plus) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-05-22] CHR Extension: (Google-Suche) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-05-22] CHR Extension: (AdBlock) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-22] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-22] CHR Extension: (Google Mail) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] CHR Profile: C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Präsentationen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-14] CHR Extension: (Magic Actions for YouTube™) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-05-30] CHR Extension: (BetterTTV) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-10-09] CHR Extension: (Google Docs) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-14] CHR Extension: (Google Drive) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Honey) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-05-19] CHR Extension: (Google Cast) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-03-24] CHR Extension: (Adblock Plus) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09] CHR Extension: (Google-Suche) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Tampermonkey) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-04-17] CHR Extension: (Google Tabellen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-14] CHR Extension: (Chrome Remote Desktop) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-05-10] CHR Extension: (Google Docs Offline) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (ReChat for Twitch™) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ipplilmaapjjklilmmaccfemdmhkoacd [2016-03-04] CHR Extension: (Todoist: To-Do Liste und Aufgabenverwaltung) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2016-03-18] CHR Extension: (Reddit Enhancement Suite) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-03-18] CHR Extension: (AVG Secure Search) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-05-14] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04] CHR Extension: (Google Mail) - C:\Users\Lennart\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-14] CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1443144 2016-02-05] (AVG Technologies CZ, s.r.o.) S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3260328 2016-02-05] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301896 2016-02-05] (AVG Technologies CZ, s.r.o.) R2 AVMPowerlineService; F:\Programme\Fritz\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert] S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-05-18] () [Datei ist nicht signiert] R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [81408 2016-04-28] (Chip Digital GmbH) [Datei ist nicht signiert] R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe [68488 2016-04-14] (Google Inc.) S3 CoordinatorServiceHost; F:\Uni\Solidworks\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [81400 2015-11-11] (Dassault Systèmes SolidWorks Corporation) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-23] (NVIDIA Corporation) R2 Hamachi2Svc; F:\Programme\Hamachi\hamachi-2.exe [2552840 2016-05-06] (LogMeIn Inc.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation) R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] () R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-21] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-23] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-23] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-23] (NVIDIA Corporation) S3 OpenVPNService; F:\Programme\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1286896 2016-05-19] (Overwolf LTD) S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2016-04-27] (SolidWorks) [Datei ist nicht signiert] R2 TeamViewer9; F:\Programme\Neuer Ordner\TeamViewer_Service.exe [5024576 2014-04-25] (TeamViewer GmbH) R2 VMAuthdService; F:\Programme\VMware\vmware-authd.exe [86744 2014-06-12] (VMware, Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.) R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [237536 2015-05-26] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [369120 2015-05-26] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [211936 2015-05-26] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [276960 2015-05-18] (AVG Technologies CZ, s.r.o.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-14] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118504 2012-12-19] (Qualcomm Atheros Co., Ltd.) S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.) S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-30] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation) R1 networx; C:\Windows\System32\drivers\networx.sys [60408 2014-08-01] (NetFilterSDK.com) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-23] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation) R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation ) R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-30 16:55 - 2016-05-30 16:55 - 00003718 _____ C:\Users\Lennart\Desktop\JRT.txt 2016-05-30 16:50 - 2016-05-30 16:50 - 01610816 _____ (Malwarebytes) C:\Users\Lennart\Desktop\JRT.exe 2016-05-30 16:50 - 2016-05-30 16:50 - 00004313 _____ C:\Users\Lennart\Desktop\mbamlog.txt 2016-05-30 16:23 - 2016-05-30 16:46 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-05-30 16:22 - 2016-05-30 16:22 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-05-30 16:22 - 2016-05-30 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-05-30 16:22 - 2016-05-30 16:22 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-05-30 16:22 - 2016-05-30 16:22 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-05-30 16:22 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-05-30 16:22 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-05-30 16:22 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-05-30 16:21 - 2016-05-30 16:21 - 22851472 _____ (Malwarebytes ) C:\Users\Lennart\Desktop\mbam-setup-2.2.1.1043.exe 2016-05-30 15:59 - 2016-05-30 15:59 - 03678272 _____ C:\Users\Lennart\Desktop\AdwCleaner_5.118.exe 2016-05-30 14:49 - 2016-05-30 14:54 - 00235108 _____ C:\TDSSKiller.3.1.0.9_30.05.2016_14.49.28_log.txt 2016-05-30 14:49 - 2016-05-30 14:49 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Lennart\Desktop\tdsskiller.exe 2016-05-30 14:46 - 2016-05-30 14:48 - 00050441 _____ C:\Users\Lennart\Desktop\Addition.txt 2016-05-30 14:44 - 2016-05-30 16:59 - 00023411 _____ C:\Users\Lennart\Desktop\FRST.txt 2016-05-30 14:43 - 2016-05-29 15:53 - 02383872 _____ (Farbar) C:\Users\Lennart\Desktop\FRST64.exe 2016-05-29 15:55 - 2016-05-30 16:58 - 00000000 ____D C:\FRST 2016-05-22 17:22 - 2016-05-22 17:22 - 00003704 _____ C:\Windows\System32\Tasks\Java Platform SE Auto Updater 2016-05-22 17:11 - 2016-05-22 17:26 - 00000000 ____D C:\Users\Lennart\AppData\Local\AvgSetupLog 2016-05-22 14:18 - 2016-05-22 14:18 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\dvdcss 2016-05-21 13:22 - 2016-05-29 17:46 - 00000000 _____ C:\Users\Lennart\AppData\Local\Temptable.xml 2016-05-17 16:40 - 2016-05-17 22:02 - 00032768 _____ C:\Users\Lennart\Desktop\MeA Testat 1b.xls 2016-05-14 21:28 - 2016-05-06 16:29 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys 2016-05-14 20:40 - 2016-05-14 20:40 - 00000000 ____D C:\Users\Lennart\AppData\Local\LogMeIn 2016-05-14 20:40 - 2016-05-14 20:40 - 00000000 ____D C:\ProgramData\LogMeIn 2016-05-14 20:32 - 2016-05-14 21:22 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\Tunngle 2016-05-14 20:32 - 2016-05-14 20:32 - 00000000 ____D C:\Users\Lennart\Documents\Tunngle 2016-05-14 20:32 - 2016-04-27 00:49 - 00039464 _____ (Tunngle.net GmbH) C:\Windows\system32\Drivers\tap0901t.sys 2016-05-14 20:13 - 2016-05-30 16:46 - 00000000 ____D C:\Users\Lennart\AppData\Local\LogMeIn Hamachi 2016-05-14 20:13 - 2016-05-14 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2016-05-14 20:11 - 2016-05-14 20:11 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH 2016-05-13 15:24 - 2016-05-13 15:28 - 00000000 ____D C:\Users\Lennart\Documents\OpenRA 2016-05-11 13:59 - 2016-04-23 19:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-05-11 13:59 - 2016-04-23 18:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-05-11 13:59 - 2016-04-23 07:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-05-11 13:59 - 2016-04-23 07:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-05-11 13:59 - 2016-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-05-11 13:59 - 2016-04-23 07:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-05-11 13:59 - 2016-04-23 07:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-05-11 13:59 - 2016-04-23 07:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-05-11 13:59 - 2016-04-23 07:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-05-11 13:59 - 2016-04-23 07:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-05-11 13:59 - 2016-04-23 07:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-05-11 13:59 - 2016-04-23 06:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-05-11 13:59 - 2016-04-23 06:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-05-11 13:59 - 2016-04-23 06:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-05-11 13:59 - 2016-04-23 06:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-05-11 13:59 - 2016-04-23 06:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-05-11 13:59 - 2016-04-23 06:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-05-11 13:59 - 2016-04-23 06:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-05-11 13:59 - 2016-04-23 06:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-05-11 13:59 - 2016-04-23 06:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-05-11 13:59 - 2016-04-23 06:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-05-11 13:59 - 2016-04-23 06:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-05-11 13:59 - 2016-04-23 06:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-05-11 13:59 - 2016-04-23 06:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-05-11 13:59 - 2016-04-23 06:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-05-11 13:59 - 2016-04-23 06:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-05-11 13:59 - 2016-04-23 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-05-11 13:59 - 2016-04-23 06:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-05-11 13:59 - 2016-04-23 06:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-05-11 13:59 - 2016-04-23 06:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-05-11 13:59 - 2016-04-23 06:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-05-11 13:59 - 2016-04-23 06:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-05-11 13:59 - 2016-04-23 06:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-05-11 13:59 - 2016-04-23 06:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-05-11 13:59 - 2016-04-23 06:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-05-11 13:59 - 2016-04-23 06:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-05-11 13:59 - 2016-04-23 06:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-05-11 13:59 - 2016-04-23 06:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-05-11 13:59 - 2016-04-23 06:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-05-11 13:59 - 2016-04-23 06:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-05-11 13:59 - 2016-04-23 06:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-05-11 13:59 - 2016-04-23 06:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-05-11 13:59 - 2016-04-23 06:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-05-11 13:59 - 2016-04-23 05:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-05-11 13:59 - 2016-04-23 05:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-05-11 13:59 - 2016-04-23 05:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-05-11 13:59 - 2016-04-23 05:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-05-11 13:59 - 2016-04-23 05:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-05-11 13:59 - 2016-04-23 05:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-05-11 13:59 - 2016-04-23 05:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-05-11 13:59 - 2016-04-23 05:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-05-11 13:59 - 2016-04-23 05:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-05-11 13:59 - 2016-04-23 05:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-05-11 13:59 - 2016-04-23 05:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-05-11 13:59 - 2016-04-23 05:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-05-11 13:59 - 2016-04-23 05:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-05-11 13:59 - 2016-04-23 05:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-05-11 13:59 - 2016-04-23 05:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-05-11 13:59 - 2016-04-23 05:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-05-11 13:59 - 2016-04-23 05:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-05-11 13:59 - 2016-04-23 05:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-05-11 13:59 - 2016-04-23 05:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-05-11 13:59 - 2016-04-23 05:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-05-11 13:59 - 2016-04-23 05:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-05-11 13:59 - 2016-04-23 05:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-05-11 13:59 - 2016-04-23 05:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-05-11 13:59 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2016-05-11 13:59 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2016-05-11 13:59 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2016-05-11 13:59 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2016-05-11 13:59 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2016-05-11 13:59 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-05-11 13:59 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2016-05-11 13:59 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-05-11 13:59 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2016-05-11 13:59 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-05-11 13:59 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2016-05-11 13:59 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2016-05-11 13:59 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2016-05-11 13:58 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-05-11 13:58 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-05-11 13:58 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-05-11 13:58 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-05-11 13:58 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-05-11 13:58 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-05-11 13:58 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-05-11 13:58 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-05-11 13:58 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-05-11 13:58 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-05-11 13:58 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-05-11 13:58 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-05-11 13:58 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-05-11 13:58 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-05-11 13:58 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-05-11 13:58 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-05-11 13:58 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-05-11 13:58 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-05-11 13:58 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-05-11 13:58 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-05-11 13:58 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-05-11 13:58 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-05-11 13:58 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-05-11 13:58 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-05-11 13:58 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-05-11 13:58 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-05-11 13:58 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2016-05-11 13:58 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2016-05-06 16:29 - 2016-05-06 16:29 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-30 16:50 - 2010-11-21 08:22 - 00778516 _____ C:\Windows\system32\perfh007.dat 2016-05-30 16:50 - 2010-11-21 08:22 - 00177978 _____ C:\Windows\system32\perfc007.dat 2016-05-30 16:50 - 2009-07-14 07:13 - 01820656 _____ C:\Windows\system32\PerfStringBackup.INI 2016-05-30 16:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2016-05-30 16:46 - 2015-09-04 20:56 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2016-05-30 16:46 - 2015-07-05 21:53 - 00000000 __SHD C:\Users\Lennart\IntelGraphicsProfiles 2016-05-30 16:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv 2016-05-30 16:44 - 2015-04-02 02:29 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-05-30 16:44 - 2014-08-09 21:01 - 00000000 ____D C:\ProgramData\VMware 2016-05-30 16:44 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-05-30 16:43 - 2010-11-21 08:28 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents 2016-05-30 16:43 - 2009-07-14 06:45 - 00021744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-05-30 16:43 - 2009-07-14 06:45 - 00021744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-05-30 16:37 - 2015-12-10 22:19 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA.job 2016-05-30 16:36 - 2015-04-02 02:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-05-30 16:13 - 2014-05-09 23:53 - 00000000 ____D C:\AdwCleaner 2016-05-30 16:00 - 2014-08-01 12:41 - 00000000 ____D C:\Users\Lennart\AppData\Roaming\vlc 2016-05-30 15:27 - 2014-05-03 17:22 - 00000000 ____D C:\ProgramData\MFAData 2016-05-30 15:16 - 2015-02-28 20:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-05-29 18:40 - 2016-04-24 14:22 - 00000000 ____D C:\Users\Lennart\AppData\Local\TempSWSicherungsverzeichnis 2016-05-28 13:37 - 2015-12-10 22:19 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core.job 2016-05-27 12:21 - 2016-02-10 14:50 - 00097344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-05-27 12:21 - 2016-02-10 14:49 - 00000000 ____D C:\Program Files (x86)\Java 2016-05-27 12:21 - 2015-12-20 15:57 - 00000000 ____D C:\Users\Lennart\.oracle_jre_usage 2016-05-27 12:21 - 2014-07-19 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-05-27 12:21 - 2014-05-03 17:44 - 00000000 ____D C:\ProgramData\Oracle 2016-05-26 12:30 - 2015-10-06 18:30 - 00000000 ____D C:\Program Files (x86)\Overwolf 2016-05-22 17:26 - 2014-07-22 14:11 - 00000000 ____D C:\ProgramData\AVG 2016-05-22 17:15 - 2014-07-22 14:12 - 00000000 ____D C:\Users\Lennart\AppData\Local\AVG 2016-05-19 22:13 - 2015-12-19 01:19 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-05-18 08:21 - 2016-04-23 12:56 - 00000000 ____D C:\Users\Lennart\AppData\Local\SolidWorks 2016-05-17 11:58 - 2014-05-03 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-05-15 21:10 - 2015-11-03 19:53 - 00076488 _____ C:\Users\Lennart\AppData\Local\GDIPFONTCACHEV1.DAT 2016-05-14 21:33 - 2015-11-04 15:04 - 00309600 _____ C:\Windows\system32\FNTCACHE.DAT 2016-05-14 20:11 - 2014-10-20 17:15 - 00000000 ____D C:\Users\Lennart\AppData\Local\Downloaded Installations 2016-05-13 15:38 - 2015-04-02 02:29 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-05-13 15:38 - 2015-04-02 02:29 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-05-13 15:16 - 2015-02-28 20:58 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-05-13 15:16 - 2015-02-28 20:58 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-05-13 15:16 - 2015-02-28 20:58 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-05-12 18:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2016-05-11 23:09 - 2010-11-21 08:28 - 00000000 ____D C:\Program Files\Windows Journal 2016-05-11 15:17 - 2014-05-06 13:52 - 00000000 ____D C:\Windows\system32\MRT 2016-05-11 15:03 - 2011-05-25 16:59 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-05-11 13:32 - 2015-12-10 22:19 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000UA 2016-05-11 13:32 - 2015-12-10 22:19 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3922255045-3176004807-2504715946-1000Core 2016-05-11 13:31 - 2015-04-02 02:29 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-05-11 13:31 - 2015-04-02 02:29 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-05-10 23:48 - 2014-12-11 10:09 - 00000000 ____D C:\Windows\system32\appraiser 2016-05-10 23:46 - 2015-12-06 21:00 - 00000000 ____D C:\ProgramData\CanonIJPLM 2016-05-10 15:32 - 2014-12-25 13:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-05-14 17:34 - 2014-05-14 17:35 - 0000000 _____ () C:\Users\Lennart\AppData\Roaming\27.wav 2014-05-12 16:40 - 2014-05-12 16:51 - 0000198 _____ () C:\Users\Lennart\AppData\Roaming\SpotifyRecorderSettings.ini 2014-05-03 22:07 - 2015-08-22 20:49 - 0007597 _____ () C:\Users\Lennart\AppData\Local\Resmon.ResmonCfg 2016-05-21 13:22 - 2016-05-29 17:46 - 0000000 _____ () C:\Users\Lennart\AppData\Local\Temptable.xml 2014-05-27 15:25 - 2014-05-27 15:25 - 0000000 _____ () C:\Users\Lennart\AppData\Local\{04DBC2F6-A796-49AF-8289-15D0A805295C} 2014-07-14 14:05 - 2014-07-14 14:05 - 0000088 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc Einige Dateien in TEMP: ==================== C:\Users\Lennart\AppData\Local\Temp\GURE23.exe C:\Users\Lennart\AppData\Local\Temp\libeay32.dll C:\Users\Lennart\AppData\Local\Temp\MSETUP4.EXE C:\Users\Lennart\AppData\Local\Temp\msvcr120.dll C:\Users\Lennart\AppData\Local\Temp\SkypeSetup.exe C:\Users\Lennart\AppData\Local\Temp\sqlite3.dll C:\Users\Lennart\AppData\Local\Temp\uninstall.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-05-28 12:13 ==================== Ende von FRST.txt ============================ |
|
04.06.2016, 20:29
| #15 |
| /// TB-Ausbilder | Spacekace Ordner im Laufwerk C: entdeckt Servus, Schritt 1 ist ein FRST-Fix, du hast da wohl etwas verwechselt. Nochmal genau lesen und richtig ausführen. |
|
| Themen zu Spacekace Ordner im Laufwerk C: entdeckt |
| .dll, administrator, avg, canon, defender, desktop, dnsapi.dll, explorer, firewall, flash player, helper, mozilla, nvidia, prozesse, realtek, registry, rundll, scan, secure search, services.exe, software, spacekace, stick, svchost.exe, system, temp, udp, uplay, visual c++ 2015, windows, winlogon.exe |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
