| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Frühjahrsputz ? !Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.07.2016, 14:55
| #1 |
 |  Frühjahrsputz ? ! Hallo Ihr Trojaner-Board-Leute, nachdem ich dank tatkräftiger Anleitung von cosinus den Rechner meiner Tochter auf einen aktuellen Stand gebracht habe, bin ich überzeugt, daß das für meinen eigenen erst Recht Sinn macht. Bei den Dingen, bei denen ich aktuell dazugelernt habe, habe ich auch Anpassungen vorgenommen, also einen anderen Virenscanner installiert oder einzelne Programme mit Update versehen. Oder daß die Windows Updates unter Win7 nicht zuverlässig funktionieren, weiß ich jetzt auch. Trotzdem wäre es nett, wenn von Euch hier mal jemand mit 'drüberschaut'. System Windows 7 mit Intel Core i5, 2,6 GHz, 4 GB RAM. Danke schon jetzt für die Hilfe. |
|
08.07.2016, 21:00
| #2 |
| /// TB-Ausbilder   | Frühjahrsputz ? ! Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
08.07.2016, 22:19
| #3 |
| | Frühjahrsputz ? !Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
durchgeführt von Mas (Administrator) auf MAS-HP (08-07-2016 23:15:21)
Gestartet von C:\Users\Mas\Desktop
Geladene Profile: Mas (Verfügbare Profile: Mas)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Vodafone) C:\Config.Msi\a95eb2a5.rbf
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Dropbox, Inc.) C:\Users\Mas\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-03-05] (IDT, Inc.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [HP Color LaserJet CM2320 MFP Series Fax] => C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-06-01] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [334240 2012-09-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12310616 2012-03-22] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.8.0_91\bin\jusched.exe"
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: E - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: I - I:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {05f6733d-44a6-11e3-a35e-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {05f67348-44a6-11e3-a35e-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {05f673d0-44a6-11e3-a35e-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {44c7bea2-6562-11e3-b574-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {44c7bea4-6562-11e3-b574-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {450e1c20-c110-11e5-8c8e-2c44fd692798} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {6937a26d-45bd-11e3-88f5-70188b893308} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {88f79f1d-5b1c-11e3-b5c8-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {88f79f1f-5b1c-11e3-b5c8-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {88f79f77-5b1c-11e3-b5c8-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {bd336851-00a4-11e4-9f7f-2c44fd692798} - H:\setup.exe
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-11-24]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Mas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-25]
ShortcutTarget: Dropbox.lnk -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9EB9DEE5-35FA-454D-AF55-7F07AF53ECF4}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0835c2e9-9075-6cb0-a41d-a136f1e4a0ce&searchtype=ds&q={searchTerms}&installDate=02/11/2013
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0835c2e9-9075-6cb0-a41d-a136f1e4a0ce&searchtype=ds&q={searchTerms}&installDate=02/11/2013
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2856982752-327615534-2607958787-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-22] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-26] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - Keine Datei
Toolbar: HKLM-x32 - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default
FF DefaultSearchEngine: Google Images
FF SelectedSearchEngine: Google Images
FF Homepage: hxxps://de.nachrichten.yahoo.com/
FF Keyword.URL: hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0835c2e9-9075-6cb0-a41d-a136f1e4a0ce&searchtype=ds&installDate=02/11/2013&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-06] ()
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-02-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2856982752-327615534-2607958787-1001: @www.flatcast.com/FlatViewer 5.2 -> C:\Users\Mas\AppData\Roaming\Mozilla\Plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-02-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mas\AppData\Roaming\mozilla\plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH)
FF Extension: Download Tab - C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\extensions\{a949831f-d9c0-45ae-8c60-91c2a86fbfb6}.xpi [2016-06-19]
FF Extension: Avira Browser Safety - C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\Extensions\abs@avira.com [2014-11-06] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-16]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-10-07] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\addon => nicht gefunden
FF HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\extensions\cliqz@cliqz.com => nicht gefunden
Chrome:
=======
CHR Profile: C:\Users\Mas\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 AAV UpdateService; C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S4 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [493904 2012-03-15] (DigitalPersona, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2519904 2016-04-13] (ESET)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477056 2012-11-19] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [523680 2012-09-13] (Hewlett-Packard Company)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
S4 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1127800 2012-01-27] (Infineon Technologies AG)
S4 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [984440 2012-01-27] (Infineon Technologies AG)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-28] ()
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-28] (Intel Corporation)
S4 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2012-03-22] () [Datei ist nicht signiert]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2014-11-17] (Hewlett-Packard) [Datei ist nicht signiert]
S4 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [212344 2012-01-27] (Infineon Technologies AG)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2014-11-17] (Hewlett-Packard) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5858304 2013-10-07] (Broadcom Corporation) [Datei ist nicht signiert]
U2 VMCService; "C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64832 2012-11-09] (Hewlett-Packard Company)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-05-12] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2016-05-12] (ESET)
S2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [142976 2016-05-12] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [198096 2016-05-12] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [53384 2016-05-12] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [84800 2016-05-12] (ESET)
R3 HPEWSFXBULK; C:\Windows\System32\drivers\hpfx64bulk.sys [29240 2015-10-28] (Hewlett Packard)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-07-16] (JMicron Technology Corp.)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [93640 2012-03-22] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158792 2012-03-22] (McAfee, Inc.)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
S3 pwdrvio; C:\windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 Spfd; C:\Windows\System32\DRIVERS\Spfd.sys [11336 2014-11-21] (Safend Ltd.)
S0 SpfdBus; C:\Windows\System32\DRIVERS\SpfdBus.sys [11336 2014-11-21] (Safend Ltd.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1064184 2012-09-23] (Sunplus)
R4 avkmgr; system32\DRIVERS\avkmgr.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-07-08 23:15 - 2016-07-08 23:15 - 00020386 _____ C:\Users\Mas\Desktop\FRST.txt
2016-07-08 23:14 - 2016-07-08 23:15 - 00000000 ___DC C:\FRST
2016-07-08 23:14 - 2016-07-08 23:14 - 02390016 _____ (Farbar) C:\Users\Mas\Desktop\FRST64.exe
2016-07-08 16:06 - 2016-07-08 16:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-07-08 13:37 - 2016-07-08 13:37 - 00000000 ____D C:\Users\Mas\AppData\Local\ESET
2016-07-08 13:35 - 2016-07-08 13:35 - 00002027 _____ C:\Users\Public\Desktop\ESET Sicheres Online-Banking und Bezahlen.lnk
2016-07-08 13:35 - 2016-07-08 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-07-08 13:35 - 2016-07-08 13:35 - 00000000 ____D C:\ProgramData\ESET
2016-07-08 13:35 - 2016-07-08 13:35 - 00000000 ____D C:\Program Files\ESET
2016-07-08 13:31 - 2016-07-08 13:31 - 03033760 _____ (ESET) C:\Users\Mas\Downloads\eset_smart_security_live_installer_.exe
2016-07-08 13:25 - 2016-07-08 13:28 - 90601672 _____ (ESET) C:\Users\Mas\Downloads\eav_nt32_enu.exe
2016-07-08 13:24 - 2016-07-08 13:24 - 00000000 ____D C:\Program Files (x86)\ESET
2016-07-08 13:13 - 2016-07-08 13:13 - 02870984 _____ (ESET) C:\Users\Mas\Downloads\esetsmartinstaller_deu.exe
2016-07-07 07:58 - 2016-07-07 07:58 - 00000000 ____D C:\ProgramData\firebird
2016-07-07 07:53 - 2016-07-07 07:53 - 00002086 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-07-07 07:53 - 2016-07-07 07:53 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-07-07 07:48 - 2016-07-07 07:48 - 00001468 _____ C:\Users\Public\Desktop\LibreOffice 5.1.lnk
2016-07-07 07:48 - 2016-07-07 07:48 - 00000000 ____D C:\Users\Mas\AppData\Roaming\LibreOffice
2016-07-07 07:48 - 2016-07-07 07:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1
2016-07-07 07:47 - 2016-07-07 07:48 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2016-07-07 07:09 - 2016-07-07 07:10 - 221675520 _____ C:\Users\Mas\Downloads\LibreOffice_5.1.4_Win_x86.msi
2016-06-29 13:56 - 2016-07-07 09:15 - 00111837 _____ C:\Users\Mas\Desktop\Rabattübertragungsformular.pdf
2016-06-25 08:28 - 2016-06-25 08:28 - 00000000 ____D C:\Users\Mas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-09 09:57 - 2016-06-09 09:57 - 01778688 _____ C:\Users\Mas\Desktop\Betriebsvorrichtungen VRL - Arbeitskopie.xls
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-07-08 22:28 - 2015-06-23 09:17 - 00001216 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2856982752-327615534-2607958787-1001UA.job
2016-07-08 19:56 - 2013-11-02 20:10 - 00000000 ____D C:\Program Files (x86)\JFileManager
2016-07-08 16:08 - 2013-12-04 22:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-08 16:02 - 2009-07-14 06:45 - 00031312 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-08 16:02 - 2009-07-14 06:45 - 00031312 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-08 15:50 - 2013-11-20 09:20 - 00000000 ____D C:\Program Files\Uninstaller
2016-07-08 15:50 - 2013-11-02 19:45 - 00000000 ____D C:\Program Files (x86)\VideoPlayer
2016-07-08 15:21 - 2014-06-06 11:48 - 00000000 ___DC C:\temp
2016-07-08 13:40 - 2014-06-06 11:48 - 00000000 ____D C:\Program Files\004
2016-07-08 13:36 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-07-08 12:19 - 2013-11-03 09:50 - 00000000 ____D C:\Users\Mas\AppData\Roaming\Avira
2016-07-08 12:19 - 2013-11-03 09:46 - 00000000 ____D C:\ProgramData\Avira
2016-07-08 12:19 - 2013-10-25 22:58 - 00098488 _____ C:\Users\Mas\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-08 12:18 - 2014-11-06 14:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-08 12:18 - 2013-11-03 09:46 - 00000000 ____D C:\Program Files (x86)\Avira
2016-07-08 07:26 - 2015-06-23 09:17 - 00001164 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2856982752-327615534-2607958787-1001Core.job
2016-07-08 01:11 - 2016-04-01 01:19 - 00003174 _____ C:\windows\System32\Tasks\HPCeeScheduleForMas
2016-07-08 01:11 - 2016-01-28 01:57 - 00000324 _____ C:\windows\Tasks\HPCeeScheduleForMas.job
2016-07-08 00:38 - 2013-10-25 22:57 - 00003914 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{13949E6C-47E7-40B7-A8DC-8736CCF27255}
2016-07-07 15:08 - 2014-10-31 18:28 - 00000000 ____D C:\Users\Mas\AppData\Local\CutePDF Writer
2016-07-04 00:11 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\NDF
2016-07-01 18:15 - 2014-11-19 19:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-07-01 18:14 - 2013-10-26 19:27 - 00000000 ____D C:\Users\Mas\AppData\Local\Thunderbird
2016-07-01 09:17 - 2013-04-13 22:35 - 00699666 _____ C:\windows\system32\perfh007.dat
2016-07-01 09:17 - 2013-04-13 22:35 - 00149774 _____ C:\windows\system32\perfc007.dat
2016-07-01 09:17 - 2009-07-14 07:13 - 01620612 _____ C:\windows\system32\PerfStringBackup.INI
2016-06-25 08:28 - 2014-02-13 16:34 - 00000000 ____D C:\Users\Mas\AppData\Roaming\Dropbox
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-04-10 12:20 - 2006-09-27 11:35 - 0839745 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, Bonn) C:\Program Files\ActiveMap35.ocx
2014-04-10 12:20 - 2010-03-06 17:43 - 0610304 ____N (Hoppenstedt Firmeninformationen GmbH) C:\Program Files\AxRegister.exe
2014-04-10 12:20 - 1996-06-10 16:24 - 0307200 ____N (Software FX, Inc.) C:\Program Files\Cfx32.ocx
2014-04-10 12:20 - 2004-05-04 10:53 - 1645320 ____N (Microsoft Corporation) C:\Program Files\gdiplus.dll
2014-04-10 12:20 - 2010-02-08 14:35 - 0600576 ____N (Bisnode Informatics GmbH & Gunnar Leitz 1999-2010) C:\Program Files\GHLck32.dll
2014-04-10 12:20 - 2010-03-15 17:17 - 0564736 ____N (Hoppenstedt Firmeninformationen) C:\Program Files\Ghret32.dll
2014-04-10 12:20 - 2012-02-10 19:27 - 5708948 _____ (Hoppenstedt Firmeninformationen GmbH) C:\Program Files\Hfdb32.exe
2014-04-10 12:20 - 2010-03-01 20:26 - 0000347 ____N () C:\Program Files\Hfdb32.exe.manifest
2014-04-10 12:20 - 2014-04-10 12:20 - 0002617 _____ () C:\Program Files\Hfdb32.ini
2014-04-10 12:20 - 2011-05-17 18:22 - 0233984 ____N (Bisnode Informatics & Gunnar Leitz) C:\Program Files\Hfdb_eng.dll
2014-04-10 12:20 - 2011-05-17 18:21 - 0255488 ____N (Bisnode Informatics & Gunnar Leitz) C:\Program Files\Hfdb_ger.dll
2014-04-10 12:20 - 2014-04-10 12:20 - 0001284 _____ () C:\Program Files\Hfinst.log
2014-04-10 12:20 - 2010-03-17 16:59 - 0004762 ____N () C:\Program Files\Liesmich.txt
2014-04-10 12:20 - 2005-11-28 16:02 - 0172099 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, BONN) C:\Program Files\LtGeometry10.dll
2014-04-10 12:20 - 1998-01-14 13:34 - 0126976 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, Bonn) C:\Program Files\Ltmapx32.ocx
2014-04-10 12:20 - 2002-07-02 14:00 - 0036864 ____N (Lutum+Tappert) C:\Program Files\LtPictureHolder.ocx
2014-04-10 12:20 - 2003-11-04 11:52 - 0086071 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, Bonn) C:\Program Files\Lttool32.dll
2014-04-10 12:20 - 2006-02-28 13:00 - 1028096 ____N (Microsoft Corporation) C:\Program Files\mfc42.dll
2014-04-10 12:20 - 2006-02-28 13:00 - 0343040 ____N (Microsoft Corporation) C:\Program Files\Msvcrt.dll
2014-04-10 12:20 - 2000-08-24 15:13 - 0334336 ____N () C:\Program Files\UiHlp32.exe
2014-04-10 12:19 - 2006-09-27 11:35 - 0839745 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, Bonn) C:\Program Files (x86)\ActiveMap35.ocx
2014-04-10 12:18 - 2010-03-06 17:43 - 0610304 ____N (Hoppenstedt Firmeninformationen GmbH) C:\Program Files (x86)\AxRegister.exe
2014-04-10 12:19 - 1996-06-10 16:24 - 0307200 ____N (Software FX, Inc.) C:\Program Files (x86)\Cfx32.ocx
2014-04-10 12:18 - 2004-05-04 10:53 - 1645320 ____N (Microsoft Corporation) C:\Program Files (x86)\gdiplus.dll
2014-04-10 12:18 - 2010-02-08 14:35 - 0600576 ____N (Bisnode Informatics GmbH & Gunnar Leitz 1999-2010) C:\Program Files (x86)\GHLck32.dll
2014-04-10 12:18 - 2010-03-15 17:17 - 0564736 ____N (Hoppenstedt Firmeninformationen) C:\Program Files (x86)\Ghret32.dll
2014-04-10 12:18 - 2012-02-10 19:27 - 5708948 _____ (Hoppenstedt Firmeninformationen GmbH) C:\Program Files (x86)\Hfdb32.exe
2014-04-10 12:18 - 2010-03-01 20:26 - 0000347 ____N () C:\Program Files (x86)\Hfdb32.exe.manifest
2014-04-10 12:18 - 2014-04-10 12:19 - 0002677 _____ () C:\Program Files (x86)\Hfdb32.ini
2014-04-10 12:18 - 2011-05-17 18:22 - 0233984 ____N (Bisnode Informatics & Gunnar Leitz) C:\Program Files (x86)\Hfdb_eng.dll
2014-04-10 12:18 - 2011-05-17 18:21 - 0255488 ____N (Bisnode Informatics & Gunnar Leitz) C:\Program Files (x86)\Hfdb_ger.dll
2014-04-10 12:18 - 2014-04-10 12:19 - 0002509 _____ () C:\Program Files (x86)\Hfinst.log
2014-04-10 12:18 - 2010-03-17 16:59 - 0004762 ____N () C:\Program Files (x86)\Liesmich.txt
2014-04-10 12:18 - 2005-11-28 16:02 - 0172099 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, BONN) C:\Program Files (x86)\LtGeometry10.dll
2014-04-10 12:19 - 1998-01-14 13:34 - 0126976 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, Bonn) C:\Program Files (x86)\Ltmapx32.ocx
2014-04-10 12:19 - 2002-07-02 14:00 - 0036864 ____N (Lutum+Tappert) C:\Program Files (x86)\LtPictureHolder.ocx
2014-04-10 12:18 - 2003-11-04 11:52 - 0086071 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, Bonn) C:\Program Files (x86)\Lttool32.dll
2014-04-10 12:18 - 2006-02-28 13:00 - 1028096 ____N (Microsoft Corporation) C:\Program Files (x86)\mfc42.dll
2014-04-10 12:18 - 2006-02-28 13:00 - 0343040 ____N (Microsoft Corporation) C:\Program Files (x86)\Msvcrt.dll
2014-04-10 12:18 - 2000-08-24 15:13 - 0334336 ____N () C:\Program Files (x86)\UiHlp32.exe
2013-12-01 11:49 - 2015-11-24 13:47 - 0006349 _____ () C:\ProgramData\hpzinstall.log
Einige Dateien in TEMP:
====================
C:\Users\Mas\AppData\Local\Temp\avgnt.exe
C:\Users\Mas\AppData\Local\Temp\converter.exe
C:\Users\Mas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp589slj.dll
C:\Users\Mas\AppData\Local\Temp\FileSystemView.dll
C:\Users\Mas\AppData\Local\Temp\Java7.exe
C:\Users\Mas\AppData\Local\Temp\nsfE583.tmp.exe
C:\Users\Mas\AppData\Local\Temp\Setup.exe
C:\Users\Mas\AppData\Local\Temp\uninstall.exe
C:\Users\Mas\AppData\Local\Temp\vlc-2.1.5-win64.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-06-28 16:11
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-07-2016
durchgeführt von Mas (2016-07-08 23:16:03)
Gestartet von C:\Users\Mas\Desktop
Windows 7 Professional Service Pack 1 (X64) (2013-10-25 20:52:59)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2856982752-327615534-2607958787-500 - Administrator - Disabled)
Gast (S-1-5-21-2856982752-327615534-2607958787-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2856982752-327615534-2607958787-1003 - Limited - Enabled)
Mas (S-1-5-21-2856982752-327615534-2607958787-1001 - Administrator - Enabled) => C:\Users\Mas
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: ESET Smart Security 9.0.381.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.381.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 18.2.4 - Hewlett-Packard) Hidden
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
ActiveTrader Deutschland (HKLM-x32\...\{0DE75F32-3E22-42F7-B6CD-5A6644581F4E}) (Version: 6.0.1 - Cortal Consors)
ActiveTrader Deutschland (HKLM-x32\...\{4B505F84-DB93-4C85-A8FE-AF8A55904F42}) (Version: 7.1.0 - Consorsbank)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.2.202.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.15) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.15 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.28.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.28.0 - Alcor Micro Corp.) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2300 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: - Broadcom Corporation)
BufferChm (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.2106 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3317 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2321 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2531 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.5101 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.1.3423 - CyberLink Corp.)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 7.1.2.0 - Hewlett-Packard Company)
DeviceDiscovery (x32 Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version: - ) <==== ACHTUNG
Drive Encryption For HP ProtectTools (HKLM\...\{27F1E086-5691-4EB8-8BA1-5CBA87D67EB5}) (Version: 7.0.28.30376 - Hewlett-Packard Company)
Dropbox (HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\Dropbox) (Version: 5.4.24 - Dropbox, Inc.)
Embedded Security for HP ProtectTools (HKLM\...\{43BE25B8-E69F-42CF-9414-7DDCF891629B}) (Version: 7.0.000.2882 - Hewlett-Packard Company)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESET Smart Security (HKLM\...\{64D5DBAE-3C56-4FBE-9A2F-44C63FA13BAF}) (Version: 9.0.381.1 - ESET, spol. s r.o.)
Face Recognition for HP ProtectTools (HKLM\...\Face Recognition for HP ProtectTools) (Version: 7.2.2.4549 - Hewlett-Packard Company)
Face Recognition for HP ProtectTools (Version: 7.2.2.4549 - Hewlett-Packard Company) Hidden
File Opener Packages (HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\File Opener Packages) (Version: - ) <==== ACHTUNG
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 7.0.0.5 - Hewlett-Packard Company)
FileOpener (HKLM-x32\...\Tweaks FileOpener) (Version: 1.1.1 - Tweaks)
Formularpraxis - Verlag Dr. Otto Schmidt (HKLM-x32\...\{8AA8F0D7-30A6-4515-8839-4A6F60173519}) (Version: - )
Free DWG Viewer 7.2 (HKLM-x32\...\{90751489-B709-4D2F-8634-FEE00BFEC41A}) (Version: 7.2.0.77 - IGC)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Hoppenstedt Auskunfts-CD Firmendatenbank (HKLM-x32\...\{31FC28E2-D8F9-411E-A2F5-71AC76C0C79C}) (Version: 1.00.0010 - )
HP 3D DriveGuard (HKLM\...\{C0C9A493-51CB-4F3F-A296-5B5E410C338E}) (Version: 5.0.9.0 - Hewlett-Packard Company)
HP Color LaserJet CM2320 MFP Series 3.1 (HKLM\...\{ECF3E482-9188-4e29-9C31-E02FD8DC74C0}) (Version: 3.1 - HP)
HP Connection Manager (HKLM-x32\...\{F5AEB2E2-F856-448F-8C32-46CA5C6149FE}) (Version: 4.5.27.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{C65D5947-5FAF-499E-859F-75C3852D84B0}) (Version: 1.1.1.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{840021F2-FFC0-467A-BF85-29B8B7803717}) (Version: 2.0.8.1 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.16 - SunplusIT)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.6.11.2 - Hewlett-Packard Company)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HP Power Assistant (HKLM\...\{84642787-58C0-44AE-8B26-E2F544E380A1}) (Version: 2.5.0.16 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 7.0.0.1177 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{223AE3E8-4445-410F-8EDA-13EC137E3BDB}) (Version: 3.4.3.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.4.18.7 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{C4E9E8A4-EEC4-4F9E-B140-520A8B75F430}) (Version: 2.4.1.2 - Hewlett-Packard Company)
hppCLJCM2320 (x32 Version: 003.001.00097 - Hewlett-Packard) Hidden
hppFaxDrvCM2320 (x32 Version: 003.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM2320 (x32 Version: 003.001.00095 - Ihr Firmenname) Hidden
hppFonts (x32 Version: 001.001.00061 - Hewlett-Packard) Hidden
hppManualsCM2320 (x32 Version: 003.001.00087 - Ihr Firmenname) Hidden
hppQFolderCM2320 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
hppScanToCM2320 (x32 Version: 003.001.00090 - Ihr Firmenname) Hidden
hppSendFaxCM2320 (x32 Version: 003.000.00001 - Ihr Firmenname) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6392.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 17.3 - Intel)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JFileManager (HKLM-x32\...\JFileManager) (Version: v1.10 - TUGUU SL) <==== ACHTUNG
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.76.1 - JMicron Technology Corp.)
Lexware buchhalter 2013 (HKLM-x32\...\{6AB4E5CD-0062-48E8-96A3-E5B4486DFCB3}) (Version: 18.00.00.0090 - Haufe-Lexware GmbH & Co.KG)
Lexware Elster (HKLM-x32\...\{9F6BFB0F-6B1F-4D1A-A9DA-42F6794C9188}) (Version: 13.00.00.0027 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (HKLM-x32\...\{85BF9FDB-BD5B-407C-9CAE-3542E5164783}) (Version: 4.00.00.0075 - Haufe-Lexware GmbH & Co.KG)
LibreOffice 5.1.4.2 (HKLM-x32\...\{D5D4AC5C-C757-4EB2-857C-B021DB22482C}) (Version: 5.1.4.2 - The Document Foundation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
Mozilla Thunderbird 31.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.2.0 (x86 de)) (Version: 31.2.0 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.7 - F.J. Wechselberger)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Prezi Desktop (HKLM-x32\...\{cdd36780-8433-41ca-bab4-c224e2c4f95c}) (Version: 6.13.0.0 - Prezi)
Prezi Desktop (x32 Version: 6.13.0.0 - Prezi) Hidden
Privacy Manager for HP ProtectTools (HKLM\...\{CA2F6FAD-D8CD-42C1-B04D-6E5B1B1CFDCC}) (Version: 7.0.0.865 - Hewlett-Packard Company)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_5 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_5 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
SDK (x32 Version: 2.30.042 - Portrait Displays, Inc.) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
TAXMAN 2013 (HKLM-x32\...\{F289D934-2224-473B-B57E-0040D2693F83}) (Version: 19.06.00.0003 - Haufe-Lexware GmbH & Co.KG)
TAXMAN 2014 (HKLM-x32\...\{4A1C559D-38F6-49CF-BDA5-CF354FFE04E4}) (Version: 20.04.00.0003 - Haufe-Lexware GmbH & Co.KG)
TAXMAN 2015 (HKLM-x32\...\{5613CAD3-71ED-4207-95A0-1BA0BF465E38}) (Version: 20.35.162 - Haufe-Lexware GmbH & Co.KG)
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.0.10 - Hewlett-Packard Company)
Theft Recovery for HP ProtectTools (x32 Version: 7.0.0.10 - Hewlett-Packard Company) Hidden
TrayApp (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Validity Fingerprint Sensor Driver (HKLM\...\{93581599-ECF1-4DCD-BE36-BD969A6C8DB5}) (Version: 4.4.213.0 - Validity Sensors, Inc.)
VideoPlayer v2.0.6 (HKLM-x32\...\VideoPlayer) (Version: v2.0.6 - TUGUU SL) <==== ACHTUNG
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CF}) (Version: 15.0.10039 - WinZip Computing, S.L. )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0A773406-9C08-4B30-BABC-DA3855FB7188} - System32\Tasks\{C7BC0C70-5BE9-45FE-8BB9-44C25FCDBCB2} => pcalua.exe -a F:\setup.exe -d F:\
Task: {0FEBB2FD-FCC9-4C91-B3C3-9A78C5892743} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2856982752-327615534-2607958787-1001Core => C:\Users\Mas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-23] (Dropbox, Inc.)
Task: {2965738B-02A5-440D-B92E-33F05B955B95} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2856982752-327615534-2607958787-1001UA => C:\Users\Mas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-23] (Dropbox, Inc.)
Task: {2EF6DC91-AB44-464D-A2E7-D2C71F273DA7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-10] (Hewlett-Packard Company)
Task: {37ABDDAF-7A57-4872-B0F9-A4AA5B2FAFEE} - System32\Tasks\HPCeeScheduleForMas => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {3AA0548D-03EA-4625-B761-C17F664719D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {5E9CCE08-C28F-407A-B47D-59D55D5C47B0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-10] (Hewlett-Packard Company)
Task: {5F756987-7843-4CF7-87EB-9DF184777BFC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [2011-09-10] (Hewlett-Packard Company)
Task: {800029E7-855E-4645-A0EE-4C543AF0F93C} - System32\Tasks\{BDD60054-A66C-46A3-AB8E-7F89E4DB1CC4} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {AA5FAC01-3DCB-4FA0-85EA-053A509C6805} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-10] (Hewlett-Packard Company)
Task: {AF811964-1A10-43DD-B49D-C787CE9BC4C7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {B36786EE-1FCF-4D5E-BC0F-66E1B76BD7C0} - \DealPly -> Keine Datei <==== ACHTUNG
Task: {B5270B58-B9F1-44B6-8DDC-DA22861D9C70} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {E0144AFC-D788-41A8-924F-6BA66DEF3A75} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-23] (Hewlett-Packard Company)
Task: {FF689E8E-6A65-4E8A-9A39-0605C9870D78} - System32\Tasks\{76837DD5-14C5-4059-BCE5-BD01C0037D44} => pcalua.exe -a C:\Users\Mas\Downloads\AVM_FRITZ_WLAN_Repeater_310_Assistent.exe -d C:\Users\Mas\Downloads
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2856982752-327615534-2607958787-1001Core.job => C:\Users\Mas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2856982752-327615534-2607958787-1001UA.job => C:\Users\Mas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForMas.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Public\Desktop\LibreOffice 5.1.lnk -> hxxp://www.documentfoundation.org (Keine Datei)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-10-31 18:27 - 2013-10-23 16:24 - 00087600 _____ () C:\windows\System32\cpwmon64.dll
2012-02-10 23:26 - 2012-02-10 23:26 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2013-10-07 11:50 - 2012-03-28 19:38 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2016-06-25 08:28 - 2016-05-25 19:03 - 00034768 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-06-25 08:28 - 2016-05-25 19:03 - 00134088 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-06-25 08:28 - 2016-05-25 19:04 - 00019408 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-06-25 08:28 - 2016-05-25 19:03 - 00116688 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-06-25 08:28 - 2016-05-25 19:03 - 00093640 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-06-25 08:28 - 2016-05-25 19:03 - 00018376 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\select.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00019760 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00105928 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-06-25 08:28 - 2016-05-25 19:03 - 00392144 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-06-25 08:28 - 2016-06-13 22:13 - 00381752 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-06-25 08:28 - 2016-05-25 19:03 - 00692688 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00020816 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-06-25 08:28 - 2016-05-25 19:04 - 00123856 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 01682760 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00020808 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00021840 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00052024 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00038696 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00020936 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00024528 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00114640 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00124880 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00021832 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00024016 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00175560 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00030160 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00043472 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00048592 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00023872 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00026456 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00057808 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00024016 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00246592 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00028616 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00020800 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00019776 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00020800 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-06-25 08:28 - 2016-05-25 19:03 - 00134608 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-06-25 08:28 - 2016-05-25 19:04 - 00240584 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00020280 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00023376 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00350152 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00022352 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00024392 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00036296 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\librsync.dll
2016-06-25 08:28 - 2016-06-13 22:13 - 00084280 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-06-25 08:28 - 2016-06-13 22:13 - 01826096 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-06-25 08:28 - 2016-05-25 19:04 - 00083912 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\sip.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 03928880 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 01971504 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00531248 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00132912 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00223544 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00207672 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00060880 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00024904 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00546096 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00357680 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2014-11-19 19:01 - 2014-11-19 19:01 - 03339376 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-11-19 19:01 - 2014-11-19 19:01 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-11-19 19:01 - 2014-11-19 19:01 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [118]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: 70e6ca8c => 2
MSCONFIG\Services: AAV UpdateService => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Avira.ServiceHost => 2
MSCONFIG\Services: DpHost => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: IePluginServices => 2
MSCONFIG\Services: IFXSpMgtSrv => 2
MSCONFIG\Services: IFXTCS => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McAfee Endpoint Encryption Agent => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: pdfcDispatcher => 2
MSCONFIG\Services: PersonalSecureDriveService => 2
MSCONFIG\Services: rqpbhevlkc64 => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: vcsFPService => 2
MSCONFIG\Services: WajamUpdaterV3 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Mas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: AccessSecureData => C:\Users\Mas\AppData\Local\Temp\{76C65A89-20BC-417C-93C6-512BC1A37786}\AccessSecureData.exe
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe
MSCONFIG\startupreg: CLMLServer_For_P2G8 => "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
MSCONFIG\startupreg: CLVirtualDrive => "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Mas\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: HotKeysCmds => C:\windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IFXSPMGT => "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
MSCONFIG\startupreg: IgfxTray => C:\windows\system32\igfxtray.exe
MSCONFIG\startupreg: iLivid => "C:\Users\Mas\AppData\Local\iLivid\iLivid.exe" -autorun
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LexwareInfoService => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe /autostart
MSCONFIG\startupreg: MfeEpePcMonitor => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
MSCONFIG\startupreg: Optimizer Pro => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: Persistence => C:\windows\system32\igfxpers.exe
MSCONFIG\startupreg: RemoteControl10 => "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Java\jre7\bin\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: YouCam Mirage => "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{08762CC0-6797-46DE-BC99-270CFB4E6DF8}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{5685469D-F351-4C3B-99DA-E9F75879F810}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{98198916-D35F-427E-98AF-2CBE45B48F1A}] => (Allow) C:\Users\Mas\AppData\Local\iLivid\iLivid.exe
FirewallRules: [{78DCC148-34C5-4F57-8238-266B4C421FA7}] => (Allow) C:\Users\Mas\AppData\Local\iLivid\iLivid.exe
FirewallRules: [{5CC97787-F726-4191-9D83-8606756D5960}] => (Allow) C:\Users\Mas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{44AD7AB6-866E-4A32-AF5F-FCCA5788BCD3}] => (Allow) C:\Users\Mas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{DF6DF202-F35E-4343-91CA-A2900A388AB6}C:\users\mas\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{E8BEEA45-0D9F-44C5-8799-9444874FF1B1}C:\users\mas\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{F51CDEA1-AFC2-4A36-8E4B-EF3A1AE065B2}C:\users\mas\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe] => (Allow) C:\users\mas\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [UDP Query User{DD710277-F378-45DD-808D-4605AE9D739D}C:\users\mas\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe] => (Allow) C:\users\mas\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [{4BC21A0C-4974-4EB7-95FD-CAF208100553}] => (Block) C:\users\mas\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [{DC3E36CE-6CBA-4CD2-AE19-C00C37A0966A}] => (Block) C:\users\mas\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [TCP Query User{9A44B86B-54A2-420E-81BF-36D77BFFC053}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{8EE0A58A-4BFA-4D3B-8438-6285D7B99BC2}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{7FE89021-4F43-4660-B542-9DFFF7A90D0C}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS241B\HPDiagnosticCoreUI.exe
FirewallRules: [{2719F3E8-DA90-44B5-B610-3F6861FE888E}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS241B\HPDiagnosticCoreUI.exe
FirewallRules: [{1E0376CA-E646-4E74-904E-C6EF805200BB}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS7933\HPDiagnosticCoreUI.exe
FirewallRules: [{7EEAB372-D80E-47EB-8D67-39CACDCF93D7}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS7933\HPDiagnosticCoreUI.exe
FirewallRules: [{C6971E9B-207A-4E17-8D91-DFCF428A144B}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS55EE\HPDiagnosticCoreUI.exe
FirewallRules: [{35CEF966-610E-4347-A20C-4F366988F03B}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS55EE\HPDiagnosticCoreUI.exe
FirewallRules: [{3672BAC1-D29C-416A-8FF8-0B84ED1D38D2}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS46CE\HPDiagnosticCoreUI.exe
FirewallRules: [{E04B3A70-ACA8-4666-9DB1-F0D1A23E642B}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS46CE\HPDiagnosticCoreUI.exe
FirewallRules: [{01D10076-6379-49E5-A651-22DBC25E7425}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS1BE5\HPDiagnosticCoreUI.exe
FirewallRules: [{F9CDAB3F-A976-4DAB-8D25-B6F67DECB265}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS1BE5\HPDiagnosticCoreUI.exe
FirewallRules: [{F894C3CB-A90C-4A81-AB8D-AADA077992F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{46656325-0BF2-4495-B190-A49EF8D73346}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
23-06-2016 03:03:49 Geplanter Prüfpunkt
01-07-2016 00:47:30 Geplanter Prüfpunkt
07-07-2016 07:03:35 OpenOffice 4.1.1 wird entfernt
07-07-2016 07:12:52 Installed LibreOffice 5.1.4.2
07-07-2016 07:46:58 Installed LibreOffice 5.1.4.2
08-07-2016 12:23:24 Removed Vodafone Mobile Connect Lite.
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/08/2016 01:24:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Error: (07/08/2016 01:24:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Error: (07/08/2016 12:24:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 29.0.1.5239 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 21f8
Startzeit: 01d1d63ca22ee035
Endzeit: 873
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 2135d562-44f6-11e6-b6bf-0c84dce3889c
Error: (07/08/2016 12:15:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm HPSF.exe, Version 6.1.12.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1b70
Startzeit: 01d1d486c8fd5106
Endzeit: 135
Anwendungspfad: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Berichts-ID:
Error: (07/04/2016 11:39:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 29.0.1.5239 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2118
Startzeit: 01d1d45ea398f3fd
Endzeit: 1440
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: c6be957d-422f-11e6-b6bf-0c84dce3889c
Error: (07/02/2016 02:38:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 29.0.1.5239 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2230
Startzeit: 01d1d35c00f9b92f
Endzeit: 280
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: d5ad7940-4051-11e6-b6bf-0c84dce3889c
Error: (07/01/2016 07:47:02 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 29.0.1.5239 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1ac8
Startzeit: 01d1d2199b795134
Endzeit: 786
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 383e91be-3f4f-11e6-b6bf-0c84dce3889c
Error: (06/29/2016 05:18:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 29.0.1.5239 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 714
Startzeit: 01d1ced44aa076c6
Endzeit: 422
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: b1ad06b3-3e0c-11e6-b6bf-0c84dce3889c
Error: (06/25/2016 01:24:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 29.0.1.5239 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 13c4
Startzeit: 01d1ca011af8cdcd
Endzeit: 234
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 61928c15-3ac7-11e6-b6bf-0c84dce3889c
Error: (06/05/2016 02:59:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (07/08/2016 03:52:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275 = Der Treiber konnte nicht geladen werden.
Error: (07/08/2016 03:52:55 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Mas\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (07/08/2016 03:52:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275 = Der Treiber konnte nicht geladen werden.
Error: (07/08/2016 03:52:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Mas\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (07/08/2016 03:52:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275 = Der Treiber konnte nicht geladen werden.
Error: (07/08/2016 03:52:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Mas\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (07/08/2016 03:52:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275 = Der Treiber konnte nicht geladen werden.
Error: (07/08/2016 03:52:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Mas\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (07/08/2016 03:52:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275 = Der Treiber konnte nicht geladen werden.
Error: (07/08/2016 03:52:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Mas\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 50%
Installierter physikalischer RAM: 3975.55 MB
Verfügbarer physikalischer RAM: 1983.44 MB
Summe virtueller Speicher: 7949.31 MB
Verfügbarer virtueller Speicher: 4776.07 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:222.67 GB) (Free:92.57 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Daten) (Fixed) (Total:223.1 GB) (Free:216.59 GB) NTFS
Drive f: (CDFD32) (CDROM) (Total:0.61 GB) (Free:0 GB) UDF
Drive g: (HP_RECOVERY) (Fixed) (Total:19.7 GB) (Free:3.02 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive h: () (Removable) (Total:0.94 GB) (Free:0.91 GB) FAT
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 50318F85)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=223.1 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 960 MB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
09.07.2016, 06:09
| #4 |
| | Frühjahrsputz ? ! Und hier der TDSS: Code:
ATTFilter 23:18:30.0695 0x1bfc TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
23:18:38.0591 0x1bfc ============================================================
23:18:38.0591 0x1bfc Current date / time: 2016/07/08 23:18:38.0591
23:18:38.0591 0x1bfc SystemInfo:
23:18:38.0591 0x1bfc
23:18:38.0591 0x1bfc OS Version: 6.1.7601 ServicePack: 1.0
23:18:38.0591 0x1bfc Product type: Workstation
23:18:38.0591 0x1bfc ComputerName: MAS-HP
23:18:38.0591 0x1bfc UserName: Mas
23:18:38.0591 0x1bfc Windows directory: C:\windows
23:18:38.0591 0x1bfc System windows directory: C:\windows
23:18:38.0591 0x1bfc Running under WOW64
23:18:38.0592 0x1bfc Processor architecture: Intel x64
23:18:38.0592 0x1bfc Number of processors: 4
23:18:38.0592 0x1bfc Page size: 0x1000
23:18:38.0592 0x1bfc Boot type: Normal boot
23:18:38.0592 0x1bfc ============================================================
23:18:39.0052 0x1bfc KLMD registered as C:\windows\system32\drivers\46535233.sys
23:18:39.0578 0x1bfc System UUID: {AAD2B824-3ABB-C6B1-3EEE-3635C20C905C}
23:18:40.0094 0x1bfc Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:18:40.0103 0x1bfc Drive \Device\Harddisk2\DR25 - Size: 0x3C000000 ( 0.94 Gb ), SectorSize: 0x200, Cylinders: 0x7A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:18:40.0106 0x1bfc ============================================================
23:18:40.0106 0x1bfc \Device\Harddisk0\DR0:
23:18:40.0107 0x1bfc MBR partitions:
23:18:40.0107 0x1bfc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
23:18:40.0107 0x1bfc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x1BD57000
23:18:40.0107 0x1bfc \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1BDED800, BlocksNum 0x2764000
23:18:40.0107 0x1bfc \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x1E551800, BlocksNum 0x1BE33000
23:18:40.0107 0x1bfc \Device\Harddisk2\DR25:
23:18:40.0108 0x1bfc MBR partitions:
23:18:40.0108 0x1bfc \Device\Harddisk2\DR25\Partition1: MBR, Type 0x6, StartLBA 0x578, BlocksNum 0x1DFA88
23:18:40.0108 0x1bfc ============================================================
23:18:40.0142 0x1bfc C: <-> \Device\Harddisk0\DR0\Partition2
23:18:40.0175 0x1bfc G: <-> \Device\Harddisk0\DR0\Partition3
23:18:40.0199 0x1bfc D: <-> \Device\Harddisk0\DR0\Partition4
23:18:40.0199 0x1bfc ============================================================
23:18:40.0199 0x1bfc Initialize success
23:18:40.0199 0x1bfc ============================================================
23:20:25.0672 0x1804 ============================================================
23:20:25.0672 0x1804 Scan started
23:20:25.0672 0x1804 Mode: Manual; SigCheck; TDLFS;
23:20:25.0672 0x1804 ============================================================
23:20:25.0672 0x1804 KSN ping started
23:20:28.0096 0x1804 KSN ping finished: true
23:20:28.0820 0x1804 ================ Scan system memory ========================
23:20:28.0820 0x1804 System memory - ok
23:20:28.0822 0x1804 ================ Scan services =============================
23:20:29.0037 0x1804 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
23:20:29.0113 0x1804 1394ohci - ok
23:20:29.0233 0x1804 [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe
23:20:29.0254 0x1804 AAV UpdateService - ok
23:20:29.0278 0x1804 [ EE9407D42154190C3169D11EA4B8C711, 42A084DC8D6A6679D2170FCC320766F9134D907F9B60C503EE32F77FA364481E ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys
23:20:29.0289 0x1804 Accelerometer - ok
23:20:29.0314 0x1804 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
23:20:29.0329 0x1804 ACPI - ok
23:20:29.0359 0x1804 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
23:20:29.0387 0x1804 AcpiPmi - ok
23:20:29.0486 0x1804 [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:20:29.0505 0x1804 AdobeARMservice - ok
23:20:29.0551 0x1804 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
23:20:29.0572 0x1804 adp94xx - ok
23:20:29.0617 0x1804 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\drivers\adpahci.sys
23:20:29.0629 0x1804 adpahci - ok
23:20:29.0655 0x1804 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\drivers\adpu320.sys
23:20:29.0665 0x1804 adpu320 - ok
23:20:29.0701 0x1804 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
23:20:29.0710 0x1804 AeLookupSvc - ok
23:20:29.0779 0x1804 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\windows\system32\drivers\afd.sys
23:20:29.0812 0x1804 AFD - ok
23:20:29.0871 0x1804 [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
23:20:29.0902 0x1804 AgereSoftModem - ok
23:20:29.0930 0x1804 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
23:20:29.0938 0x1804 agp440 - ok
23:20:29.0959 0x1804 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
23:20:29.0970 0x1804 ALG - ok
23:20:30.0014 0x1804 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
23:20:30.0031 0x1804 aliide - ok
23:20:30.0047 0x1804 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
23:20:30.0056 0x1804 amdide - ok
23:20:30.0087 0x1804 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
23:20:30.0098 0x1804 AmdK8 - ok
23:20:30.0118 0x1804 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
23:20:30.0129 0x1804 AmdPPM - ok
23:20:30.0159 0x1804 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
23:20:30.0169 0x1804 amdsata - ok
23:20:30.0198 0x1804 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
23:20:30.0210 0x1804 amdsbs - ok
23:20:30.0227 0x1804 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
23:20:30.0235 0x1804 amdxata - ok
23:20:30.0278 0x1804 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\windows\system32\drivers\appid.sys
23:20:30.0288 0x1804 AppID - ok
23:20:30.0301 0x1804 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\windows\System32\appidsvc.dll
23:20:30.0309 0x1804 AppIDSvc - ok
23:20:30.0340 0x1804 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\windows\System32\appinfo.dll
23:20:30.0359 0x1804 Appinfo - ok
23:20:30.0399 0x1804 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\windows\System32\appmgmts.dll
23:20:30.0417 0x1804 AppMgmt - ok
23:20:30.0457 0x1804 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\drivers\arc.sys
23:20:30.0470 0x1804 arc - ok
23:20:30.0477 0x1804 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\drivers\arcsas.sys
23:20:30.0491 0x1804 arcsas - ok
23:20:30.0602 0x1804 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:20:30.0625 0x1804 aspnet_state - ok
23:20:30.0658 0x1804 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
23:20:30.0692 0x1804 AsyncMac - ok
23:20:30.0737 0x1804 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
23:20:30.0754 0x1804 atapi - ok
23:20:30.0829 0x1804 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
23:20:30.0865 0x1804 AudioEndpointBuilder - ok
23:20:30.0881 0x1804 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\windows\System32\Audiosrv.dll
23:20:30.0902 0x1804 AudioSrv - ok
23:20:30.0915 0x1804 avkmgr - ok
23:20:30.0960 0x1804 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
23:20:30.0974 0x1804 AxInstSV - ok
23:20:31.0015 0x1804 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
23:20:31.0032 0x1804 b06bdrv - ok
23:20:31.0078 0x1804 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
23:20:31.0109 0x1804 b57nd60a - ok
23:20:31.0149 0x1804 [ BC9E4469FE2CE605902D4C8BB09E8236, 13C906DEE487E46037F6DAB82CD65B49CECCA8A7BAC9E1FFD34767AA288A9B76 ] bcbtums C:\windows\system32\drivers\bcbtums.sys
23:20:31.0160 0x1804 bcbtums - ok
23:20:31.0193 0x1804 [ 0B2A432AD87C2F8D244A1C9C6945B85F, BE15F8279B6C488DDC7C7897392A7C18C55B71C6028942C81FF244471D67B11E ] BCM42RLY C:\windows\system32\drivers\BCM42RLY.sys
23:20:31.0202 0x1804 BCM42RLY - ok
23:20:31.0353 0x1804 [ 94387EFC7254F2E74C6C6E6019ACA53A, 6040CDF7720BAA61C643ACE86474C544244B860DFB4A6E24092AE2C95255AE72 ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys
23:20:31.0452 0x1804 BCM43XX - ok
23:20:31.0526 0x1804 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
23:20:31.0547 0x1804 BDESVC - ok
23:20:31.0576 0x1804 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
23:20:31.0615 0x1804 Beep - ok
23:20:31.0655 0x1804 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
23:20:31.0683 0x1804 BFE - ok
23:20:31.0729 0x1804 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll
23:20:31.0812 0x1804 BITS - ok
23:20:31.0855 0x1804 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
23:20:31.0876 0x1804 blbdrive - ok
23:20:31.0914 0x1804 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
23:20:31.0932 0x1804 bowser - ok
23:20:31.0967 0x1804 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
23:20:31.0985 0x1804 BrFiltLo - ok
23:20:31.0997 0x1804 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
23:20:32.0006 0x1804 BrFiltUp - ok
23:20:32.0047 0x1804 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
23:20:32.0058 0x1804 Browser - ok
23:20:32.0081 0x1804 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
23:20:32.0094 0x1804 Brserid - ok
23:20:32.0116 0x1804 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
23:20:32.0126 0x1804 BrSerWdm - ok
23:20:32.0141 0x1804 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
23:20:32.0150 0x1804 BrUsbMdm - ok
23:20:32.0165 0x1804 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
23:20:32.0173 0x1804 BrUsbSer - ok
23:20:32.0215 0x1804 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\windows\system32\DRIVERS\BthEnum.sys
23:20:32.0224 0x1804 BthEnum - ok
23:20:32.0244 0x1804 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
23:20:32.0255 0x1804 BTHMODEM - ok
23:20:32.0277 0x1804 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
23:20:32.0278 0x1804 BthPan - ok
23:20:32.0325 0x1804 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\windows\system32\Drivers\BTHport.sys
23:20:32.0341 0x1804 BTHPORT - ok
23:20:32.0372 0x1804 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
23:20:32.0403 0x1804 bthserv - ok
23:20:32.0403 0x1804 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\windows\system32\Drivers\BTHUSB.sys
23:20:32.0419 0x1804 BTHUSB - ok
23:20:32.0465 0x1804 [ 93F0E54C65EF7FCB56287FA685E4C4B7, FF8644C2F9DC4CDB1BDBD7C25968225769B2DAE7E063BE0FEDCD51809C48CB4D ] btwampfl C:\windows\system32\drivers\btwampfl.sys
23:20:32.0481 0x1804 btwampfl - ok
23:20:32.0512 0x1804 [ D1F3C58892C621935947C0261BAEF3C0, AEDAF86A78F615C9124A968568FAA41AA145E6AAE910AB16E370B83BC67BB603 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
23:20:32.0528 0x1804 btwaudio - ok
23:20:32.0559 0x1804 [ 9C7A3858D87F3A2574C1D326CA6C1461, EA98D1DE3E1BF3BB952FC11511082EC1D398B448C712141B7FC35AFB7E40C4E5 ] btwavdt C:\windows\system32\drivers\btwavdt.sys
23:20:32.0590 0x1804 btwavdt - ok
23:20:32.0684 0x1804 [ CE6AD9E2874D19069569F03C819B558C, 719326983BC442B416651DB51DD20AA32455B93A79C48B386913296F65B50E6F ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
23:20:32.0715 0x1804 btwdins - ok
23:20:32.0731 0x1804 [ AC602E3B6940B48E454D90545D85E8C3, EA178018C7EF6B99D7F1E68314DD9E54EFBDEADD9EF649E46975E546956232A9 ] BTWDPAN C:\windows\system32\DRIVERS\btwdpan.sys
23:20:32.0731 0x1804 BTWDPAN - ok
23:20:32.0762 0x1804 [ B1ACFD00CDD13B48D86F46BFEC153BF9, CD7BE27D93364735511CC714B85CB7D97E21E84E3C2361EC405BADAAEA550925 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
23:20:32.0762 0x1804 btwl2cap - ok
23:20:32.0793 0x1804 [ BB892C59D453E127797F8C5B203678DC, 9ED6E44B1E1050F275BEDE733970F455867147F6EC08CD6522E5AA2F55CB5B71 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
23:20:32.0793 0x1804 btwrchid - ok
23:20:32.0824 0x1804 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
23:20:32.0855 0x1804 cdfs - ok
23:20:32.0887 0x1804 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
23:20:32.0918 0x1804 cdrom - ok
23:20:32.0949 0x1804 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
23:20:32.0980 0x1804 CertPropSvc - ok
23:20:32.0996 0x1804 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\drivers\circlass.sys
23:20:33.0011 0x1804 circlass - ok
23:20:33.0043 0x1804 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\windows\system32\CLFS.sys
23:20:33.0058 0x1804 CLFS - ok
23:20:33.0121 0x1804 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:20:33.0136 0x1804 clr_optimization_v2.0.50727_32 - ok
23:20:33.0183 0x1804 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:20:33.0199 0x1804 clr_optimization_v2.0.50727_64 - ok
23:20:33.0292 0x1804 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:20:33.0323 0x1804 clr_optimization_v4.0.30319_32 - ok
23:20:33.0355 0x1804 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:20:33.0370 0x1804 clr_optimization_v4.0.30319_64 - ok
23:20:33.0417 0x1804 [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive C:\windows\system32\DRIVERS\CLVirtualDrive.sys
23:20:33.0433 0x1804 CLVirtualDrive - ok
23:20:33.0464 0x1804 [ AE827DFBE69EF592BE877E0FF75520D7, DBA9C4BFE277F9952447477A295C05965C39062E614384405B98DB1359C6F299 ] clwvd C:\windows\system32\DRIVERS\clwvd.sys
23:20:33.0464 0x1804 clwvd - ok
23:20:33.0511 0x1804 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\drivers\CmBatt.sys
23:20:33.0526 0x1804 CmBatt - ok
23:20:33.0557 0x1804 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
23:20:33.0573 0x1804 cmdide - ok
23:20:33.0635 0x1804 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\windows\system32\Drivers\cng.sys
23:20:33.0667 0x1804 CNG - ok
23:20:33.0698 0x1804 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\drivers\compbatt.sys
23:20:33.0698 0x1804 Compbatt - ok
23:20:33.0729 0x1804 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
23:20:33.0745 0x1804 CompositeBus - ok
23:20:33.0745 0x1804 COMSysApp - ok
23:20:33.0838 0x1804 [ 04D9DC335863B587D8A421A257051D9A, 9A91CC02598B8A1E106E12404572E4BCD976FD2805A3E95F0D902E3ADC16CC2D ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
23:20:33.0854 0x1804 cphs - ok
23:20:33.0885 0x1804 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
23:20:33.0901 0x1804 crcdisk - ok
23:20:33.0963 0x1804 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\windows\system32\cryptsvc.dll
23:20:33.0963 0x1804 CryptSvc - ok
23:20:34.0010 0x1804 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\windows\system32\drivers\csc.sys
23:20:34.0041 0x1804 CSC - ok
23:20:34.0088 0x1804 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\windows\System32\cscsvc.dll
23:20:34.0103 0x1804 CscService - ok
23:20:34.0135 0x1804 [ D3FAC3926974F22F91E4C9E053DAD07F, 3FC6BA1ADAD70E914A32B2D0EA14D9EE125863F0375BC55B675C474786A90726 ] DAMDrv C:\windows\system32\DRIVERS\DAMDrv64.sys
23:20:34.0150 0x1804 DAMDrv - ok
23:20:34.0228 0x1804 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
23:20:34.0275 0x1804 DcomLaunch - ok
23:20:34.0291 0x1804 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
23:20:34.0322 0x1804 defragsvc - ok
23:20:34.0353 0x1804 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
23:20:34.0369 0x1804 DfsC - ok
23:20:34.0431 0x1804 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\windows\system32\DRIVERS\ssudbus.sys
23:20:34.0462 0x1804 dg_ssudbus - ok
23:20:34.0493 0x1804 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
23:20:34.0525 0x1804 Dhcp - ok
23:20:34.0587 0x1804 [ EA8A3E8C674B03CB4AFA1D344DBD7BC1, 564D9370AE4D12973647997684B9637B2A5A7480F66B87018F789CE4E43C8191 ] DiagTrack C:\windows\system32\diagtrack.dll
23:20:34.0618 0x1804 DiagTrack - ok
23:20:34.0649 0x1804 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
23:20:34.0665 0x1804 discache - ok
23:20:34.0712 0x1804 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\drivers\disk.sys
23:20:34.0727 0x1804 Disk - ok
23:20:34.0743 0x1804 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\windows\system32\drivers\dmvsc.sys
23:20:34.0759 0x1804 dmvsc - ok
23:20:34.0790 0x1804 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
23:20:34.0805 0x1804 Dnscache - ok
23:20:34.0837 0x1804 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
23:20:34.0868 0x1804 dot3svc - ok
23:20:34.0977 0x1804 [ A5018AA1B36A278328950FDFF8C1671A, 3DF0D39F970E1A11DA01E9A5FA06FD1FD6F11E29D2AAD95DC1E03E676C3890DE ] DpHost c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
23:20:35.0008 0x1804 DpHost - ok
23:20:35.0024 0x1804 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
23:20:35.0055 0x1804 DPS - ok
23:20:35.0117 0x1804 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
23:20:35.0133 0x1804 drmkaud - ok
23:20:35.0227 0x1804 [ F59E2FE2687A5C30598F9099F318EB73, 80A0B1CC758BD3C4AEAB8E5804120D8A145F918B527F41DEF02A0E4EBE170F37 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
23:20:35.0258 0x1804 DXGKrnl - ok
23:20:35.0289 0x1804 [ BA01A130D2B850CA87483CE6AC1A2BBA, DFF760DB1A6F60A856D64F01C67B8FC075ABED9DD80FFA50AA681296FF56FCE0 ] e1cexpress C:\windows\system32\DRIVERS\e1c62x64.sys
23:20:35.0305 0x1804 e1cexpress - ok
23:20:35.0336 0x1804 [ B4B52D2D4976FB06C53DCC6F476EAE2F, 2D48A3A6DC4E19840543A2F22CA45D3F6C0C989E00CBCA65F7B4B7222E6D69ED ] eamonm C:\windows\system32\DRIVERS\eamonm.sys
23:20:35.0351 0x1804 eamonm - ok
23:20:35.0383 0x1804 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
23:20:35.0398 0x1804 EapHost - ok
23:20:35.0523 0x1804 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\drivers\evbda.sys
23:20:35.0601 0x1804 ebdrv - ok
23:20:35.0663 0x1804 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] EFS C:\windows\System32\lsass.exe
23:20:35.0679 0x1804 EFS - ok
23:20:35.0710 0x1804 [ 2072E5C612C0C178A1E725433EB4E7EB, FA99355AE119FFEB1C9C2DB1349ABCF59F87AB113C9D91186F59829FFFBA1286 ] ehdrv C:\windows\system32\DRIVERS\ehdrv.sys
23:20:35.0726 0x1804 ehdrv - ok
23:20:35.0819 0x1804 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
23:20:35.0835 0x1804 ehRecvr - ok
23:20:35.0851 0x1804 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
23:20:35.0866 0x1804 ehSched - ok
23:20:35.0897 0x1804 [ 70350E9D75CE4479AA1A046887F11519, 46FFACBBB8BC2B1F45D83884D7298F8B82EF24A033D173B3DA812BA42D2296C5 ] ekbdflt C:\windows\system32\DRIVERS\ekbdflt.sys
23:20:35.0913 0x1804 ekbdflt - ok
23:20:36.0116 0x1804 [ 287D7C125CCCBA0D2111181F44BE2C2A, 7D9892BB0CAF30AC90E5CE7D93FF85ED7B5D95418D13475CF7D2E66BEDDD574E ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
23:20:36.0178 0x1804 ekrn - ok
23:20:36.0225 0x1804 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\drivers\elxstor.sys
23:20:36.0241 0x1804 elxstor - ok
23:20:36.0303 0x1804 [ D0268AFCBE7E16A30D4C7A0D91526BD1, D398E04EBC97F69CFE785B829ECB5CB15A21B5F3E82405D5221DFD122DC0D248 ] epfw C:\windows\system32\DRIVERS\epfw.sys
23:20:36.0334 0x1804 epfw - ok
23:20:36.0365 0x1804 [ 6B19C4B37E06E275D9AE54F06B1DEAAA, 62EEF3A5611456226D0B7B48738D0AE443375353BF631A4D07485680F4EAA212 ] EpfwLWF C:\windows\system32\DRIVERS\EpfwLWF.sys
23:20:36.0397 0x1804 EpfwLWF - ok
23:20:36.0428 0x1804 [ 75815E12D7B8209BD26E8DC4E6708A4F, CB3E443C3AC851A971B921C967025C12377E398E9069FD3DC2F33907DBB168BD ] epfwwfp C:\windows\system32\DRIVERS\epfwwfp.sys
23:20:36.0443 0x1804 epfwwfp - ok
23:20:36.0475 0x1804 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
23:20:36.0490 0x1804 ErrDev - ok
23:20:36.0553 0x1804 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
23:20:36.0599 0x1804 EventSystem - ok
23:20:36.0631 0x1804 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
23:20:36.0662 0x1804 exfat - ok
23:20:36.0693 0x1804 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
23:20:36.0709 0x1804 fastfat - ok
23:20:36.0755 0x1804 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
23:20:36.0787 0x1804 Fax - ok
23:20:36.0802 0x1804 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\drivers\fdc.sys
23:20:36.0818 0x1804 fdc - ok
23:20:36.0833 0x1804 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
23:20:36.0849 0x1804 fdPHost - ok
23:20:36.0880 0x1804 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
23:20:36.0911 0x1804 FDResPub - ok
23:20:36.0911 0x1804 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
23:20:36.0927 0x1804 FileInfo - ok
23:20:36.0927 0x1804 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
23:20:36.0958 0x1804 Filetrace - ok
23:20:37.0005 0x1804 [ 1CF8947766082AA117C11EBD3B095669, C1AA1527B67F14ABAA5D2919C467DEB29D977D26149C1C60F20BDB1651D4A8A3 ] FLCDLOCK c:\windows\SysWOW64\flcdlock.exe
23:20:37.0021 0x1804 FLCDLOCK - ok
23:20:37.0036 0x1804 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
23:20:37.0036 0x1804 flpydisk - ok
23:20:37.0067 0x1804 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
23:20:37.0083 0x1804 FltMgr - ok
23:20:37.0161 0x1804 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\windows\system32\FntCache.dll
23:20:37.0192 0x1804 FontCache - ok
23:20:37.0239 0x1804 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:20:37.0255 0x1804 FontCache3.0.0.0 - ok
23:20:37.0270 0x1804 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
23:20:37.0286 0x1804 FsDepends - ok
23:20:37.0317 0x1804 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
23:20:37.0317 0x1804 Fs_Rec - ok
23:20:37.0348 0x1804 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
23:20:37.0364 0x1804 fvevol - ok
23:20:37.0395 0x1804 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
23:20:37.0411 0x1804 gagp30kx - ok
23:20:37.0442 0x1804 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
23:20:37.0489 0x1804 gpsvc - ok
23:20:37.0504 0x1804 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
23:20:37.0520 0x1804 hcw85cir - ok
23:20:37.0551 0x1804 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
23:20:37.0582 0x1804 HdAudAddService - ok
23:20:37.0613 0x1804 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
23:20:37.0629 0x1804 HDAudBus - ok
23:20:37.0629 0x1804 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
23:20:37.0645 0x1804 HidBatt - ok
23:20:37.0660 0x1804 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
23:20:37.0676 0x1804 HidBth - ok
23:20:37.0691 0x1804 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\drivers\hidir.sys
23:20:37.0707 0x1804 HidIr - ok
23:20:37.0723 0x1804 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\system32\hidserv.dll
23:20:37.0754 0x1804 hidserv - ok
23:20:37.0785 0x1804 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
23:20:37.0816 0x1804 HidUsb - ok
23:20:37.0816 0x1804 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
23:20:37.0863 0x1804 hkmsvc - ok
23:20:37.0894 0x1804 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
23:20:37.0910 0x1804 HomeGroupListener - ok
23:20:37.0925 0x1804 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
23:20:37.0941 0x1804 HomeGroupProvider - ok
23:20:37.0988 0x1804 [ 44AD1D87919994161131D5FB16C5B551, 2548C2421D1D974C5AB7F02CE69E55365DDEDDC535701C38386A9AC7162E03D4 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
23:20:38.0003 0x1804 HP Power Assistant Service - ok
23:20:38.0113 0x1804 [ 13BB1114451C63BFB41BA7DAA4D70A29, A07D27DCD1D5F333973DDF7E91BF902307088C48696EE1D1970A0152A507231B ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
23:20:38.0128 0x1804 HP Support Assistant Service - ok
23:20:38.0237 0x1804 [ C90CA12F9B35A333A90D6D650F23C2E6, 7C85A30A3DBC744917574317A63A462263450CC5D6C980AAA34418C3D0D6FBBD ] hpCMSrv c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
23:20:38.0284 0x1804 hpCMSrv - ok
23:20:38.0315 0x1804 [ 7D2F0F709D88ED2617AFB0864D7B963E, 54BFEC3BFE0B04FC21CD5B92EC22621811A8B3A0E05B6A00529BBBB3B8103B7A ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys
23:20:38.0331 0x1804 hpdskflt - ok
23:20:38.0362 0x1804 [ DD37E7E39D9DE3C5CDDB8C8D2F95F76B, FA955E3EDB94F57E8433347A0AA48F2441D0DB482657A59D9AEE5C4746C0E626 ] HPEWSFXBULK C:\windows\system32\drivers\hpfx64bulk.sys
23:20:38.0378 0x1804 HPEWSFXBULK - ok
23:20:38.0425 0x1804 [ 0668EBBE2973286CE3A7A1638E9508B9, 50909FCC30EFEA8D37EEF4CA38D3528B14B794028B77C19BF293E980C87FD3CB ] HPFSService C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
23:20:38.0456 0x1804 HPFSService - ok
23:20:38.0471 0x1804 [ DD37E7E39D9DE3C5CDDB8C8D2F95F76B, FA955E3EDB94F57E8433347A0AA48F2441D0DB482657A59D9AEE5C4746C0E626 ] HPFXBULK C:\windows\system32\drivers\hpfx64bulk.sys
23:20:38.0471 0x1804 HPFXBULK - ok
23:20:38.0503 0x1804 [ 219C2A07FD07023D3905C332BF6F9BA8, D1648BB751909470D307A915F07B4F54282B94E159378CC7118D6F32478020E9 ] HPFXFAX C:\windows\system32\drivers\hpfx64fax.sys
23:20:38.0503 0x1804 HPFXFAX - ok
23:20:38.0565 0x1804 [ 3F26E373A2B7456764FBE7F449E0858B, D77DDC1C32F7834FA063C31C66CC6DD2CF3C79E2651D623FB3F4F28FA0AC1395 ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
23:20:38.0596 0x1804 hpHotkeyMonitor - ok
23:20:38.0705 0x1804 [ F50F7984FDD151EDD8A70A8DBD9E2A44, 45E7ECA40298B233D124993D6C9D4FBBF05E9A843F4DE089317342B3D8A83696 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
23:20:38.0721 0x1804 hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
23:20:41.0123 0x1804 Detect skipped due to KSN trusted
23:20:41.0123 0x1804 hpqcxs08 - ok
23:20:41.0155 0x1804 [ DF446BA625CC441617843E87798CE048, B45C11EEA7EA792DE82E9BB283B9DCF30F891AAB8366075856BD84D10BCBCCD3 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
23:20:41.0170 0x1804 hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
23:20:43.0573 0x1804 Detect skipped due to KSN trusted
23:20:43.0573 0x1804 hpqddsvc - ok
23:20:43.0635 0x1804 [ B98EE5D4535A685634B90F7E04DE0DF7, E37D26EF83B70E84742498D2F53037F83BE13F0E01484D85A20C872F1F02ADDA ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
23:20:43.0651 0x1804 HpqKbFiltr - ok
23:20:43.0775 0x1804 [ 0694690BD5BCCB0B02590638CC944199, FDB35B224E8B01DB1612FB93C865A0ADF6624B6F2A42D691F05CA005E7F08F64 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
23:20:43.0822 0x1804 hpqwmiex - ok
23:20:43.0853 0x1804 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
23:20:43.0869 0x1804 HpSAMD - ok
23:20:43.0885 0x1804 [ 21685DC7E55FE3A0BB74DDD1606843B8, AE293200DF3BF5C948CEB08C4D6EC973B8746E487275FF3D146FFAFE8D5D1E37 ] hpsrv C:\windows\system32\Hpservice.exe
23:20:43.0900 0x1804 hpsrv - ok
23:20:43.0994 0x1804 [ E60B8915796784DE61CE1AD17DDC5B17, 9724244852E169F65353457CA5F7D888D3C91A68ACB4DF953D50769C4550DB52 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
23:20:44.0009 0x1804 HPSupportSolutionsFrameworkService - ok
23:20:44.0056 0x1804 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\windows\system32\drivers\HTTP.sys
23:20:44.0087 0x1804 HTTP - ok
23:20:44.0134 0x1804 [ 1A5DA10E18FC2643E94C5DC7FA965868, C11CE8E3546F0AB20E50F90A57814D7BB6F3629A698A7E195EF9508FF529B413 ] hwdatacard C:\windows\system32\DRIVERS\ewusbmdm.sys
23:20:44.0150 0x1804 hwdatacard - ok
23:20:44.0165 0x1804 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
23:20:44.0181 0x1804 hwpolicy - ok
23:20:44.0212 0x1804 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
23:20:44.0212 0x1804 i8042prt - ok
23:20:44.0275 0x1804 [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor C:\windows\system32\drivers\iaStor.sys
23:20:44.0306 0x1804 iaStor - ok
23:20:44.0399 0x1804 [ 7DEC78C80C628E9D36883C06C3C07E3C, 79B37C7B2EEC6D4C8E99018A7B0280EC93F99E64FEFC2AF7A5D29236B008C887 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
23:20:44.0415 0x1804 IAStorDataMgrSvc - ok
23:20:44.0446 0x1804 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
23:20:44.0462 0x1804 iaStorV - ok
23:20:44.0555 0x1804 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:20:44.0602 0x1804 idsvc - ok
23:20:44.0696 0x1804 [ 65573D45033C7A2F3958B9CF050A1AE0, BEE0DDBE28861916CF34D17E682526CA254F45666CDA7D5D98BCF65865312F7C ] IFXSpMgtSrv c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
23:20:44.0711 0x1804 IFXSpMgtSrv - ok
23:20:44.0758 0x1804 [ 5A5FB6D983F8ED317CB2568F127B4B9E, AC0F72477B64C57DEE7C822D5D2E020D3BF935B88174A381930D3AE2027F9A48 ] IFXTCS c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
23:20:44.0774 0x1804 IFXTCS - ok
23:20:45.0148 0x1804 [ 3FB253E8059A1AAC3A8B83A31D094CC5, 4D4988BF7D81FB6D75CDB65E1E42AC72DA76D3F84712AA1A27428A6490E342D0 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
23:20:45.0523 0x1804 igfx - ok
23:20:45.0554 0x1804 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\drivers\iirsp.sys
23:20:45.0569 0x1804 iirsp - ok
23:20:45.0616 0x1804 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
23:20:45.0632 0x1804 IKEEXT - ok
23:20:45.0694 0x1804 [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
23:20:45.0725 0x1804 IntcDAud - ok
23:20:45.0803 0x1804 [ 0043EC20C06FD9FE339B5D37474B731E, E84A078BDBEC7EA29257D758030271B62F3ED2C954DC1EEECC5B24B39EDB2A59 ] Intel(R) Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
23:20:45.0835 0x1804 Intel(R) Capability Licensing Service Interface - ok
23:20:45.0881 0x1804 [ CAF14AD24DFE1C4ABE0D7DFF1C68D4E0, 89D0C85664D7189188E49F67E6D4D22EA8163306D3CAE27EA5B4A70977BA5611 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
23:20:45.0897 0x1804 Intel(R) ME Service - ok
23:20:45.0944 0x1804 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
23:20:45.0959 0x1804 intelide - ok
23:20:46.0006 0x1804 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
23:20:46.0022 0x1804 intelppm - ok
23:20:46.0053 0x1804 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
23:20:46.0084 0x1804 IPBusEnum - ok
23:20:46.0115 0x1804 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
23:20:46.0131 0x1804 IpFilterDriver - ok
23:20:46.0162 0x1804 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
23:20:46.0178 0x1804 iphlpsvc - ok
23:20:46.0225 0x1804 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
23:20:46.0240 0x1804 IPMIDRV - ok
23:20:46.0271 0x1804 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
23:20:46.0303 0x1804 IPNAT - ok
23:20:46.0318 0x1804 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
23:20:46.0334 0x1804 IRENUM - ok
23:20:46.0365 0x1804 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
23:20:46.0365 0x1804 isapnp - ok
23:20:46.0396 0x1804 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
23:20:46.0412 0x1804 iScsiPrt - ok
23:20:46.0443 0x1804 [ B2381712638B0B714D0EEAB9A1F7C640, 113BCA8868057156EFDC7C079171308C1EBA4F979C85EB1265F42F95A499B086 ] iusb3hcs C:\windows\system32\DRIVERS\iusb3hcs.sys
23:20:46.0459 0x1804 iusb3hcs - ok
23:20:46.0505 0x1804 [ FD2C6457232E95C014DAD21DEBC64867, 4CC4F488A2555761208D8401265788281B6EC76A8F16C8E115778E571450B90B ] iusb3hub C:\windows\system32\DRIVERS\iusb3hub.sys
23:20:46.0537 0x1804 iusb3hub - ok
23:20:46.0568 0x1804 [ F6A2B5D030BE7EDF8ADC12C9A40825A8, 03EFAFD6B7801D83D7689435DED8DC321D153AAC4FD69D46ED8C9D7E7F56B44A ] iusb3xhc C:\windows\system32\DRIVERS\iusb3xhc.sys
23:20:46.0599 0x1804 iusb3xhc - ok
23:20:46.0646 0x1804 [ 4E0B89D1F647166EC78FEF5430126EE0, B5D3876B3D80E955A0226EE864E7649CF3325CF41A5C9A80C277CF2F29A98C78 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
23:20:46.0661 0x1804 jhi_service - ok
23:20:46.0708 0x1804 [ 7DABE2B788FF1EB32E38838EC189361E, F891810BFEEA5A94558EA3D22AEE42E3C4D761BB7F7A8C53100F6FF7C65C74AD ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
23:20:46.0724 0x1804 JMCR - ok
23:20:46.0755 0x1804 [ 1542F0B31DD7193EF8C0606C018E19AF, FD68909AD7A8C0D8C640C9505982CB66F454AE61BC4EACDA3D0190CFCC42A10A ] johci C:\windows\system32\DRIVERS\johci.sys
23:20:46.0771 0x1804 johci - ok
23:20:46.0802 0x1804 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
23:20:46.0817 0x1804 kbdclass - ok
23:20:46.0833 0x1804 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
23:20:46.0849 0x1804 kbdhid - ok
23:20:46.0895 0x1804 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] KeyIso C:\windows\system32\lsass.exe
23:20:46.0895 0x1804 KeyIso - ok
23:20:46.0942 0x1804 [ F7DFAE6040AC910B7C64EE208A34157D, AEF1100F12391692D9DB78519D843A90C97E199A80DDC4D43E3AF1919A9E8E56 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
23:20:46.0958 0x1804 KSecDD - ok
23:20:46.0989 0x1804 [ 8FE94F2EF9BF444E93E35D87E210D02F, 78E8F6FD7C1EA3556194947707BE6893538A9E25A550C22045866C5B30251D14 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
23:20:47.0020 0x1804 KSecPkg - ok
23:20:47.0036 0x1804 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
23:20:47.0067 0x1804 ksthunk - ok
23:20:47.0098 0x1804 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
23:20:47.0145 0x1804 KtmRm - ok
23:20:47.0192 0x1804 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\system32\srvsvc.dll
23:20:47.0239 0x1804 LanmanServer - ok
23:20:47.0270 0x1804 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
23:20:47.0285 0x1804 LanmanWorkstation - ok
23:20:47.0317 0x1804 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
23:20:47.0348 0x1804 lltdio - ok
23:20:47.0379 0x1804 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
23:20:47.0410 0x1804 lltdsvc - ok
23:20:47.0426 0x1804 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
23:20:47.0441 0x1804 lmhosts - ok
23:20:47.0488 0x1804 [ 23C20B19120BE3394EB7968ABD755A2D, CFE9E26BF3FAD87DE03B9BD925229FC494C2F5426A8FCFBDB15D5A8C4A8B4920 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:20:47.0488 0x1804 LMS - ok
23:20:47.0535 0x1804 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
23:20:47.0535 0x1804 LSI_FC - ok
23:20:47.0582 0x1804 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
23:20:47.0582 0x1804 LSI_SAS - ok
23:20:47.0597 0x1804 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
23:20:47.0613 0x1804 LSI_SAS2 - ok
23:20:47.0629 0x1804 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
23:20:47.0644 0x1804 LSI_SCSI - ok
23:20:47.0675 0x1804 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
23:20:47.0707 0x1804 luafv - ok
23:20:47.0738 0x1804 [ 7AEAC0B5B185CB5601673A0462C7EC36, B79FB5094F32F11CE2969CD08DB0EBC695D150BA2200179EB6C3BBAEEDB857B2 ] massfilter C:\windows\system32\drivers\massfilter.sys
23:20:47.0753 0x1804 massfilter - ok
23:20:47.0863 0x1804 [ 0132C4FDA78D5EE802A0863DE8E0CE55, A6A0B4B4A0AAB9672639EBF341F04C5207A0A1360BB7C1A8EF05EF3041473B8F ] McAfee Endpoint Encryption Agent C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
23:20:47.0894 0x1804 McAfee Endpoint Encryption Agent - detected UnsignedFile.Multi.Generic ( 1 )
23:20:50.0265 0x1804 Detect skipped due to KSN trusted
23:20:50.0265 0x1804 McAfee Endpoint Encryption Agent - ok
23:20:50.0312 0x1804 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
23:20:50.0343 0x1804 Mcx2Svc - ok
23:20:50.0374 0x1804 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\drivers\megasas.sys
23:20:50.0374 0x1804 megasas - ok
23:20:50.0405 0x1804 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
23:20:50.0421 0x1804 MegaSR - ok
23:20:50.0452 0x1804 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
23:20:50.0468 0x1804 MEIx64 - ok
23:20:50.0499 0x1804 [ C103DD142A50BFE41A6D764674442915, 723DF0FE715E331A0ED81271659DF86E9988D856CF6870C411F2FBC3D6B58066 ] MfeEpeOpal C:\windows\system32\drivers\MfeEpeOpal.sys
23:20:50.0530 0x1804 MfeEpeOpal - ok
23:20:50.0546 0x1804 [ F0607F935514B08FC3999E9C24363701, 5ACF58AE5C992971EC490DD16FEAC5C8FB112D6F02F65DC9381356AEF7802C54 ] MfeEpePc C:\windows\system32\drivers\MfeEpePc.sys
23:20:50.0561 0x1804 MfeEpePc - ok
23:20:50.0593 0x1804 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
23:20:50.0639 0x1804 MMCSS - ok
23:20:50.0671 0x1804 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
23:20:50.0686 0x1804 Modem - ok
23:20:50.0717 0x1804 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
23:20:50.0717 0x1804 monitor - ok
23:20:50.0749 0x1804 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
23:20:50.0749 0x1804 mouclass - ok
23:20:50.0795 0x1804 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
23:20:50.0795 0x1804 mouhid - ok
23:20:50.0858 0x1804 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\windows\system32\drivers\mountmgr.sys
23:20:50.0873 0x1804 mountmgr - ok
23:20:50.0936 0x1804 [ EB4B5C8AB9DA5585CCC975CD3D072115, BEED5B7478F92C9FB1BBB62FFCEB5321A5C12A7C1AA9B20151BF22064589CD46 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:20:50.0951 0x1804 MozillaMaintenance - ok
23:20:50.0983 0x1804 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
23:20:50.0983 0x1804 mpio - ok
23:20:51.0014 0x1804 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
23:20:51.0029 0x1804 mpsdrv - ok
23:20:51.0092 0x1804 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
23:20:51.0139 0x1804 MpsSvc - ok
23:20:51.0185 0x1804 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
23:20:51.0201 0x1804 MRxDAV - ok
23:20:51.0232 0x1804 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
23:20:51.0248 0x1804 mrxsmb - ok
23:20:51.0263 0x1804 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
23:20:51.0279 0x1804 mrxsmb10 - ok
23:20:51.0295 0x1804 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
23:20:51.0310 0x1804 mrxsmb20 - ok
23:20:51.0341 0x1804 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
23:20:51.0357 0x1804 msahci - ok
23:20:51.0388 0x1804 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
23:20:51.0404 0x1804 msdsm - ok
23:20:51.0451 0x1804 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
23:20:51.0466 0x1804 MSDTC - ok
23:20:51.0513 0x1804 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
23:20:51.0544 0x1804 Msfs - ok
23:20:51.0560 0x1804 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
23:20:51.0591 0x1804 mshidkmdf - ok
23:20:51.0622 0x1804 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
23:20:51.0638 0x1804 msisadrv - ok
23:20:51.0669 0x1804 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
23:20:51.0685 0x1804 MSiSCSI - ok
23:20:51.0700 0x1804 msiserver - ok
23:20:51.0731 0x1804 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
23:20:51.0747 0x1804 MSKSSRV - ok
23:20:51.0763 0x1804 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
23:20:51.0778 0x1804 MSPCLOCK - ok
23:20:51.0794 0x1804 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
23:20:51.0825 0x1804 MSPQM - ok
23:20:51.0841 0x1804 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
23:20:51.0856 0x1804 MsRPC - ok
23:20:51.0872 0x1804 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
23:20:51.0887 0x1804 mssmbios - ok
23:20:51.0887 0x1804 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
23:20:51.0919 0x1804 MSTEE - ok
23:20:51.0934 0x1804 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
23:20:51.0934 0x1804 MTConfig - ok
23:20:51.0950 0x1804 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
23:20:51.0965 0x1804 Mup - ok
23:20:51.0997 0x1804 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
23:20:52.0028 0x1804 napagent - ok
23:20:52.0059 0x1804 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
23:20:52.0075 0x1804 NativeWifiP - ok
23:20:52.0121 0x1804 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\windows\system32\drivers\ndis.sys
23:20:52.0137 0x1804 NDIS - ok
23:20:52.0153 0x1804 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
23:20:52.0184 0x1804 NdisCap - ok
23:20:52.0199 0x1804 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
23:20:52.0231 0x1804 NdisTapi - ok
23:20:52.0231 0x1804 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
23:20:52.0262 0x1804 Ndisuio - ok
23:20:52.0293 0x1804 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
23:20:52.0309 0x1804 NdisWan - ok
23:20:52.0324 0x1804 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
23:20:52.0355 0x1804 NDProxy - ok
23:20:52.0418 0x1804 [ 00BF813976F87A012DF7C44E0B91F750, 05FE8218894460471E61AD62E18624497156CCAC6DBCAF693B563310468B09A6 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:20:52.0418 0x1804 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
23:20:54.0805 0x1804 Detect skipped due to KSN trusted
23:20:54.0805 0x1804 Net Driver HPZ12 - ok
23:20:54.0867 0x1804 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
23:20:54.0914 0x1804 NetBIOS - ok
23:20:54.0929 0x1804 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
23:20:54.0961 0x1804 NetBT - ok
23:20:54.0976 0x1804 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] Netlogon C:\windows\system32\lsass.exe
23:20:54.0992 0x1804 Netlogon - ok
23:20:55.0039 0x1804 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
23:20:55.0085 0x1804 Netman - ok
23:20:55.0148 0x1804 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:20:55.0179 0x1804 NetMsmqActivator - ok
23:20:55.0195 0x1804 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:20:55.0195 0x1804 NetPipeActivator - ok
23:20:55.0226 0x1804 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
23:20:55.0273 0x1804 netprofm - ok
23:20:55.0273 0x1804 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:20:55.0288 0x1804 NetTcpActivator - ok
23:20:55.0288 0x1804 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:20:55.0304 0x1804 NetTcpPortSharing - ok
23:20:55.0319 0x1804 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
23:20:55.0319 0x1804 nfrd960 - ok
23:20:55.0366 0x1804 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\windows\System32\nlasvc.dll
23:20:55.0397 0x1804 NlaSvc - ok
23:20:55.0429 0x1804 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
23:20:55.0460 0x1804 Npfs - ok
23:20:55.0475 0x1804 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
23:20:55.0507 0x1804 nsi - ok
23:20:55.0507 0x1804 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
23:20:55.0522 0x1804 nsiproxy - ok
23:20:55.0585 0x1804 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
23:20:55.0631 0x1804 Ntfs - ok
23:20:55.0647 0x1804 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
23:20:55.0678 0x1804 Null - ok
23:20:55.0709 0x1804 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
23:20:55.0725 0x1804 nvraid - ok
23:20:55.0741 0x1804 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
23:20:55.0756 0x1804 nvstor - ok
23:20:55.0787 0x1804 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
23:20:55.0819 0x1804 nv_agp - ok
23:20:55.0819 0x1804 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
23:20:55.0834 0x1804 ohci1394 - ok
23:20:55.0881 0x1804 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
23:20:55.0912 0x1804 p2pimsvc - ok
23:20:55.0928 0x1804 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
23:20:55.0943 0x1804 p2psvc - ok
23:20:55.0975 0x1804 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\DRIVERS\parport.sys
23:20:55.0990 0x1804 Parport - ok
23:20:56.0021 0x1804 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
23:20:56.0021 0x1804 partmgr - ok
23:20:56.0068 0x1804 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\windows\System32\pcasvc.dll
23:20:56.0099 0x1804 PcaSvc - ok
23:20:56.0115 0x1804 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
23:20:56.0131 0x1804 pci - ok
23:20:56.0177 0x1804 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
23:20:56.0193 0x1804 pciide - ok
23:20:56.0224 0x1804 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
23:20:56.0240 0x1804 pcmcia - ok
23:20:56.0255 0x1804 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
23:20:56.0287 0x1804 pcw - ok
23:20:56.0333 0x1804 [ BAF3216DDAA12E66EBBB31760E02BC14, 668AE32CAF8E64F225DA9515F564469ED3F0B8D23A35C2E0B09CD1ECBFD0050C ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
23:20:56.0365 0x1804 PdiService - ok
23:20:56.0411 0x1804 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\windows\system32\drivers\peauth.sys
23:20:56.0443 0x1804 PEAUTH - ok
23:20:56.0521 0x1804 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\windows\system32\peerdistsvc.dll
23:20:56.0552 0x1804 PeerDistSvc - ok
23:20:56.0614 0x1804 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
23:20:56.0630 0x1804 PerfHost - ok
23:20:56.0708 0x1804 [ F20612DF7E12DE3A087D0F44CC545FB1, 2B5693B2C77B990362F69598B8FE3601065A34EEED8F829F35796B0148D797DB ] PersonalSecureDrive C:\windows\System32\drivers\psd.sys
23:20:56.0723 0x1804 PersonalSecureDrive - ok
23:20:56.0801 0x1804 [ 452266D6A7C4537F3382C69495A06F75, 23B30181A728EB148C413DCFE7C1257AF56C7487F07124783B365CD0917445FF ] PersonalSecureDriveService c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
23:20:56.0817 0x1804 PersonalSecureDriveService - ok
23:20:56.0879 0x1804 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
23:20:56.0926 0x1804 pla - ok
23:20:56.0989 0x1804 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
23:20:57.0020 0x1804 PlugPlay - ok
23:20:57.0067 0x1804 [ 0272AE40FE4C117E43F2F24820F93AA5, EECE10CA064D4A6C4ACB6F8AE98C886B19485B15D5EC5104F2A3FC3561C361BF ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:20:57.0067 0x1804 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
23:20:59.0453 0x1804 Detect skipped due to KSN trusted
23:20:59.0453 0x1804 Pml Driver HPZ12 - ok
23:20:59.0500 0x1804 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
23:20:59.0516 0x1804 PNRPAutoReg - ok
23:20:59.0547 0x1804 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
23:20:59.0578 0x1804 PNRPsvc - ok
23:20:59.0609 0x1804 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
23:20:59.0656 0x1804 PolicyAgent - ok
23:20:59.0672 0x1804 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\windows\system32\umpo.dll
23:20:59.0687 0x1804 Power - ok
23:20:59.0719 0x1804 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
23:20:59.0734 0x1804 PptpMiniport - ok
23:20:59.0765 0x1804 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\drivers\processr.sys
23:20:59.0765 0x1804 Processor - ok
23:20:59.0797 0x1804 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\windows\system32\profsvc.dll
23:20:59.0812 0x1804 ProfSvc - ok
23:20:59.0828 0x1804 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] ProtectedStorage C:\windows\system32\lsass.exe
23:20:59.0828 0x1804 ProtectedStorage - ok
23:20:59.0859 0x1804 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
23:20:59.0890 0x1804 Psched - ok
23:20:59.0906 0x1804 [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio C:\windows\system32\pwdrvio.sys
23:20:59.0921 0x1804 pwdrvio - ok
23:20:59.0968 0x1804 [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio C:\windows\system32\pwdspio.sys
23:20:59.0984 0x1804 pwdspio - ok
23:21:00.0077 0x1804 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\drivers\ql2300.sys
23:21:00.0124 0x1804 ql2300 - ok
23:21:00.0140 0x1804 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\drivers\ql40xx.sys
23:21:00.0155 0x1804 ql40xx - ok
23:21:00.0187 0x1804 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
23:21:00.0202 0x1804 QWAVE - ok
23:21:00.0218 0x1804 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
23:21:00.0233 0x1804 QWAVEdrv - ok
23:21:00.0249 0x1804 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
23:21:00.0265 0x1804 RasAcd - ok
23:21:00.0311 0x1804 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
23:21:00.0327 0x1804 RasAgileVpn - ok
23:21:00.0358 0x1804 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
23:21:00.0374 0x1804 RasAuto - ok
23:21:00.0389 0x1804 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
23:21:00.0421 0x1804 Rasl2tp - ok
23:21:00.0467 0x1804 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
23:21:00.0530 0x1804 RasMan - ok
23:21:00.0545 0x1804 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
23:21:00.0577 0x1804 RasPppoe - ok
23:21:00.0577 0x1804 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
23:21:00.0608 0x1804 RasSstp - ok
23:21:00.0623 0x1804 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
23:21:00.0655 0x1804 rdbss - ok
23:21:00.0655 0x1804 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\drivers\rdpbus.sys
23:21:00.0670 0x1804 rdpbus - ok
23:21:00.0670 0x1804 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
23:21:00.0701 0x1804 RDPCDD - ok
23:21:00.0733 0x1804 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\windows\system32\drivers\rdpdr.sys
23:21:00.0748 0x1804 RDPDR - ok
23:21:00.0779 0x1804 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
23:21:00.0826 0x1804 RDPENCDD - ok
23:21:00.0842 0x1804 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
23:21:00.0873 0x1804 RDPREFMP - ok
23:21:00.0935 0x1804 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
23:21:00.0951 0x1804 RdpVideoMiniport - ok
23:21:00.0998 0x1804 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
23:21:01.0029 0x1804 RDPWD - ok
23:21:01.0076 0x1804 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
23:21:01.0091 0x1804 rdyboost - ok
23:21:01.0123 0x1804 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
23:21:01.0154 0x1804 RemoteAccess - ok
23:21:01.0201 0x1804 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
23:21:01.0247 0x1804 RemoteRegistry - ok
23:21:01.0294 0x1804 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
23:21:01.0310 0x1804 RFCOMM - ok
23:21:01.0341 0x1804 [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb C:\windows\system32\Drivers\RimUsb_AMD64.sys
23:21:01.0357 0x1804 RimUsb - ok
23:21:01.0372 0x1804 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
23:21:01.0403 0x1804 RpcEptMapper - ok
23:21:01.0435 0x1804 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
23:21:01.0435 0x1804 RpcLocator - ok
23:21:01.0466 0x1804 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
23:21:01.0497 0x1804 RpcSs - ok
23:21:01.0513 0x1804 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
23:21:01.0544 0x1804 rspndr - ok
23:21:01.0575 0x1804 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\windows\system32\drivers\vms3cap.sys
23:21:01.0591 0x1804 s3cap - ok
23:21:01.0606 0x1804 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] SamSs C:\windows\system32\lsass.exe
23:21:01.0622 0x1804 SamSs - ok
23:21:01.0637 0x1804 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
23:21:01.0653 0x1804 sbp2port - ok
23:21:01.0684 0x1804 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
23:21:01.0715 0x1804 SCardSvr - ok
23:21:01.0731 0x1804 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
23:21:01.0747 0x1804 scfilter - ok
23:21:01.0793 0x1804 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll
23:21:01.0840 0x1804 Schedule - ok
23:21:01.0856 0x1804 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
23:21:01.0871 0x1804 SCPolicySvc - ok
23:21:01.0903 0x1804 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
23:21:01.0918 0x1804 sdbus - ok
23:21:01.0934 0x1804 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
23:21:01.0949 0x1804 SDRSVC - ok
23:21:01.0981 0x1804 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
23:21:02.0012 0x1804 secdrv - ok
23:21:02.0027 0x1804 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
23:21:02.0043 0x1804 seclogon - ok
23:21:02.0074 0x1804 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll
23:21:02.0121 0x1804 SENS - ok
23:21:02.0137 0x1804 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
23:21:02.0152 0x1804 SensrSvc - ok
23:21:02.0183 0x1804 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
23:21:02.0199 0x1804 Serenum - ok
23:21:02.0199 0x1804 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\DRIVERS\serial.sys
23:21:02.0215 0x1804 Serial - ok
23:21:02.0246 0x1804 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\drivers\sermouse.sys
23:21:02.0261 0x1804 sermouse - ok
23:21:02.0277 0x1804 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
23:21:02.0308 0x1804 SessionEnv - ok
23:21:02.0324 0x1804 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
23:21:02.0339 0x1804 sffdisk - ok
23:21:02.0355 0x1804 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
23:21:02.0371 0x1804 sffp_mmc - ok
23:21:02.0386 0x1804 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
23:21:02.0402 0x1804 sffp_sd - ok
23:21:02.0402 0x1804 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
23:21:02.0417 0x1804 sfloppy - ok
23:21:02.0449 0x1804 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
23:21:02.0480 0x1804 SharedAccess - ok
23:21:02.0511 0x1804 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
23:21:02.0542 0x1804 ShellHWDetection - ok
23:21:02.0573 0x1804 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
23:21:02.0573 0x1804 SiSRaid2 - ok
23:21:02.0589 0x1804 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
23:21:02.0605 0x1804 SiSRaid4 - ok
23:21:02.0636 0x1804 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
23:21:02.0667 0x1804 Smb - ok
23:21:02.0698 0x1804 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
23:21:02.0698 0x1804 SNMPTRAP - ok
23:21:02.0729 0x1804 [ C450A8C90FB55A46519E0A9014FDE0C8, 52AF33D32C5CF368117AD48B4481A1419A1D1392621ACDAB7448D80DF2A34EBD ] Spfd C:\windows\system32\DRIVERS\Spfd.sys
23:21:02.0729 0x1804 Spfd - ok
23:21:02.0761 0x1804 [ 11BA2195FA3AF8B8959AEF94A4824D04, 134F37CBCE85AD9A3376B96794125003CC032221999A605A69023EFEEC3D4F08 ] SpfdBus C:\windows\system32\DRIVERS\SpfdBus.sys
23:21:02.0761 0x1804 SpfdBus - ok
23:21:02.0792 0x1804 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
23:21:02.0792 0x1804 spldr - ok
23:21:02.0823 0x1804 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
23:21:02.0854 0x1804 Spooler - ok
23:21:02.0979 0x1804 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
23:21:03.0057 0x1804 sppsvc - ok
23:21:03.0104 0x1804 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
23:21:03.0119 0x1804 sppuinotify - ok
23:21:03.0197 0x1804 [ E3E187646E491A8175F759A465A9B767, D1867FD304A1420C2D5B9B01B4EADF1C899E75D8E257A731EA9299FE2CF49120 ] SPUVCbv C:\windows\system32\Drivers\SPUVCbv_x64.sys
23:21:03.0244 0x1804 SPUVCbv - ok
23:21:03.0275 0x1804 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
23:21:03.0291 0x1804 srv - ok
23:21:03.0307 0x1804 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
23:21:03.0322 0x1804 srv2 - ok
23:21:03.0338 0x1804 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
23:21:03.0338 0x1804 srvnet - ok
23:21:03.0385 0x1804 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
23:21:03.0447 0x1804 SSDPSRV - ok
23:21:03.0463 0x1804 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
23:21:03.0494 0x1804 SstpSvc - ok
23:21:03.0541 0x1804 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\windows\system32\DRIVERS\ssudmdm.sys
23:21:03.0572 0x1804 ssudmdm - ok
23:21:03.0665 0x1804 [ 78AA0311C611F2537ACD4DD3C839E83D, 2E597D2F507AAA398AD0AE5D9A34794249DCBA00E391284F89BA91A16C82F957 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
23:21:03.0697 0x1804 STacSV - ok
23:21:03.0728 0x1804 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\drivers\stexstor.sys
23:21:03.0743 0x1804 stexstor - ok
23:21:03.0775 0x1804 [ 9F21BBDA0227A08C86175C2AB5F17F70, 0077CD130DFB69C236823EFED495E1D74D8368DD34C5EE6A8435FEADA4F9EB94 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
23:21:03.0806 0x1804 STHDA - ok
23:21:03.0837 0x1804 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
23:21:03.0853 0x1804 stisvc - ok
23:21:03.0868 0x1804 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\windows\system32\drivers\vmstorfl.sys
23:21:03.0884 0x1804 storflt - ok
23:21:03.0915 0x1804 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\windows\system32\storsvc.dll
23:21:03.0931 0x1804 StorSvc - ok
23:21:03.0962 0x1804 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\windows\system32\drivers\storvsc.sys
23:21:03.0993 0x1804 storvsc - ok
23:21:04.0009 0x1804 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\drivers\swenum.sys
23:21:04.0009 0x1804 swenum - ok
23:21:04.0071 0x1804 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
23:21:04.0118 0x1804 swprv - ok
23:21:04.0196 0x1804 [ 2CD7E4392A5E98FA1281B22F62A48E04, 6C0B0436C4BC2B083CEA0E22726A8855AF5FFD63FB9EF32CD82960AA9BEE0BE6 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
23:21:04.0227 0x1804 SynTP - ok
23:21:04.0289 0x1804 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll
23:21:04.0336 0x1804 SysMain - ok
23:21:04.0352 0x1804 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
23:21:04.0352 0x1804 TabletInputService - ok
23:21:04.0383 0x1804 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
23:21:04.0414 0x1804 TapiSrv - ok
23:21:04.0430 0x1804 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
23:21:04.0461 0x1804 TBS - ok
23:21:04.0523 0x1804 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys
23:21:04.0570 0x1804 Tcpip - ok
23:21:04.0617 0x1804 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
23:21:04.0664 0x1804 TCPIP6 - ok
23:21:04.0695 0x1804 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
23:21:04.0711 0x1804 tcpipreg - ok
23:21:04.0742 0x1804 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
23:21:04.0773 0x1804 TDPIPE - ok
23:21:04.0789 0x1804 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
23:21:04.0804 0x1804 TDTCP - ok
23:21:04.0851 0x1804 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\windows\system32\DRIVERS\tdx.sys
23:21:04.0882 0x1804 tdx - ok
23:21:04.0898 0x1804 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\drivers\termdd.sys
23:21:04.0913 0x1804 TermDD - ok
23:21:04.0976 0x1804 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
23:21:05.0007 0x1804 TermService - ok
23:21:05.0023 0x1804 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
23:21:05.0038 0x1804 Themes - ok
23:21:05.0054 0x1804 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
23:21:05.0085 0x1804 THREADORDER - ok
23:21:05.0116 0x1804 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\windows\system32\drivers\tpm.sys
23:21:05.0132 0x1804 TPM - ok
23:21:05.0163 0x1804 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
23:21:05.0210 0x1804 TrkWks - ok
23:21:05.0257 0x1804 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
23:21:05.0288 0x1804 TrustedInstaller - ok
23:21:05.0319 0x1804 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
23:21:05.0335 0x1804 tssecsrv - ok
23:21:05.0381 0x1804 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
23:21:05.0397 0x1804 TsUsbFlt - ok
23:21:05.0413 0x1804 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
23:21:05.0428 0x1804 TsUsbGD - ok
23:21:05.0491 0x1804 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
23:21:05.0522 0x1804 tunnel - ok
23:21:05.0553 0x1804 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\drivers\uagp35.sys
23:21:05.0553 0x1804 uagp35 - ok
23:21:05.0584 0x1804 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
23:21:05.0615 0x1804 udfs - ok
23:21:05.0647 0x1804 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
23:21:05.0662 0x1804 UI0Detect - ok
23:21:05.0693 0x1804 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
23:21:05.0709 0x1804 uliagpkx - ok
23:21:05.0740 0x1804 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys
23:21:05.0756 0x1804 umbus - ok
23:21:05.0787 0x1804 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\drivers\umpass.sys
23:21:05.0803 0x1804 UmPass - ok
23:21:05.0834 0x1804 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\windows\System32\umrdp.dll
23:21:05.0849 0x1804 UmRdpService - ok
23:21:05.0927 0x1804 [ 25F4EFE9D0624C7C7B0EC823DE901BF3, 4B7E4E2D2A25EC9B1AE20863357CD1F7FA3EB073ABCB3F31DB230B5192C9FC4D ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
23:21:05.0959 0x1804 UNS - ok
23:21:05.0990 0x1804 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
23:21:06.0021 0x1804 upnphost - ok
23:21:06.0052 0x1804 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
23:21:06.0068 0x1804 usbaudio - ok
23:21:06.0099 0x1804 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
23:21:06.0130 0x1804 usbccgp - ok
23:21:06.0146 0x1804 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
23:21:06.0161 0x1804 usbcir - ok
23:21:06.0193 0x1804 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\drivers\usbehci.sys
23:21:06.0224 0x1804 usbehci - ok
23:21:06.0255 0x1804 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
23:21:06.0286 0x1804 usbhub - ok
23:21:06.0302 0x1804 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\drivers\usbohci.sys
23:21:06.0317 0x1804 usbohci - ok
23:21:06.0333 0x1804 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
23:21:06.0349 0x1804 usbprint - ok
23:21:06.0380 0x1804 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
23:21:06.0395 0x1804 usbscan - ok
23:21:06.0427 0x1804 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
23:21:06.0458 0x1804 USBSTOR - ok
23:21:06.0473 0x1804 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
23:21:06.0489 0x1804 usbuhci - ok
23:21:06.0520 0x1804 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
23:21:06.0551 0x1804 usbvideo - ok
23:21:06.0583 0x1804 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
23:21:06.0614 0x1804 UxSms - ok
23:21:06.0629 0x1804 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] VaultSvc C:\windows\system32\lsass.exe
23:21:06.0629 0x1804 VaultSvc - ok
23:21:06.0754 0x1804 [ EF3BD2119454883B0D5463AD5327DD10, 3A9BE7DFAFA11F6DDD0E2BC9AF461CD14EE2C9480551661D8BF4BB6F348C34A6 ] vcsFPService C:\windows\system32\vcsFPService.exe
23:21:06.0801 0x1804 vcsFPService - ok
23:21:06.0832 0x1804 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
23:21:06.0832 0x1804 vdrvroot - ok
23:21:06.0879 0x1804 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
23:21:06.0910 0x1804 vds - ok
23:21:06.0941 0x1804 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
23:21:06.0957 0x1804 vga - ok
23:21:06.0973 0x1804 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
23:21:06.0988 0x1804 VgaSave - ok
23:21:07.0019 0x1804 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
23:21:07.0019 0x1804 vhdmp - ok
23:21:07.0066 0x1804 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
23:21:07.0082 0x1804 viaide - ok
23:21:07.0113 0x1804 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\windows\system32\drivers\vmbus.sys
23:21:07.0129 0x1804 vmbus - ok
23:21:07.0144 0x1804 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\windows\system32\drivers\VMBusHID.sys
23:21:07.0160 0x1804 VMBusHID - ok
23:21:07.0207 0x1804 VMCService - ok
23:21:07.0222 0x1804 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
23:21:07.0238 0x1804 volmgr - ok
23:21:07.0269 0x1804 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
23:21:07.0285 0x1804 volmgrx - ok
23:21:07.0316 0x1804 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\windows\system32\drivers\volsnap.sys
23:21:07.0316 0x1804 volsnap - ok
23:21:07.0363 0x1804 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\drivers\vsmraid.sys
23:21:07.0363 0x1804 vsmraid - ok
23:21:07.0425 0x1804 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
23:21:07.0487 0x1804 VSS - ok
23:21:07.0503 0x1804 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
23:21:07.0519 0x1804 vwifibus - ok
23:21:07.0534 0x1804 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
23:21:07.0534 0x1804 vwififlt - ok
23:21:07.0581 0x1804 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
23:21:07.0597 0x1804 vwifimp - ok
23:21:07.0643 0x1804 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
23:21:07.0675 0x1804 W32Time - ok
23:21:07.0690 0x1804 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\drivers\wacompen.sys
23:21:07.0706 0x1804 WacomPen - ok
23:21:07.0753 0x1804 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
23:21:07.0784 0x1804 WANARP - ok
23:21:07.0784 0x1804 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
23:21:07.0799 0x1804 Wanarpv6 - ok
23:21:07.0877 0x1804 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
23:21:07.0924 0x1804 wbengine - ok
23:21:07.0940 0x1804 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
23:21:07.0955 0x1804 WbioSrvc - ok
23:21:07.0987 0x1804 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
23:21:08.0002 0x1804 wcncsvc - ok
23:21:08.0018 0x1804 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
23:21:08.0033 0x1804 WcsPlugInService - ok
23:21:08.0049 0x1804 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\drivers\wd.sys
23:21:08.0065 0x1804 Wd - ok
23:21:08.0111 0x1804 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
23:21:08.0127 0x1804 Wdf01000 - ok
23:21:08.0174 0x1804 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\windows\system32\wdi.dll
23:21:08.0189 0x1804 WdiServiceHost - ok
23:21:08.0189 0x1804 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\windows\system32\wdi.dll
23:21:08.0205 0x1804 WdiSystemHost - ok
23:21:08.0236 0x1804 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\windows\System32\webclnt.dll
23:21:08.0252 0x1804 WebClient - ok
23:21:08.0267 0x1804 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
23:21:08.0299 0x1804 Wecsvc - ok
23:21:08.0299 0x1804 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
23:21:08.0330 0x1804 wercplsupport - ok
23:21:08.0361 0x1804 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
23:21:08.0377 0x1804 WerSvc - ok
23:21:08.0408 0x1804 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
23:21:08.0439 0x1804 WfpLwf - ok
23:21:08.0455 0x1804 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
23:21:08.0455 0x1804 WIMMount - ok
23:21:08.0486 0x1804 WinDefend - ok
23:21:08.0486 0x1804 WinHttpAutoProxySvc - ok
23:21:08.0548 0x1804 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
23:21:08.0595 0x1804 Winmgmt - ok
23:21:08.0704 0x1804 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\windows\system32\WsmSvc.dll
23:21:08.0751 0x1804 WinRM - ok
23:21:08.0813 0x1804 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB C:\windows\system32\DRIVERS\WinUsb.sys
23:21:08.0829 0x1804 WinUSB - ok
23:21:08.0907 0x1804 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
23:21:08.0923 0x1804 Wlansvc - ok
23:21:08.0954 0x1804 [ 2107201D4B0D471B20FA62C8BBE3143F, 0CCC16ECD538437616C1E512CA89A75D74F9409D50578C852AC5E2120FF842E1 ] wltrysvc C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
23:21:08.0969 0x1804 wltrysvc - detected UnsignedFile.Multi.Generic ( 1 )
23:21:11.0341 0x1804 Detect skipped due to KSN trusted
23:21:11.0341 0x1804 wltrysvc - ok
23:21:11.0403 0x1804 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
23:21:11.0419 0x1804 WmiAcpi - ok
23:21:11.0465 0x1804 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
23:21:11.0481 0x1804 wmiApSrv - ok
23:21:11.0512 0x1804 WMPNetworkSvc - ok
23:21:11.0543 0x1804 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
23:21:11.0543 0x1804 WPCSvc - ok
23:21:11.0575 0x1804 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
23:21:11.0590 0x1804 WPDBusEnum - ok
23:21:11.0606 0x1804 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
23:21:11.0653 0x1804 ws2ifsl - ok
23:21:11.0668 0x1804 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll
23:21:11.0684 0x1804 wscsvc - ok
23:21:11.0684 0x1804 WSearch - ok
23:21:11.0793 0x1804 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\windows\system32\wuaueng.dll
23:21:11.0871 0x1804 wuauserv - ok
23:21:11.0902 0x1804 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
23:21:11.0918 0x1804 WudfPf - ok
23:21:11.0949 0x1804 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
23:21:11.0949 0x1804 WUDFRd - ok
23:21:11.0980 0x1804 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
23:21:11.0996 0x1804 wudfsvc - ok
23:21:12.0011 0x1804 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
23:21:12.0027 0x1804 WwanSvc - ok
23:21:12.0058 0x1804 [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbmdm6k C:\windows\system32\DRIVERS\ZTEusbmdm6k.sys
23:21:12.0074 0x1804 ZTEusbmdm6k - ok
23:21:12.0105 0x1804 [ 9E74E0D096F8023A68A262A012153182, 133EE39960D9F9E7A24566B5784E8E247ABC0F127CAC7AFA1CF5A4E2C9CC7A9F ] ZTEusbnet C:\windows\system32\DRIVERS\ZTEusbnet.sys
23:21:12.0121 0x1804 ZTEusbnet - ok
23:21:12.0152 0x1804 [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbnmea C:\windows\system32\DRIVERS\ZTEusbnmea.sys
23:21:12.0152 0x1804 ZTEusbnmea - ok
23:21:12.0183 0x1804 [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbser6k C:\windows\system32\DRIVERS\ZTEusbser6k.sys
23:21:12.0199 0x1804 ZTEusbser6k - ok
23:21:12.0245 0x1804 [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbvoice C:\windows\system32\DRIVERS\ZTEusbvoice.sys
23:21:12.0261 0x1804 ZTEusbvoice - ok
23:21:12.0292 0x1804 ================ Scan global ===============================
23:21:12.0308 0x1804 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
23:21:12.0355 0x1804 [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\windows\system32\winsrv.dll
23:21:12.0370 0x1804 [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\windows\system32\winsrv.dll
23:21:12.0401 0x1804 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
23:21:12.0448 0x1804 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
23:21:12.0464 0x1804 [ Global ] - ok
23:21:12.0464 0x1804 ================ Scan MBR ==================================
23:21:12.0479 0x1804 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:21:13.0306 0x1804 \Device\Harddisk0\DR0 - ok
23:21:13.0322 0x1804 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk2\DR25
23:21:13.0493 0x1804 \Device\Harddisk2\DR25 - ok
23:21:13.0509 0x1804 ================ Scan VBR ==================================
23:21:13.0509 0x1804 [ F1E8AC97A8ACAE45B57D91BC4DD41B8A ] \Device\Harddisk0\DR0\Partition1
23:21:13.0509 0x1804 \Device\Harddisk0\DR0\Partition1 - ok
23:21:13.0525 0x1804 [ 7C2DDF87CFBB1181D4A514A78A6A9F7D ] \Device\Harddisk0\DR0\Partition2
23:21:13.0525 0x1804 \Device\Harddisk0\DR0\Partition2 - ok
23:21:13.0556 0x1804 [ 04B0C4EB2E11B734294B83D7340A30EC ] \Device\Harddisk0\DR0\Partition3
23:21:13.0556 0x1804 \Device\Harddisk0\DR0\Partition3 - ok
23:21:13.0571 0x1804 [ 54E807C4A84916D1C467FCDF1ADF96D0 ] \Device\Harddisk0\DR0\Partition4
23:21:13.0618 0x1804 \Device\Harddisk0\DR0\Partition4 - ok
23:21:13.0618 0x1804 [ FB284EF16D99F4ECD5B3540596DF8403 ] \Device\Harddisk2\DR25\Partition1
23:21:13.0618 0x1804 \Device\Harddisk2\DR25\Partition1 - ok
23:21:13.0618 0x1804 ================ Scan generic autorun ======================
23:21:13.0696 0x1804 [ B2C7F6295BBCA3DB364B9C858E131872, 1C2C22F2FA391D6CDD2BFFA7E25C9E0D54E0A6B76560F294767BF644FFC4B229 ] C:\Program Files\IDT\WDM\sttray64.exe
23:21:13.0743 0x1804 SysTrayApp - ok
23:21:13.0821 0x1804 [ BD4FA01BE032F4A5B1B332A80F102F11, A62581D1DADCA288996AE154134D2185A02A8E393B412F634F6F9C6F27ECDB9F ] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe
23:21:13.0821 0x1804 HPPowerAssistant - ok
23:21:14.0024 0x1804 [ 4EC5E852A5E67B33966614A9B2C56D95, B2878AC44303CAB9A532D83E4F030238EAA9E2D133BA2C3F100B5206E9FE1423 ] C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe
23:21:14.0117 0x1804 HP Color LaserJet CM2320 MFP Series Fax - detected UnsignedFile.Multi.Generic ( 1 )
23:21:16.0551 0x1804 Detect skipped due to KSN trusted
23:21:16.0551 0x1804 HP Color LaserJet CM2320 MFP Series Fax - ok
23:21:16.0613 0x1804 [ 61B7500B1B04ED5DA31B8CECE90D1225, 2DA1E64BAD56C42BD9AF19D88CF5A65D0C03F6AA483F588B9A89524549EA6DA4 ] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
23:21:16.0645 0x1804 HPConnectionManager - ok
23:21:16.0676 0x1804 [ DC0C9FF05135876384A1F02A987C9229, 7F6DEE51F383FAA492AF7F04B057C21E8CDA9C27D6464D3FFD8858CAAF467E79 ] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
23:21:16.0707 0x1804 QLBController - ok
23:21:17.0035 0x1804 [ 013789E5EBE3A33D5A2DEEBC5C604E76, 78F0A7A58BFA14836345E5B7BE3BB8335B6F5BC0956FEA4CCB8DC4FC70093887 ] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
23:21:17.0409 0x1804 File Sanitizer - ok
23:21:17.0549 0x1804 [ 4EAF6F8F0B3BE33A0E3877EB7FFD48D4, CD89A31004E3E5A3253554CABF70B89D4F2FCBC40161FFA9E633CD85261A2769 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
23:21:17.0581 0x1804 Adobe ARM - ok
23:21:17.0643 0x1804 SunJavaUpdateSched - ok
23:21:17.0737 0x1804 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:21:17.0799 0x1804 Sidebar - ok
23:21:17.0815 0x1804 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:21:17.0846 0x1804 mctadmin - ok
23:21:17.0861 0x1804 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:21:17.0893 0x1804 Sidebar - ok
23:21:17.0908 0x1804 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:21:17.0908 0x1804 mctadmin - ok
23:21:17.0924 0x1804 Waiting for KSN requests completion. In queue: 26
23:21:18.0938 0x1804 Waiting for KSN requests completion. In queue: 26
23:21:19.0952 0x1804 Waiting for KSN requests completion. In queue: 26
23:21:20.0997 0x1804 AV detected via SS2: ESET Smart Security 9.0.381.1, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 9.0.376.0 ), 0x41000 ( enabled : updated )
23:21:20.0997 0x1804 FW detected via SS2: ESET Personal Firewall, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 9.0.376.0 ), 0x41010 ( enabled )
23:21:23.0462 0x1804 ============================================================
23:21:23.0462 0x1804 Scan finished
23:21:23.0462 0x1804 ============================================================
23:21:23.0477 0x0b4c Detected object count: 0
23:21:23.0477 0x0b4c Actual detected object count: 0
|
|
09.07.2016, 21:08
| #5 | |
| /// TB-Ausbilder | Frühjahrsputz ? !Zitat:
 Im Anschluss daran können wir loslegen... (Rechner ist noch nicht sauber).... |
|
09.07.2016, 21:31
| #6 |
| | Frühjahrsputz ? ! Hm. Davon habe ich gar kein Logfile gesehen. Im ESET-Verzeichnis sind nur in der Qarantäne 49 NQF-Dateien.  |
|
09.07.2016, 21:37
| #7 |
| /// TB-Ausbilder | Frühjahrsputz ? ! Servus, ok, dann fangen wir so an: Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
10.07.2016, 08:37
| #8 |
| | Frühjahrsputz ? ! Also hier die ADCleaner.txt Code:
ATTFilter # AdwCleaner v5.201 - Bericht erstellt am 10/07/2016 um 08:06:56
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-07-09.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Mas - MAS-HP
# Gestartet von : C:\Users\Mas\Desktop\AdwCleaner_5.201.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverWhiz
[-] Ordner gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileOpener
[-] Ordner gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPlayer
[#] Ordner gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPlayer
[-] Ordner gelöscht : C:\Program Files (x86)\DriverWhiz
[-] Ordner gelöscht : C:\Program Files (x86)\jfilemanager
[-] Ordner gelöscht : C:\Program Files (x86)\Tweaks
[-] Ordner gelöscht : C:\Program Files (x86)\VideoPlayer
[#] Ordner gelöscht : C:\Program Files (x86)\JFileManager
[#] Ordner gelöscht : C:\Program Files (x86)\VideoPlayer
[-] Ordner gelöscht : C:\Users\Mas\AppData\Local\Temp\OCS
[-] Ordner gelöscht : C:\Users\Mas\AppData\Roaming\1H1Q
[-] Ordner gelöscht : C:\Users\Mas\AppData\Roaming\DealPly
[-] Ordner gelöscht : C:\Program Files\Uninstaller
***** [ Dateien ] *****
[-] Datei gelöscht : C:\windows\SysNative\drivers\netfilter64.sys
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Geplante Aufgabe gelöscht : Dealply
[-] Geplante Aufgabe gelöscht : DealPly
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Applications\iLividSetup_D-r429-t-bf.exe
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
[-] Wert gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
[-] Schlüssel gelöscht : HKCU\Software\distromatic
[-] Schlüssel gelöscht : HKCU\Software\DriverWhiz
[-] Schlüssel gelöscht : HKCU\Software\eSupport.com
[-] Schlüssel gelöscht : HKCU\Software\InstalledThirdPartyPrograms
[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKLM\SOFTWARE\JFileManager
[-] Schlüssel gelöscht : HKLM\SOFTWARE\VideoPlayer
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\File Opener Packages
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\JFileManager
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Tweaks FileOpener
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoPlayer
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\CouponDownloader
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\LevelQualityWatcher
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{98198916-D35F-427E-98AF-2CBE45B48F1A}]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{78DCC148-34C5-4F57-8238-266B4C421FA7}]
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\iLivid
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\Optimizer Pro
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\IePluginServices
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\rqpbhevlkc64
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\WajamUpdaterV3
[-] Schlüssel gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Wpm
***** [ Internetbrowser ] *****
[-] [C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\prefs.js] gelöscht : user_pref("extensions.crossrider.bic", "14219eae5eba28a7ba9abde1f90840f2");
[-] [C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\prefs.js] gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
[-] [C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\prefs.js] gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
[-] [C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\prefs.js] gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[-] [C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\prefs.js] gelöscht : user_pref("extensions.helperbar.Visibility", true);
[-] [C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\prefs.js] gelöscht : user_pref("extensions.helperbar.countryiso", "de");
[-] [C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\prefs.js] gelöscht : user_pref("extensions.helperbar.downloadprovider", "tuguucr");
[-] [C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\prefs.js] gelöscht : user_pref("extensions.helperbar.installationid", "0835c2e9-9075-6cb0-a41d-a136f1e4a0ce");
[-] [C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\prefs.js] gelöscht : user_pref("extensions.helperbar.installdate", "02/11/2013");
[-] [C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\prefs.js] gelöscht : user_pref("extensions.helperbar.publisher", "tuguu");
[-] [C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\prefs.js] gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\prefs.js] gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [7461 Bytes] - [10/07/2016 08:06:56]
C:\AdwCleaner\AdwCleaner[S1].txt - [7868 Bytes] - [10/07/2016 08:04:28]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7607 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 10.07.2016 Suchlaufzeit: 08:15 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.07.10.02 Rootkit-Datenbank: v2016.05.27.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Mas Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 326942 Abgelaufene Zeit: 23 Min., 11 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 15 PUP.Optional.Lyrics, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\SuperLyrics-16, In Quarantäne, [203a0022099180b69cc07138907347b9], PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{16C5AB29-75CA-4850-A0FD-245FE8546F62}, In Quarantäne, [500a3ce6dac00b2b4f2af8a7da29d828], PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{19086A2E-44AE-4772-B8C1-87A1A9ECEA21}, In Quarantäne, [114933ef0e8c48ee4f2a920d3ac956aa], PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1D800FDE-6609-451D-9FAD-64BD6E8B4746}, In Quarantäne, [99c1b76b4a5056e05227bee1c93a06fa], PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2D4575AB-36A8-4EA6-B8E9-C3883D51FDCF}, In Quarantäne, [5bff4ed42674f93d98e016890cf746ba], PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{50473079-F46D-44A5-96B1-1D35C183D7CF}, In Quarantäne, [104a34ee980280b6a8d0a5fac83ba55b], PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8EF802BE-EF86-43F5-8067-4936C022D36A}, In Quarantäne, [1d3d6db5841637fffc7cf8a7d1321ce4], PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8F508DC6-1484-4E08-A622-9DD393F099C0}, In Quarantäne, [80dad64c722850e67bfecbd432d1c040], PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD24F852-9D76-4B2A-A6E5-671FDE5B517D}, In Quarantäne, [104a59c9891166d0d0a8c8d78380b848], PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B2041DD1-320D-44FF-BE29-6B55B6461BDE}, In Quarantäne, [01595fc34357a88eea8ff0af7b8840c0], PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B56B62F4-36A6-4D58-97D7-AB5617E8E6B8}, In Quarantäne, [94c65fc33e5c999dde9b574854af7f81], PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BBB0ED90-8A6D-4870-80B8-8BEE73C92FE3}, In Quarantäne, [71e9ca58b9e18caa483038678b78da26], PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CB08ED3D-E766-4879-A4B0-5D8ACB1B6D64}, In Quarantäne, [3b1fe53de2b8979fec8cf7a8db28e719], PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E0898125-E724-40A9-8384-6821929CAD10}, In Quarantäne, [08521e04128860d680f9633c0df6817f], PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E8D94377-8AD5-4732-BE9F-201F76E6B397}, In Quarantäne, [e47632f05f3b072f81f8346bb44fe11f], Registrierungswerte: 14 PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{16C5AB29-75CA-4850-A0FD-245FE8546F62}|AppName, SuperLyrics-16-enabler.exe-codedownloader.exe, In Quarantäne, [500a3ce6dac00b2b4f2af8a7da29d828] PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{19086A2E-44AE-4772-B8C1-87A1A9ECEA21}|AppName, Plus-HD-1.3-enabler.exe-codedownloader.exe, In Quarantäne, [114933ef0e8c48ee4f2a920d3ac956aa] PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1D800FDE-6609-451D-9FAD-64BD6E8B4746}|AppName, Plus-HD-1.3-enabler.exe-codedownloader.exe, In Quarantäne, [99c1b76b4a5056e05227bee1c93a06fa] PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2D4575AB-36A8-4EA6-B8E9-C3883D51FDCF}|AppName, Plus-HD-1.3-enabler.exe-buttonutil.exe, In Quarantäne, [5bff4ed42674f93d98e016890cf746ba] PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{50473079-F46D-44A5-96B1-1D35C183D7CF}|AppName, Plus-HD-1.3-enabler.exe-buttonutil.exe, In Quarantäne, [104a34ee980280b6a8d0a5fac83ba55b] PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8EF802BE-EF86-43F5-8067-4936C022D36A}|AppName, SuperLyrics-16-enabler.exe-buttonutil.exe, In Quarantäne, [1d3d6db5841637fffc7cf8a7d1321ce4] PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8F508DC6-1484-4E08-A622-9DD393F099C0}|AppName, Plus-HD-1.3-enabler.exe-codedownloader.exe, In Quarantäne, [80dad64c722850e67bfecbd432d1c040] PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD24F852-9D76-4B2A-A6E5-671FDE5B517D}|AppName, Plus-HD-1.3-enabler.exe-buttonutil.exe, In Quarantäne, [104a59c9891166d0d0a8c8d78380b848] PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B2041DD1-320D-44FF-BE29-6B55B6461BDE}|AppName, Plus-HD-1.3-enabler.exe-codedownloader.exe, In Quarantäne, [01595fc34357a88eea8ff0af7b8840c0] PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B56B62F4-36A6-4D58-97D7-AB5617E8E6B8}|AppName, Plus-HD-1.3-enabler.exe-codedownloader.exe, In Quarantäne, [94c65fc33e5c999dde9b574854af7f81] PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BBB0ED90-8A6D-4870-80B8-8BEE73C92FE3}|AppName, Plus-HD-1.3-enabler.exe-buttonutil.exe, In Quarantäne, [71e9ca58b9e18caa483038678b78da26] PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CB08ED3D-E766-4879-A4B0-5D8ACB1B6D64}|AppName, Plus-HD-1.3-enabler.exe-buttonutil.exe, In Quarantäne, [3b1fe53de2b8979fec8cf7a8db28e719] PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E0898125-E724-40A9-8384-6821929CAD10}|AppName, Plus-HD-1.3-enabler.exe-codedownloader.exe, In Quarantäne, [08521e04128860d680f9633c0df6817f] PUP.Optional.CrossRider, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E8D94377-8AD5-4732-BE9F-201F76E6B397}|AppName, SuperLyrics-16-enabler.exe-codedownloader.exe, In Quarantäne, [e47632f05f3b072f81f8346bb44fe11f] Registrierungsdaten: 4 PUP.Optional.SnapDo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0835c2e9-9075-6cb0-a41d-a136f1e4a0ce&searchtype=ds&q={searchTerms}&installDate=02/11/2013, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0835c2e9-9075-6cb0-a41d-a136f1e4a0ce&searchtype=ds&q={searchTerms}&installDate=02/11/2013),Ersetzt,[6feb49d96c2ea393ec0ced8b8381fd03] PUP.Optional.SnapDo, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0835c2e9-9075-6cb0-a41d-a136f1e4a0ce&searchtype=ds&q={searchTerms}&installDate=02/11/2013, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0835c2e9-9075-6cb0-a41d-a136f1e4a0ce&searchtype=ds&q={searchTerms}&installDate=02/11/2013),Ersetzt,[372360c2dac0f640af47294f61a3b749] PUP.Optional.SnapDo, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0835c2e9-9075-6cb0-a41d-a136f1e4a0ce&searchtype=ds&q={searchTerms}&installDate=02/11/2013, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0835c2e9-9075-6cb0-a41d-a136f1e4a0ce&searchtype=ds&q={searchTerms}&installDate=02/11/2013),Ersetzt,[4b0fae74ff9bb58104f278005ca81ae6] PUP.Optional.SnapDo, HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0835c2e9-9075-6cb0-a41d-a136f1e4a0ce&searchtype=ds&q={searchTerms}&installDate=02/11/2013, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0835c2e9-9075-6cb0-a41d-a136f1e4a0ce&searchtype=ds&q={searchTerms}&installDate=02/11/2013),Ersetzt,[332748da8a10bb7b1bdcf484887c50b0] Ordner: 17 Rogue.Multiple, C:\ProgramData\374311380, In Quarantäne, [b4a637eb7f1b181e34346335ce341de3], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\Aartemis, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\Dealply, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\exe, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\Feven DE, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\HDplus, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\Lollipop, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\MyBackupPc, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\OptimizerPro, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\PlusHD shopping, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\Qone8, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\SaltarSmart, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\SpeedUpMyPc, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\Wajam, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], Dateien: 117 PUP.Optional.Bandoo, C:\$Recycle.Bin\S-1-5-21-2856982752-327615534-2607958787-1001\$RR81W7M\iLivid.exe, In Quarantäne, [5cfe34ee7c1e89ad673a32667e86d22e], PUP.Optional.Bandoo, C:\$Recycle.Bin\S-1-5-21-2856982752-327615534-2607958787-1001\$RR81W7M\libeay32.dll, In Quarantäne, [eb6ff2308a107abc554ca7f146be8b75], PUP.Optional.Bandoo, C:\$Recycle.Bin\S-1-5-21-2856982752-327615534-2607958787-1001\$RR81W7M\msvcp100.dll, In Quarantäne, [73e7ae74940624124c557325ea1a7888], PUP.Optional.Bandoo, C:\$Recycle.Bin\S-1-5-21-2856982752-327615534-2607958787-1001\$RR81W7M\msvcr100.dll, In Quarantäne, [89d138ea2179979f346d910736cedc24], PUP.Optional.Bandoo, C:\$Recycle.Bin\S-1-5-21-2856982752-327615534-2607958787-1001\$RR81W7M\python27.dll, In Quarantäne, [65f58d950595171f346d8315669e7c84], PUP.Optional.Bandoo, C:\$Recycle.Bin\S-1-5-21-2856982752-327615534-2607958787-1001\$RR81W7M\QtCore4.dll, In Quarantäne, [8cced64cc5d556e07d247f195da77888], PUP.Optional.Bandoo, C:\$Recycle.Bin\S-1-5-21-2856982752-327615534-2607958787-1001\$RR81W7M\QtGui4.dll, In Quarantäne, [2436140e54460f27752c692f9a6ae21e], PUP.Optional.Bandoo, C:\$Recycle.Bin\S-1-5-21-2856982752-327615534-2607958787-1001\$RR81W7M\QtNetwork4.dll, In Quarantäne, [90caea3888122e086839a7f1b15321df], PUP.Optional.Bandoo, C:\$Recycle.Bin\S-1-5-21-2856982752-327615534-2607958787-1001\$RR81W7M\QtWebKit4.dll, In Quarantäne, [0b4f78aaf6a4f343b9e8732553b1fd03], PUP.Optional.Bandoo, C:\$Recycle.Bin\S-1-5-21-2856982752-327615534-2607958787-1001\$RR81W7M\QtXml4.dll, In Quarantäne, [0753af739ffba492dbc60494a75d7090], PUP.Optional.Bandoo, C:\$Recycle.Bin\S-1-5-21-2856982752-327615534-2607958787-1001\$RR81W7M\ssleay32.dll, In Quarantäne, [fc5e80a2d7c396a04f52b9dfea1ad62a], PUP.Optional.CouponDownloader, C:\Users\Mas\AppData\Local\Temp\nsfE583.tmp.exe, In Quarantäne, [2535be64efabf04654a8a17ff90727d9], Trojan.Dropper.NS, C:\Users\Mas\AppData\Local\Temp\is1242154493\257202203_stp.EXE, In Quarantäne, [db7f64be1c7e88ae9954f33fc242a15f], PUP.Optional.CouponDownloader, C:\Users\Mas\AppData\Local\Temp\is1242154493\257202546_stp\coupondownloader.exe, In Quarantäne, [3c1e968c237752e4898fa09efa0a3ac6], PUP.Optional.V9, C:\Users\Mas\AppData\Local\Temp\794138237\794138237.zipDir\qSE.exe, In Quarantäne, [c39780a25e3c1d19b0dad179946c7d83], PUP.Optional.APNToolBar, C:\Users\Mas\AppData\Local\TempDIR\Offercast2821_NDV_.exe, In Quarantäne, [da808c96e1b9e74f9c396ebbea17a759], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\bin.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\Aartemis\info.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\position2A.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\aartemis.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\base.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\dealply.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\dosearches.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\feven.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\hdplus.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\lollipop.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\mypcbackup.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\optimizerpro.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\position1A.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\position2B.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\position2C.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\position3A.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\position3B.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\position3C.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\position3D.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\position4A.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\saltarsmart.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\speedupmypc.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\style.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\wajam.css, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\dealply-logo2.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\screen-vafmusic.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\bg_app.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\boton.jpg, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\boton_xl.jpg, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\bullet-short.gif, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\bullet-shortw.gif, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\bullet.gif, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\butpause.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\butplay.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\check-close.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\check.jpg, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\check.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\cross.jpg, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\dealply-logo-gris.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\dealply-logo.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\progress.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\progress_small.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\progress_small_bg.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\screen-geaudioconverter.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\screen-gevideoconverter.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\screen-ifish.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\screen-miul.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\screen-olivebrowser.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\screen-printpdf.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\screen-vafplayer.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\screen-zipper.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\show.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\speedupmypc-icon.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\speedupmypc-img.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\speedupmypc-img2.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\speedupmypc-logo.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\speedupmypc-logo2.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\wajam-big.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\wajam-img1-gris.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\wajam-img1-small.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\wajam-img1.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\wajam-img1a.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\wajam-img2-gris-small.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\wajam-img2-gris.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\wajam-img2.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\wajam-logo.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\wajam-logo2.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\wajam-logo3.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\hide.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\less.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\logo-win.jpg, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\lollipop-img.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\lollipop-logo-big.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\lollipop-logo.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\lollipop-logo2.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\more.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\mypcbackup.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\optimizerpro-img.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\optimizerpro-logo-big.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\optimizerpro-logo.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\css\images\percentage-bg.png, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\Dealply\info.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\exe\box.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\exe\close.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\exe\finish.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\exe\group.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\exe\instalando.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\exe\options.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\exe\welcome.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\Feven DE\info.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\HDplus\info.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\Lollipop\info.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\MyBackupPc\info.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\OptimizerPro\info.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\PlusHD shopping\info.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\Qone8\info.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\SaltarSmart\info.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\SpeedUpMyPc\info.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.BundleInstaller, C:\Users\Mas\AppData\Local\Temp\DM\bin\Wajam\info.html, In Quarantäne, [2b2f73af9cfe67cf3906f1be8a7818e8], PUP.Optional.CrossRider, C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "14219eae5eba28a7ba9abde1f90840f2");), Ersetzt,[7bdfba682773f6409de686138e764cb4] PUP.Optional.SnapDo, C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0835c2e9-9075-6cb0-a41d-a136f1e4a0ce&searchtype=ds&installDate=02/11/2013&q=");), Ersetzt,[6bef4dd5009ab1852adf6f2b18ec53ad] Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Professional x64
Ran by Mas (Administrator) on 10.07.2016 at 9:28:47,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 18
Successfully deleted: C:\Users\Mas\AppData\Local\tempdir (Folder)
Successfully deleted: C:\Program Files\004 (Folder)
Successfully deleted: C:\Users\Mas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Mas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Mas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E93304AY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Mas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EUZ7C3HW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Mas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Mas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I63F7OTC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Mas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Mas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YVLV21P1 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E93304AY (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EUZ7C3HW (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I63F7OTC (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YVLV21P1 (Temporary Internet Files Folder)
Deleted the following from C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\prefs.js
user_pref(browser.newtabpage.pinned, [null,{\url\:\hxxp://www.tvtv.de/\,\title\:\tvtv.de – Alles andere ist nur Fernsehen | Startseite\},{\url\:\hxxps://startp
user_pref(extensions.crossrider.bic, 14219eae5eba28a7ba9abde1f90840f2);
user_pref(extensions.helperbar.publisher, tuguu);
user_pref(extensions.quick_start.sd.closeWindowWithLastTab_prev_state, false);
user_pref(keyword.URL, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0835c2e9-9075-6cb0-a41d-a136f1e4a0ce&searchtype=ds&installDate=02/11/2013&q=);
Registry: 4
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.07.2016 at 9:31:35,51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
10.07.2016, 08:40
| #9 |
| | Frühjahrsputz ? ! dann das frst.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-07-2016
durchgeführt von Mas (Administrator) auf MAS-HP (10-07-2016 09:36:34)
Gestartet von C:\Users\Mas\Desktop
Geladene Profile: Mas (Verfügbare Profile: Mas)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-03-05] (IDT, Inc.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [HP Color LaserJet CM2320 MFP Series Fax] => C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-06-01] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [334240 2012-09-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12310616 2012-03-22] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.8.0_91\bin\jusched.exe"
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: E - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: I - I:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {05f6733d-44a6-11e3-a35e-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {05f67348-44a6-11e3-a35e-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {05f673d0-44a6-11e3-a35e-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {44c7bea2-6562-11e3-b574-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {44c7bea4-6562-11e3-b574-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {450e1c20-c110-11e5-8c8e-2c44fd692798} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {6937a26d-45bd-11e3-88f5-70188b893308} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {88f79f1d-5b1c-11e3-b5c8-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {88f79f1f-5b1c-11e3-b5c8-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {88f79f77-5b1c-11e3-b5c8-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {bd336851-00a4-11e4-9f7f-2c44fd692798} - H:\setup.exe
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-11-24]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Mas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-25]
ShortcutTarget: Dropbox.lnk -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9EB9DEE5-35FA-454D-AF55-7F07AF53ECF4}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2856982752-327615534-2607958787-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-22] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-26] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default
FF DefaultSearchEngine: Google Images
FF SelectedSearchEngine: Google Images
FF Homepage: hxxps://de.nachrichten.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-06] ()
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-02-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2856982752-327615534-2607958787-1001: @www.flatcast.com/FlatViewer 5.2 -> C:\Users\Mas\AppData\Roaming\Mozilla\Plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-02-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mas\AppData\Roaming\mozilla\plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH)
FF Extension: Download Tab - C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\extensions\{a949831f-d9c0-45ae-8c60-91c2a86fbfb6}.xpi [2016-06-19]
FF Extension: Avira Browser Safety - C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\Extensions\abs@avira.com [2014-11-06] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-16]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-10-07] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\addon => nicht gefunden
FF HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\extensions\cliqz@cliqz.com => nicht gefunden
Chrome:
=======
CHR Profile: C:\Users\Mas\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 AAV UpdateService; C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S4 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [493904 2012-03-15] (DigitalPersona, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2519904 2016-04-13] (ESET)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477056 2012-11-19] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [523680 2012-09-13] (Hewlett-Packard Company)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
S4 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1127800 2012-01-27] (Infineon Technologies AG)
S4 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [984440 2012-01-27] (Infineon Technologies AG)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-28] ()
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-28] (Intel Corporation)
S4 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2012-03-22] () [Datei ist nicht signiert]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2014-11-17] (Hewlett-Packard) [Datei ist nicht signiert]
S4 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [212344 2012-01-27] (Infineon Technologies AG)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2014-11-17] (Hewlett-Packard) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5858304 2013-10-07] (Broadcom Corporation) [Datei ist nicht signiert]
S2 VMCService; "C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64832 2012-11-09] (Hewlett-Packard Company)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-05-12] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2016-05-12] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [142976 2016-05-12] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [198096 2016-05-12] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [53384 2016-05-12] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [84800 2016-05-12] (ESET)
R3 HPEWSFXBULK; C:\Windows\System32\drivers\hpfx64bulk.sys [29240 2015-10-28] (Hewlett Packard)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-07-16] (JMicron Technology Corp.)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [93640 2012-03-22] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158792 2012-03-22] (McAfee, Inc.)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
S3 pwdrvio; C:\windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 Spfd; C:\Windows\System32\DRIVERS\Spfd.sys [11336 2014-11-21] (Safend Ltd.)
S0 SpfdBus; C:\Windows\System32\DRIVERS\SpfdBus.sys [11336 2014-11-21] (Safend Ltd.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1064184 2012-09-23] (Sunplus)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-07-10 09:36 - 2016-07-10 09:36 - 00000000 ____D C:\Users\Mas\Desktop\FRST-OlderVersion
2016-07-10 09:31 - 2016-07-10 09:31 - 00004422 _____ C:\Users\Mas\Desktop\JRT.txt
2016-07-10 09:28 - 2016-07-10 09:28 - 01610560 _____ (Malwarebytes) C:\Users\Mas\Desktop\JRT.exe
2016-07-10 09:26 - 2016-07-10 09:26 - 00030157 _____ C:\Users\Mas\Desktop\mbam.txt
2016-07-10 08:14 - 2016-07-10 09:24 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-10 08:13 - 2016-07-10 08:13 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-07-10 08:13 - 2016-07-10 08:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-07-10 08:13 - 2016-07-10 08:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-10 08:13 - 2016-07-10 08:13 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-07-10 08:13 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-07-10 08:13 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-07-10 08:13 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-07-10 08:12 - 2016-07-10 08:12 - 22851472 _____ (Malwarebytes ) C:\Users\Mas\Desktop\mbam-setup-2.2.1.1043.exe
2016-07-10 08:01 - 2016-07-10 08:06 - 00000000 ___DC C:\AdwCleaner
2016-07-10 08:00 - 2016-07-10 08:00 - 03712064 _____ C:\Users\Mas\Desktop\AdwCleaner_5.201.exe
2016-07-09 14:43 - 2016-07-09 14:43 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2016-07-09 13:37 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-07-09 13:37 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-07-09 12:25 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2016-07-09 12:25 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2016-07-09 12:25 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2016-07-09 12:25 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2016-07-09 12:25 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2016-07-09 12:25 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2016-07-09 12:25 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2016-07-09 12:25 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2016-07-09 12:22 - 2016-05-12 16:58 - 00464896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-07-09 12:22 - 2016-05-12 16:58 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2016-07-09 12:22 - 2016-05-12 16:58 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2016-07-09 12:22 - 2016-01-22 08:18 - 00961024 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2016-07-09 12:22 - 2016-01-22 08:18 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll
2016-07-09 12:22 - 2016-01-22 08:04 - 00642048 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2016-07-09 12:22 - 2016-01-22 08:04 - 00535040 _____ (Microsoft Corporation) C:\windows\SysWOW64\EncDec.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00994760 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00922432 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-07-09 12:21 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-07-09 12:21 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-07-09 12:21 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-07-09 12:21 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-07-09 12:21 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-07-09 12:20 - 2016-05-17 01:22 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-07-09 12:20 - 2016-05-17 01:19 - 05546216 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-07-09 12:20 - 2016-05-17 01:19 - 00706280 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-07-09 12:20 - 2016-05-17 01:19 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-07-09 12:20 - 2016-05-17 01:19 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-07-09 12:20 - 2016-05-17 01:18 - 03998952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-07-09 12:20 - 2016-05-17 01:18 - 03943144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-07-09 12:20 - 2016-05-17 01:17 - 01732888 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-07-09 12:20 - 2016-05-17 01:16 - 01314136 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-07-09 12:20 - 2016-05-16 23:23 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-07-09 12:20 - 2016-05-16 23:23 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-07-09 12:20 - 2016-05-16 23:23 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-07-09 12:20 - 2016-05-16 23:23 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-07-09 12:20 - 2016-05-16 23:19 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-07-09 12:20 - 2016-05-16 23:19 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-07-09 12:20 - 2016-05-16 23:16 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-07-09 12:20 - 2016-05-16 23:15 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-07-09 12:20 - 2016-05-16 23:15 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-07-09 12:20 - 2016-05-16 23:14 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-07-09 12:20 - 2016-05-16 23:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-07-09 12:20 - 2016-05-16 23:14 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-07-09 12:20 - 2016-05-16 23:10 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-07-09 12:20 - 2016-05-16 23:10 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-07-09 12:20 - 2016-05-16 23:10 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-07-09 12:20 - 2016-05-16 23:10 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-07-09 12:20 - 2016-05-16 23:09 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-07-09 12:20 - 2016-05-16 23:09 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-07-09 12:20 - 2016-05-16 23:09 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-09 12:20 - 2016-05-16 23:09 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-07-09 12:20 - 2016-05-16 23:09 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-07-09 12:20 - 2016-05-14 00:09 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2016-07-09 12:20 - 2016-05-14 00:09 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2016-07-09 12:20 - 2016-05-14 00:09 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2016-07-09 12:20 - 2016-05-14 00:07 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2016-07-09 12:20 - 2016-05-13 23:55 - 02607104 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-07-09 12:20 - 2016-05-13 23:53 - 00709120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-07-09 12:20 - 2016-05-13 23:53 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2016-07-09 12:20 - 2016-05-13 23:52 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-07-09 12:20 - 2016-05-13 23:52 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2016-07-09 12:20 - 2016-05-13 23:52 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2016-07-09 12:20 - 2016-05-13 23:52 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2016-07-09 12:20 - 2016-05-13 23:50 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2016-07-09 12:20 - 2016-05-13 23:38 - 00573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2016-07-09 12:20 - 2016-05-13 23:38 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2016-07-09 12:20 - 2016-05-13 23:38 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2016-07-09 12:20 - 2016-05-13 23:38 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2016-07-09 12:20 - 2016-05-12 19:14 - 00862208 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2016-07-09 12:20 - 2016-05-12 19:14 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2016-07-09 12:20 - 2016-05-12 17:18 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2016-07-09 12:20 - 2016-05-12 17:18 - 00090624 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
2016-07-09 12:20 - 2016-05-12 17:18 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\asycfilt.dll
2016-07-09 12:20 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-07-09 12:20 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2016-07-09 12:20 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2016-07-09 12:20 - 2016-05-04 19:21 - 00114408 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2016-07-09 12:20 - 2016-05-04 19:17 - 03244032 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-07-09 12:20 - 2016-05-04 19:17 - 02365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-07-09 12:20 - 2016-05-04 19:17 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-07-09 12:20 - 2016-05-04 19:17 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2016-07-09 12:20 - 2016-05-04 19:17 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2016-07-09 12:20 - 2016-05-04 19:17 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2016-07-09 12:20 - 2016-05-04 19:17 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2016-07-09 12:20 - 2016-05-04 19:16 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-07-09 12:20 - 2016-05-04 19:16 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2016-07-09 12:20 - 2016-05-04 17:04 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2016-07-09 12:20 - 2016-05-04 16:55 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2016-07-09 12:20 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2016-07-09 12:20 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2016-07-09 12:20 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2016-07-09 12:19 - 2015-08-05 19:56 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\icaapi.dll
2016-07-09 12:19 - 2015-08-05 19:06 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2016-07-09 12:19 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2016-07-09 12:19 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2016-07-09 12:19 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2016-07-09 12:19 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2016-07-09 12:19 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2016-07-09 12:19 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2016-07-09 12:19 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2016-07-09 12:19 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2016-07-09 12:19 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2016-07-09 12:19 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2016-07-09 12:19 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2016-07-09 12:19 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2016-07-09 12:18 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2016-07-09 12:18 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2016-07-09 12:18 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2016-07-09 12:18 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2016-07-09 12:17 - 2016-02-05 21:03 - 00147904 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2016-07-09 12:17 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\tbs.dll
2016-07-09 12:17 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2016-07-09 12:17 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tbs.dll
2016-07-09 12:17 - 2015-12-16 20:55 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\nlsbres.dll
2016-07-09 12:17 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\kbdgeoqw.dll
2016-07-09 12:17 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZEL.DLL
2016-07-09 12:17 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZE.DLL
2016-07-09 12:17 - 2015-12-16 20:48 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZE.DLL
2016-07-09 12:17 - 2015-12-16 20:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\kbdgeoqw.dll
2016-07-09 12:17 - 2015-12-16 20:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZEL.DLL
2016-07-09 12:17 - 2015-12-16 20:47 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlsbres.dll
2016-07-09 12:17 - 2015-12-16 16:38 - 00419928 _____ C:\windows\SysWOW64\locale.nls
2016-07-09 12:17 - 2015-12-16 16:37 - 00419928 _____ C:\windows\system32\locale.nls
2016-07-09 12:17 - 2015-11-10 20:55 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2016-07-09 12:17 - 2015-11-10 20:55 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2016-07-09 12:17 - 2015-11-10 20:55 - 01008640 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2016-07-09 12:17 - 2015-11-10 20:39 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2016-07-09 12:17 - 2015-11-10 20:37 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2016-07-09 12:17 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2016-07-09 12:16 - 2016-06-26 02:35 - 00041704 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-07-09 12:16 - 2016-06-26 02:27 - 01208320 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-07-09 12:16 - 2016-06-22 15:06 - 00268800 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2016-07-09 12:16 - 2016-06-17 20:24 - 01490432 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-07-09 12:16 - 2016-06-17 20:24 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-07-09 12:16 - 2016-06-17 20:24 - 00544256 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-07-09 12:16 - 2016-06-17 20:24 - 00294912 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-07-09 12:16 - 2016-06-17 20:24 - 00219136 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-07-09 12:16 - 2016-06-17 20:24 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-07-09 12:16 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\winipsec.dll
2016-07-09 12:16 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2016-07-09 12:16 - 2016-05-12 19:14 - 00793088 _____ (Microsoft Corporation) C:\windows\system32\gpprefcl.dll
2016-07-09 12:16 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
2016-07-09 12:16 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\polstore.dll
2016-07-09 12:16 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\gpapi.dll
2016-07-09 12:16 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\FwRemoteSvr.dll
2016-07-09 12:16 - 2016-05-12 19:14 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\gpscript.dll
2016-07-09 12:16 - 2016-05-12 17:18 - 00591872 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpprefcl.dll
2016-07-09 12:16 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\polstore.dll
2016-07-09 12:16 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpapi.dll
2016-07-09 12:16 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\winipsec.dll
2016-07-09 12:16 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\FwRemoteSvr.dll
2016-07-09 12:16 - 2016-05-12 17:06 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\gpscript.exe
2016-07-09 12:16 - 2016-05-12 17:03 - 03217408 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-07-09 12:16 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpscript.dll
2016-07-09 12:16 - 2016-05-12 16:57 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpscript.exe
2016-07-09 12:16 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-07-09 12:16 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-07-09 12:16 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-07-09 12:16 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-07-09 12:16 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-07-09 12:16 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-07-09 12:16 - 2015-12-08 23:54 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2016-07-09 12:16 - 2015-12-08 23:54 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2016-07-09 12:16 - 2015-12-08 23:54 - 01568768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVENCOD.DLL
2016-07-09 12:16 - 2015-12-08 23:54 - 01325056 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOE.DLL
2016-07-09 12:16 - 2015-12-08 23:54 - 00902144 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
2016-07-09 12:16 - 2015-12-08 23:54 - 00815616 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOE.DLL
2016-07-09 12:16 - 2015-12-08 23:54 - 00740352 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpmde.dll
2016-07-09 12:16 - 2015-12-08 23:54 - 00739328 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
2016-07-09 12:16 - 2015-12-08 23:54 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVXENCD.DLL
2016-07-09 12:16 - 2015-12-08 23:54 - 00541184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
2016-07-09 12:16 - 2015-12-08 23:54 - 00358400 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSENCD.DLL
2016-07-09 12:16 - 2015-12-08 23:54 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\VIDRESZR.DLL
2016-07-09 12:16 - 2015-12-08 23:53 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 00970240 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2adec.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 00829952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPEG2ENC.DLL
2016-07-09 12:16 - 2015-12-08 23:53 - 00609280 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFWMAAEC.DLL
2016-07-09 12:16 - 2015-12-08 23:53 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 00415744 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP4SDECD.DLL
2016-07-09 12:16 - 2015-12-08 23:53 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MPG4DECD.DLL
2016-07-09 12:16 - 2015-12-08 23:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP43DECD.DLL
2016-07-09 12:16 - 2015-12-08 23:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\RESAMPLEDMO.DLL
2016-07-09 12:16 - 2015-12-08 23:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\qasf.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
2016-07-09 12:16 - 2015-12-08 23:53 - 00153600 _____ (Microsoft Corporation) C:\windows\SysWOW64\COLORCNV.DLL
2016-07-09 12:16 - 2015-12-08 23:53 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP3DMOD.DLL
2016-07-09 12:16 - 2015-12-08 23:53 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\devenum.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfvdsp.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2016-07-09 12:16 - 2015-12-08 23:53 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2016-07-09 12:16 - 2015-12-08 23:53 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksuser.dll
2016-07-09 12:16 - 2015-12-08 23:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 01955328 _____ (Microsoft Corporation) C:\windows\system32\WMVENCOD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 01575424 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOE.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 01573888 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 01393152 _____ (Microsoft Corporation) C:\windows\system32\WMALFXGFXDSP.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 01232896 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 01153024 _____ (Microsoft Corporation) C:\windows\system32\WMADMOE.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 01026048 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 01010688 _____ (Microsoft Corporation) C:\windows\system32\mcmde.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 00978944 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00666112 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00653824 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00642048 _____ (Microsoft Corporation) C:\windows\system32\WMVXENCD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00632320 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\MFWMAAEC.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\WMVSENCD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\SysFxUI.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 00292352 _____ (Microsoft Corporation) C:\windows\system32\VIDRESZR.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\qasf.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\RESAMPLEDMO.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00224768 _____ (Microsoft Corporation) C:\windows\system32\MPG4DECD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00223744 _____ (Microsoft Corporation) C:\windows\system32\MP43DECD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\COLORCNV.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\MP3DMOD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\mfvdsp.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2016-07-09 12:16 - 2015-12-08 21:07 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\ksuser.dll
2016-07-09 12:16 - 2015-12-08 21:06 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2016-07-09 12:16 - 2015-12-08 21:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2016-07-09 12:16 - 2015-12-08 21:04 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2016-07-09 12:16 - 2015-12-08 20:54 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2016-07-09 12:16 - 2015-12-08 20:12 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2016-07-09 12:16 - 2015-12-08 20:11 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys
2016-07-09 12:16 - 2015-10-29 19:50 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2016-07-09 12:16 - 2015-10-29 19:50 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2016-07-09 12:16 - 2015-10-29 19:50 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2016-07-09 12:16 - 2015-10-29 19:50 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2016-07-09 12:16 - 2015-10-29 19:50 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll
2016-07-09 12:16 - 2015-10-29 19:49 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2016-07-09 12:16 - 2015-10-29 19:49 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2016-07-09 12:16 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2016-07-09 12:16 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2016-07-09 12:16 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2016-07-09 12:16 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2016-07-09 12:16 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2016-07-09 12:16 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2016-07-09 12:16 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2016-07-09 12:16 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2016-07-09 12:16 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2016-07-09 12:16 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2016-07-09 12:15 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-07-09 12:15 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-07-09 12:15 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-07-09 12:15 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-07-09 12:15 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-07-09 12:15 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2016-07-09 12:15 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2016-07-09 12:15 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-07-09 12:15 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2016-07-09 12:15 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2016-07-09 12:15 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2016-07-09 12:15 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-07-09 12:15 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2016-07-09 12:15 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2016-07-09 12:15 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2016-07-09 12:15 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\ws2_32.dll
2016-07-09 12:15 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2016-07-09 12:15 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
2016-07-09 12:15 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2016-07-09 12:15 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ws2_32.dll
2016-07-09 12:15 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\netbtugc.exe
2016-07-09 12:15 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\netbtugc.exe
2016-07-09 12:15 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2016-07-09 12:15 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2016-07-09 12:15 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2016-07-09 12:15 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2016-07-09 12:15 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2016-07-09 12:15 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2016-07-09 12:15 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2016-07-09 12:15 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2016-07-09 12:15 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2016-07-09 12:15 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2016-07-09 12:15 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2016-07-09 12:15 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2016-07-09 12:15 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2016-07-09 12:15 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2016-07-09 12:15 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2016-07-09 12:15 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2016-07-09 12:15 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2016-07-09 12:15 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2016-07-09 12:15 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2016-07-09 12:15 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2016-07-09 12:15 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2016-07-09 12:15 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2016-07-09 12:15 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2016-07-09 12:15 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\windows\system32\mfds.dll
2016-07-09 12:15 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfds.dll
2016-07-09 12:15 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2016-07-09 12:15 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2016-07-09 12:15 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2016-07-09 12:15 - 2016-01-11 21:11 - 01684416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2016-07-09 12:15 - 2016-01-07 19:42 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2016-07-09 12:15 - 2015-12-20 20:50 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2016-07-09 12:15 - 2015-12-20 20:50 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2016-07-09 12:15 - 2015-12-20 16:08 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2016-07-09 12:15 - 2015-12-08 23:53 - 00509952 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2016-07-09 12:15 - 2015-12-08 21:07 - 00624640 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2016-07-09 12:15 - 2015-11-14 01:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
2016-07-09 12:15 - 2015-11-14 01:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
2016-07-09 12:15 - 2015-11-14 01:08 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe
2016-07-09 12:15 - 2015-11-14 00:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapistub.dll
2016-07-09 12:15 - 2015-11-14 00:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapi32.dll
2016-07-09 12:15 - 2015-11-14 00:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\fixmapi.exe
2016-07-09 12:15 - 2015-11-11 20:53 - 01735680 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2016-07-09 12:15 - 2015-11-11 20:53 - 00525312 _____ (Microsoft Corporation) C:\windows\system32\catsrvut.dll
2016-07-09 12:15 - 2015-11-11 20:39 - 01242624 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2016-07-09 12:15 - 2015-11-11 20:39 - 00487936 _____ (Microsoft Corporation) C:\windows\SysWOW64\catsrvut.dll
2016-07-09 12:15 - 2015-11-05 21:05 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\wshrm.dll
2016-07-09 12:15 - 2015-11-05 21:02 - 00014848 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshrm.dll
2016-07-09 12:15 - 2015-11-05 11:53 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys
2016-07-09 12:15 - 2015-11-03 21:04 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2016-07-09 12:15 - 2015-11-03 20:56 - 00627712 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2016-07-09 12:15 - 2015-10-13 18:41 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2016-07-09 12:15 - 2015-10-13 18:40 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2016-07-09 12:15 - 2015-10-13 06:57 - 00950720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2016-07-09 12:15 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2016-07-09 12:15 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2016-07-09 12:15 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2016-07-09 12:15 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2016-07-09 12:15 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2016-07-09 12:15 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2016-07-09 12:15 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2016-07-09 12:15 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2016-07-09 12:15 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\windows\notepad.exe
2016-07-09 12:15 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2016-07-09 12:15 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2016-07-09 12:15 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2016-07-09 12:15 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2016-07-09 12:15 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2016-07-09 12:15 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2016-07-09 12:15 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2016-07-09 12:15 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2016-07-09 12:15 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2016-07-09 12:15 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2016-07-09 12:15 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2016-07-09 12:15 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2016-07-09 12:15 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2016-07-09 12:15 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2016-07-09 12:15 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2016-07-09 12:15 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2016-07-09 12:15 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2016-07-09 12:15 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2016-07-09 12:15 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2016-07-09 12:14 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\webio.dll
2016-07-09 12:14 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll
2016-07-09 12:14 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\seclogon.dll
2016-07-09 12:14 - 2015-12-16 00:28 - 17892352 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-07-09 12:14 - 2015-12-16 00:25 - 02350080 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-07-09 12:14 - 2015-12-16 00:21 - 10938368 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-07-09 12:14 - 2015-12-16 00:20 - 01388032 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-07-09 12:14 - 2015-12-16 00:20 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-07-09 12:14 - 2015-12-16 00:19 - 02158080 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-07-09 12:14 - 2015-12-16 00:19 - 01392128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 02382848 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-07-09 12:14 - 2015-12-16 00:18 - 01494016 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-07-09 12:14 - 2015-12-16 00:18 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00579584 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00282112 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00248320 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00237056 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00173568 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-07-09 12:14 - 2015-12-16 00:18 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2016-07-09 12:14 - 2015-12-16 00:18 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2016-07-09 12:14 - 2015-12-15 23:50 - 01814528 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-07-09 12:14 - 2015-12-15 23:49 - 12388864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-07-09 12:14 - 2015-12-15 23:47 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-07-09 12:14 - 2015-12-15 23:46 - 09753088 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-07-09 12:14 - 2015-12-15 23:45 - 01140224 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-07-09 12:14 - 2015-12-15 23:45 - 01129472 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-07-09 12:14 - 2015-12-15 23:44 - 01804800 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-07-09 12:14 - 2015-12-15 23:44 - 01427968 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-07-09 12:14 - 2015-12-15 23:44 - 00718848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-07-09 12:14 - 2015-12-15 23:44 - 00424960 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-07-09 12:14 - 2015-12-15 23:44 - 00231936 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2016-07-09 12:14 - 2015-12-15 23:44 - 00142848 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-07-09 12:14 - 2015-12-15 23:44 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-07-09 12:14 - 2015-12-15 23:43 - 02382848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-07-09 12:14 - 2015-12-15 23:43 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-07-09 12:14 - 2015-12-15 23:43 - 00353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-07-09 12:14 - 2015-12-15 23:43 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-07-09 12:14 - 2015-12-15 23:43 - 00176640 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-07-09 12:14 - 2015-12-15 23:43 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-07-09 12:14 - 2015-12-15 23:43 - 00041472 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2016-07-09 12:14 - 2015-12-15 23:43 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2016-07-09 12:14 - 2015-12-15 23:43 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2016-07-09 12:14 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2016-07-09 12:14 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2016-07-09 12:14 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2016-07-09 12:14 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2016-07-09 12:14 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
2016-07-09 12:13 - 2016-05-12 19:15 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-07-09 12:13 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-07-09 12:13 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2016-07-09 12:13 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2016-07-09 12:13 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2016-07-09 12:13 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2016-07-09 12:13 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2016-07-09 12:13 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2016-07-09 12:13 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2016-07-09 12:13 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2016-07-09 12:13 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2016-07-09 12:13 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2016-07-09 12:13 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2016-07-09 12:13 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2016-07-09 12:13 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2016-07-09 12:13 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2016-07-09 12:13 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2016-07-09 12:12 - 2015-11-03 21:04 - 00241664 _____ (Microsoft Corporation) C:\windows\system32\els.dll
2016-07-09 12:12 - 2015-11-03 20:55 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\els.dll
2016-07-09 11:58 - 2016-03-24 00:40 - 00634432 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2016-07-09 11:53 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2016-07-09 11:53 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2016-07-08 23:18 - 2016-07-08 23:26 - 00232652 ____C C:\TDSSKiller.3.1.0.9_08.07.2016_23.18.30_log.txt
2016-07-08 23:18 - 2016-07-08 23:18 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Mas\Desktop\tdsskiller.exe
2016-07-08 23:16 - 2016-07-08 23:16 - 00050713 _____ C:\Users\Mas\Desktop\Addition.txt
2016-07-08 23:15 - 2016-07-10 09:36 - 00018322 _____ C:\Users\Mas\Desktop\FRST.txt
2016-07-08 23:14 - 2016-07-10 09:36 - 02390016 ____C (Farbar) C:\Users\Mas\Desktop\FRST64.exe
2016-07-08 23:14 - 2016-07-10 09:36 - 00000000 ___DC C:\FRST
2016-07-08 16:06 - 2016-07-08 16:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-07-08 13:37 - 2016-07-08 13:37 - 00000000 ____D C:\Users\Mas\AppData\Local\ESET
2016-07-08 13:35 - 2016-07-08 13:35 - 00002027 _____ C:\Users\Public\Desktop\ESET Sicheres Online-Banking und Bezahlen.lnk
2016-07-08 13:35 - 2016-07-08 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-07-08 13:35 - 2016-07-08 13:35 - 00000000 ____D C:\ProgramData\ESET
2016-07-08 13:35 - 2016-07-08 13:35 - 00000000 ____D C:\Program Files\ESET
2016-07-08 13:31 - 2016-07-08 13:31 - 03033760 _____ (ESET) C:\Users\Mas\Downloads\eset_smart_security_live_installer_.exe
2016-07-08 13:25 - 2016-07-08 13:28 - 90601672 _____ (ESET) C:\Users\Mas\Downloads\eav_nt32_enu.exe
2016-07-08 13:24 - 2016-07-08 13:24 - 00000000 ____D C:\Program Files (x86)\ESET
2016-07-08 13:13 - 2016-07-08 13:13 - 02870984 _____ (ESET) C:\Users\Mas\Downloads\esetsmartinstaller_deu.exe
2016-07-07 07:58 - 2016-07-07 07:58 - 00000000 ____D C:\ProgramData\firebird
2016-07-07 07:53 - 2016-07-07 07:53 - 00002086 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-07-07 07:53 - 2016-07-07 07:53 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-07-07 07:48 - 2016-07-07 07:48 - 00001468 _____ C:\Users\Public\Desktop\LibreOffice 5.1.lnk
2016-07-07 07:48 - 2016-07-07 07:48 - 00000000 ____D C:\Users\Mas\AppData\Roaming\LibreOffice
2016-07-07 07:48 - 2016-07-07 07:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1
2016-07-07 07:47 - 2016-07-07 07:48 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2016-07-07 07:09 - 2016-07-07 07:10 - 221675520 _____ C:\Users\Mas\Downloads\LibreOffice_5.1.4_Win_x86.msi
2016-06-29 13:56 - 2016-07-07 09:15 - 00111837 _____ C:\Users\Mas\Desktop\Rabattübertragungsformular.pdf
2016-06-25 08:28 - 2016-06-25 08:28 - 00000000 ____D C:\Users\Mas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-07-10 09:28 - 2015-06-23 09:17 - 00001216 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2856982752-327615534-2607958787-1001UA.job
2016-07-10 09:20 - 2009-07-14 06:45 - 00031312 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-10 09:20 - 2009-07-14 06:45 - 00031312 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-10 09:14 - 2013-04-13 22:35 - 00699666 _____ C:\windows\system32\perfh007.dat
2016-07-10 09:14 - 2013-04-13 22:35 - 00149774 _____ C:\windows\system32\perfc007.dat
2016-07-10 09:14 - 2009-07-14 07:13 - 01620612 _____ C:\windows\system32\PerfStringBackup.INI
2016-07-10 09:14 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-07-10 09:10 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-07-10 08:08 - 2016-01-28 01:57 - 00000324 _____ C:\windows\Tasks\HPCeeScheduleForMas.job
2016-07-10 07:50 - 2013-10-25 22:57 - 00003914 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{13949E6C-47E7-40B7-A8DC-8736CCF27255}
2016-07-10 04:28 - 2015-06-23 09:17 - 00001164 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2856982752-327615534-2607958787-1001Core.job
2016-07-10 00:27 - 2016-04-01 01:19 - 00003174 _____ C:\windows\System32\Tasks\HPCeeScheduleForMas
2016-07-09 15:45 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2016-07-09 14:02 - 2013-12-04 22:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-09 14:02 - 2013-11-03 09:46 - 00000000 ____D C:\Program Files (x86)\Avira
2016-07-09 14:02 - 2009-07-14 06:45 - 00414944 _____ C:\windows\system32\FNTCACHE.DAT
2016-07-09 13:57 - 2015-05-18 11:52 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-07-09 13:57 - 2015-05-18 11:52 - 00000000 ___SD C:\windows\system32\GWX
2016-07-09 13:57 - 2015-05-18 11:52 - 00000000 ___SD C:\windows\system32\CompatTel
2016-07-09 13:57 - 2015-05-18 11:52 - 00000000 ____D C:\windows\system32\appraiser
2016-07-09 13:57 - 2013-04-13 22:24 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-09 13:57 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2016-07-09 13:22 - 2014-06-15 21:33 - 00000000 ____D C:\windows\system32\MRT
2016-07-09 13:16 - 2014-06-15 21:33 - 142482544 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-07-09 12:37 - 2013-04-14 01:02 - 01594892 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2016-07-09 07:34 - 2014-04-10 12:21 - 00000000 ____D C:\Program Files (x86)\CdFd32
2016-07-08 15:21 - 2014-06-06 11:48 - 00000000 ___DC C:\temp
2016-07-08 12:19 - 2013-11-03 09:50 - 00000000 ____D C:\Users\Mas\AppData\Roaming\Avira
2016-07-08 12:19 - 2013-11-03 09:46 - 00000000 ____D C:\ProgramData\Avira
2016-07-08 12:19 - 2013-10-25 22:58 - 00098488 _____ C:\Users\Mas\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-08 12:18 - 2014-11-06 14:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-07 15:08 - 2014-10-31 18:28 - 00000000 ____D C:\Users\Mas\AppData\Local\CutePDF Writer
2016-07-04 00:11 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\NDF
2016-07-01 18:15 - 2014-11-19 19:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-07-01 18:14 - 2013-10-26 19:27 - 00000000 ____D C:\Users\Mas\AppData\Local\Thunderbird
2016-06-25 08:28 - 2014-02-13 16:34 - 00000000 ____D C:\Users\Mas\AppData\Roaming\Dropbox
2016-06-21 12:13 - 2010-11-21 05:27 - 00485032 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-04-10 12:20 - 2006-09-27 11:35 - 0839745 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, Bonn) C:\Program Files\ActiveMap35.ocx
2014-04-10 12:20 - 2010-03-06 17:43 - 0610304 ____N (Hoppenstedt Firmeninformationen GmbH) C:\Program Files\AxRegister.exe
2014-04-10 12:20 - 1996-06-10 16:24 - 0307200 ____N (Software FX, Inc.) C:\Program Files\Cfx32.ocx
2014-04-10 12:20 - 2004-05-04 10:53 - 1645320 ____N (Microsoft Corporation) C:\Program Files\gdiplus.dll
2014-04-10 12:20 - 2010-02-08 14:35 - 0600576 ____N (Bisnode Informatics GmbH & Gunnar Leitz 1999-2010) C:\Program Files\GHLck32.dll
2014-04-10 12:20 - 2010-03-15 17:17 - 0564736 ____N (Hoppenstedt Firmeninformationen) C:\Program Files\Ghret32.dll
2014-04-10 12:20 - 2012-02-10 19:27 - 5708948 _____ (Hoppenstedt Firmeninformationen GmbH) C:\Program Files\Hfdb32.exe
2014-04-10 12:20 - 2010-03-01 20:26 - 0000347 ____N () C:\Program Files\Hfdb32.exe.manifest
2014-04-10 12:20 - 2014-04-10 12:20 - 0002617 _____ () C:\Program Files\Hfdb32.ini
2014-04-10 12:20 - 2011-05-17 18:22 - 0233984 ____N (Bisnode Informatics & Gunnar Leitz) C:\Program Files\Hfdb_eng.dll
2014-04-10 12:20 - 2011-05-17 18:21 - 0255488 ____N (Bisnode Informatics & Gunnar Leitz) C:\Program Files\Hfdb_ger.dll
2014-04-10 12:20 - 2014-04-10 12:20 - 0001284 _____ () C:\Program Files\Hfinst.log
2014-04-10 12:20 - 2010-03-17 16:59 - 0004762 ____N () C:\Program Files\Liesmich.txt
2014-04-10 12:20 - 2005-11-28 16:02 - 0172099 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, BONN) C:\Program Files\LtGeometry10.dll
2014-04-10 12:20 - 1998-01-14 13:34 - 0126976 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, Bonn) C:\Program Files\Ltmapx32.ocx
2014-04-10 12:20 - 2002-07-02 14:00 - 0036864 ____N (Lutum+Tappert) C:\Program Files\LtPictureHolder.ocx
2014-04-10 12:20 - 2003-11-04 11:52 - 0086071 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, Bonn) C:\Program Files\Lttool32.dll
2014-04-10 12:20 - 2006-02-28 13:00 - 1028096 ____N (Microsoft Corporation) C:\Program Files\mfc42.dll
2014-04-10 12:20 - 2006-02-28 13:00 - 0343040 ____N (Microsoft Corporation) C:\Program Files\Msvcrt.dll
2014-04-10 12:20 - 2000-08-24 15:13 - 0334336 ____N () C:\Program Files\UiHlp32.exe
2014-04-10 12:19 - 2006-09-27 11:35 - 0839745 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, Bonn) C:\Program Files (x86)\ActiveMap35.ocx
2014-04-10 12:18 - 2010-03-06 17:43 - 0610304 ____N (Hoppenstedt Firmeninformationen GmbH) C:\Program Files (x86)\AxRegister.exe
2014-04-10 12:19 - 1996-06-10 16:24 - 0307200 ____N (Software FX, Inc.) C:\Program Files (x86)\Cfx32.ocx
2014-04-10 12:18 - 2004-05-04 10:53 - 1645320 ____N (Microsoft Corporation) C:\Program Files (x86)\gdiplus.dll
2014-04-10 12:18 - 2010-02-08 14:35 - 0600576 ____N (Bisnode Informatics GmbH & Gunnar Leitz 1999-2010) C:\Program Files (x86)\GHLck32.dll
2014-04-10 12:18 - 2010-03-15 17:17 - 0564736 ____N (Hoppenstedt Firmeninformationen) C:\Program Files (x86)\Ghret32.dll
2014-04-10 12:18 - 2012-02-10 19:27 - 5708948 _____ (Hoppenstedt Firmeninformationen GmbH) C:\Program Files (x86)\Hfdb32.exe
2014-04-10 12:18 - 2010-03-01 20:26 - 0000347 ____N () C:\Program Files (x86)\Hfdb32.exe.manifest
2014-04-10 12:18 - 2014-04-10 12:19 - 0002677 _____ () C:\Program Files (x86)\Hfdb32.ini
2014-04-10 12:18 - 2011-05-17 18:22 - 0233984 ____N (Bisnode Informatics & Gunnar Leitz) C:\Program Files (x86)\Hfdb_eng.dll
2014-04-10 12:18 - 2011-05-17 18:21 - 0255488 ____N (Bisnode Informatics & Gunnar Leitz) C:\Program Files (x86)\Hfdb_ger.dll
2014-04-10 12:18 - 2014-04-10 12:19 - 0002509 _____ () C:\Program Files (x86)\Hfinst.log
2014-04-10 12:18 - 2010-03-17 16:59 - 0004762 ____N () C:\Program Files (x86)\Liesmich.txt
2014-04-10 12:18 - 2005-11-28 16:02 - 0172099 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, BONN) C:\Program Files (x86)\LtGeometry10.dll
2014-04-10 12:19 - 1998-01-14 13:34 - 0126976 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, Bonn) C:\Program Files (x86)\Ltmapx32.ocx
2014-04-10 12:19 - 2002-07-02 14:00 - 0036864 ____N (Lutum+Tappert) C:\Program Files (x86)\LtPictureHolder.ocx
2014-04-10 12:18 - 2003-11-04 11:52 - 0086071 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, Bonn) C:\Program Files (x86)\Lttool32.dll
2014-04-10 12:18 - 2006-02-28 13:00 - 1028096 ____N (Microsoft Corporation) C:\Program Files (x86)\mfc42.dll
2014-04-10 12:18 - 2006-02-28 13:00 - 0343040 ____N (Microsoft Corporation) C:\Program Files (x86)\Msvcrt.dll
2014-04-10 12:18 - 2000-08-24 15:13 - 0334336 ____N () C:\Program Files (x86)\UiHlp32.exe
2013-12-01 11:49 - 2015-11-24 13:47 - 0006349 _____ () C:\ProgramData\hpzinstall.log
Einige Dateien in TEMP:
====================
C:\Users\Mas\AppData\Local\Temp\avgnt.exe
C:\Users\Mas\AppData\Local\Temp\converter.exe
C:\Users\Mas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp589slj.dll
C:\Users\Mas\AppData\Local\Temp\FileSystemView.dll
C:\Users\Mas\AppData\Local\Temp\Java7.exe
C:\Users\Mas\AppData\Local\Temp\libeay32.dll
C:\Users\Mas\AppData\Local\Temp\msvcr120.dll
C:\Users\Mas\AppData\Local\Temp\Setup.exe
C:\Users\Mas\AppData\Local\Temp\sqlite3.dll
C:\Users\Mas\AppData\Local\Temp\uninstall.exe
C:\Users\Mas\AppData\Local\Temp\vlc-2.1.5-win64.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-07-09 00:41
==================== Ende von FRST.txt ============================
|
|
10.07.2016, 08:41
| #10 |
| | Frühjahrsputz ? ! ... und die addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-07-2016
durchgeführt von Mas (2016-07-10 09:37:27)
Gestartet von C:\Users\Mas\Desktop
Windows 7 Professional Service Pack 1 (X64) (2013-10-25 20:52:59)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2856982752-327615534-2607958787-500 - Administrator - Disabled)
Gast (S-1-5-21-2856982752-327615534-2607958787-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2856982752-327615534-2607958787-1003 - Limited - Enabled)
Mas (S-1-5-21-2856982752-327615534-2607958787-1001 - Administrator - Enabled) => C:\Users\Mas
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: ESET Smart Security 9.0.381.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.381.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 18.2.4 - Hewlett-Packard) Hidden
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
ActiveTrader Deutschland (HKLM-x32\...\{0DE75F32-3E22-42F7-B6CD-5A6644581F4E}) (Version: 6.0.1 - Cortal Consors)
ActiveTrader Deutschland (HKLM-x32\...\{4B505F84-DB93-4C85-A8FE-AF8A55904F42}) (Version: 7.1.0 - Consorsbank)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.2.202.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.15) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.15 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.28.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.28.0 - Alcor Micro Corp.) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2300 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: - Broadcom Corporation)
BufferChm (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.2106 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3317 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2321 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2531 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.5101 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.1.3423 - CyberLink Corp.)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 7.1.2.0 - Hewlett-Packard Company)
DeviceDiscovery (x32 Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Drive Encryption For HP ProtectTools (HKLM\...\{27F1E086-5691-4EB8-8BA1-5CBA87D67EB5}) (Version: 7.0.28.30376 - Hewlett-Packard Company)
Dropbox (HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\Dropbox) (Version: 5.4.24 - Dropbox, Inc.)
Embedded Security for HP ProtectTools (HKLM\...\{43BE25B8-E69F-42CF-9414-7DDCF891629B}) (Version: 7.0.000.2882 - Hewlett-Packard Company)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESET Smart Security (HKLM\...\{64D5DBAE-3C56-4FBE-9A2F-44C63FA13BAF}) (Version: 9.0.381.1 - ESET, spol. s r.o.)
Face Recognition for HP ProtectTools (HKLM\...\Face Recognition for HP ProtectTools) (Version: 7.2.2.4549 - Hewlett-Packard Company)
Face Recognition for HP ProtectTools (Version: 7.2.2.4549 - Hewlett-Packard Company) Hidden
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 7.0.0.5 - Hewlett-Packard Company)
Formularpraxis - Verlag Dr. Otto Schmidt (HKLM-x32\...\{8AA8F0D7-30A6-4515-8839-4A6F60173519}) (Version: - )
Free DWG Viewer 7.2 (HKLM-x32\...\{90751489-B709-4D2F-8634-FEE00BFEC41A}) (Version: 7.2.0.77 - IGC)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Hoppenstedt Auskunfts-CD Firmendatenbank (HKLM-x32\...\{31FC28E2-D8F9-411E-A2F5-71AC76C0C79C}) (Version: 1.00.0010 - )
HP 3D DriveGuard (HKLM\...\{C0C9A493-51CB-4F3F-A296-5B5E410C338E}) (Version: 5.0.9.0 - Hewlett-Packard Company)
HP Color LaserJet CM2320 MFP Series 3.1 (HKLM\...\{ECF3E482-9188-4e29-9C31-E02FD8DC74C0}) (Version: 3.1 - HP)
HP Connection Manager (HKLM-x32\...\{F5AEB2E2-F856-448F-8C32-46CA5C6149FE}) (Version: 4.5.27.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{C65D5947-5FAF-499E-859F-75C3852D84B0}) (Version: 1.1.1.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{840021F2-FFC0-467A-BF85-29B8B7803717}) (Version: 2.0.8.1 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.16 - SunplusIT)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.6.11.2 - Hewlett-Packard Company)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HP Power Assistant (HKLM\...\{84642787-58C0-44AE-8B26-E2F544E380A1}) (Version: 2.5.0.16 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 7.0.0.1177 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{223AE3E8-4445-410F-8EDA-13EC137E3BDB}) (Version: 3.4.3.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.4.18.7 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{C4E9E8A4-EEC4-4F9E-B140-520A8B75F430}) (Version: 2.4.1.2 - Hewlett-Packard Company)
hppCLJCM2320 (x32 Version: 003.001.00097 - Hewlett-Packard) Hidden
hppFaxDrvCM2320 (x32 Version: 003.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM2320 (x32 Version: 003.001.00095 - Ihr Firmenname) Hidden
hppFonts (x32 Version: 001.001.00061 - Hewlett-Packard) Hidden
hppManualsCM2320 (x32 Version: 003.001.00087 - Ihr Firmenname) Hidden
hppQFolderCM2320 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
hppScanToCM2320 (x32 Version: 003.001.00090 - Ihr Firmenname) Hidden
hppSendFaxCM2320 (x32 Version: 003.000.00001 - Ihr Firmenname) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6392.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 17.3 - Intel)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.76.1 - JMicron Technology Corp.)
Lexware buchhalter 2013 (HKLM-x32\...\{6AB4E5CD-0062-48E8-96A3-E5B4486DFCB3}) (Version: 18.00.00.0090 - Haufe-Lexware GmbH & Co.KG)
Lexware Elster (HKLM-x32\...\{9F6BFB0F-6B1F-4D1A-A9DA-42F6794C9188}) (Version: 13.00.00.0027 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (HKLM-x32\...\{85BF9FDB-BD5B-407C-9CAE-3542E5164783}) (Version: 4.00.00.0075 - Haufe-Lexware GmbH & Co.KG)
LibreOffice 5.1.4.2 (HKLM-x32\...\{D5D4AC5C-C757-4EB2-857C-B021DB22482C}) (Version: 5.1.4.2 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
Mozilla Thunderbird 31.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.2.0 (x86 de)) (Version: 31.2.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.7 - F.J. Wechselberger)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Prezi Desktop (HKLM-x32\...\{cdd36780-8433-41ca-bab4-c224e2c4f95c}) (Version: 6.13.0.0 - Prezi)
Prezi Desktop (x32 Version: 6.13.0.0 - Prezi) Hidden
Privacy Manager for HP ProtectTools (HKLM\...\{CA2F6FAD-D8CD-42C1-B04D-6E5B1B1CFDCC}) (Version: 7.0.0.865 - Hewlett-Packard Company)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_5 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_5 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
SDK (x32 Version: 2.30.042 - Portrait Displays, Inc.) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
TAXMAN 2013 (HKLM-x32\...\{F289D934-2224-473B-B57E-0040D2693F83}) (Version: 19.06.00.0003 - Haufe-Lexware GmbH & Co.KG)
TAXMAN 2014 (HKLM-x32\...\{4A1C559D-38F6-49CF-BDA5-CF354FFE04E4}) (Version: 20.04.00.0003 - Haufe-Lexware GmbH & Co.KG)
TAXMAN 2015 (HKLM-x32\...\{5613CAD3-71ED-4207-95A0-1BA0BF465E38}) (Version: 20.35.162 - Haufe-Lexware GmbH & Co.KG)
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.0.10 - Hewlett-Packard Company)
Theft Recovery for HP ProtectTools (x32 Version: 7.0.0.10 - Hewlett-Packard Company) Hidden
TrayApp (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Validity Fingerprint Sensor Driver (HKLM\...\{93581599-ECF1-4DCD-BE36-BD969A6C8DB5}) (Version: 4.4.213.0 - Validity Sensors, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CF}) (Version: 15.0.10039 - WinZip Computing, S.L. )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {091F8B2D-CA30-4072-9DBB-1A1F98A3F98F} - System32\Tasks\HPCeeScheduleForMas => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {0A773406-9C08-4B30-BABC-DA3855FB7188} - System32\Tasks\{C7BC0C70-5BE9-45FE-8BB9-44C25FCDBCB2} => pcalua.exe -a F:\setup.exe -d F:\
Task: {0FEBB2FD-FCC9-4C91-B3C3-9A78C5892743} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2856982752-327615534-2607958787-1001Core => C:\Users\Mas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-23] (Dropbox, Inc.)
Task: {2965738B-02A5-440D-B92E-33F05B955B95} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2856982752-327615534-2607958787-1001UA => C:\Users\Mas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-23] (Dropbox, Inc.)
Task: {2EF6DC91-AB44-464D-A2E7-D2C71F273DA7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-10] (Hewlett-Packard Company)
Task: {3AA0548D-03EA-4625-B761-C17F664719D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {5E9CCE08-C28F-407A-B47D-59D55D5C47B0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-10] (Hewlett-Packard Company)
Task: {5F756987-7843-4CF7-87EB-9DF184777BFC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [2011-09-10] (Hewlett-Packard Company)
Task: {800029E7-855E-4645-A0EE-4C543AF0F93C} - System32\Tasks\{BDD60054-A66C-46A3-AB8E-7F89E4DB1CC4} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {AA5FAC01-3DCB-4FA0-85EA-053A509C6805} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-10] (Hewlett-Packard Company)
Task: {AF811964-1A10-43DD-B49D-C787CE9BC4C7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {B5270B58-B9F1-44B6-8DDC-DA22861D9C70} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {E0144AFC-D788-41A8-924F-6BA66DEF3A75} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-23] (Hewlett-Packard Company)
Task: {FF689E8E-6A65-4E8A-9A39-0605C9870D78} - System32\Tasks\{76837DD5-14C5-4059-BCE5-BD01C0037D44} => pcalua.exe -a C:\Users\Mas\Downloads\AVM_FRITZ_WLAN_Repeater_310_Assistent.exe -d C:\Users\Mas\Downloads
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2856982752-327615534-2607958787-1001Core.job => C:\Users\Mas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2856982752-327615534-2607958787-1001UA.job => C:\Users\Mas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForMas.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Public\Desktop\LibreOffice 5.1.lnk -> hxxp://www.documentfoundation.org (Keine Datei)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-10-31 18:27 - 2013-10-23 16:24 - 00087600 _____ () C:\windows\System32\cpwmon64.dll
2012-02-10 23:26 - 2012-02-10 23:26 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2013-10-07 11:50 - 2012-03-28 19:38 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [118]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: 70e6ca8c => 2
MSCONFIG\Services: AAV UpdateService => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Avira.ServiceHost => 2
MSCONFIG\Services: DpHost => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: IFXSpMgtSrv => 2
MSCONFIG\Services: IFXTCS => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McAfee Endpoint Encryption Agent => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: pdfcDispatcher => 2
MSCONFIG\Services: PersonalSecureDriveService => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: vcsFPService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Mas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: AccessSecureData => C:\Users\Mas\AppData\Local\Temp\{76C65A89-20BC-417C-93C6-512BC1A37786}\AccessSecureData.exe
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe
MSCONFIG\startupreg: CLMLServer_For_P2G8 => "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
MSCONFIG\startupreg: CLVirtualDrive => "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Mas\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: HotKeysCmds => C:\windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IFXSPMGT => "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
MSCONFIG\startupreg: IgfxTray => C:\windows\system32\igfxtray.exe
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LexwareInfoService => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe /autostart
MSCONFIG\startupreg: MfeEpePcMonitor => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: Persistence => C:\windows\system32\igfxpers.exe
MSCONFIG\startupreg: RemoteControl10 => "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Java\jre7\bin\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: YouCam Mirage => "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{08762CC0-6797-46DE-BC99-270CFB4E6DF8}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{5685469D-F351-4C3B-99DA-E9F75879F810}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{5CC97787-F726-4191-9D83-8606756D5960}] => (Allow) C:\Users\Mas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{44AD7AB6-866E-4A32-AF5F-FCCA5788BCD3}] => (Allow) C:\Users\Mas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{DF6DF202-F35E-4343-91CA-A2900A388AB6}C:\users\mas\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{E8BEEA45-0D9F-44C5-8799-9444874FF1B1}C:\users\mas\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{F51CDEA1-AFC2-4A36-8E4B-EF3A1AE065B2}C:\users\mas\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe] => (Allow) C:\users\mas\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [UDP Query User{DD710277-F378-45DD-808D-4605AE9D739D}C:\users\mas\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe] => (Allow) C:\users\mas\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [{4BC21A0C-4974-4EB7-95FD-CAF208100553}] => (Block) C:\users\mas\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [{DC3E36CE-6CBA-4CD2-AE19-C00C37A0966A}] => (Block) C:\users\mas\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [TCP Query User{9A44B86B-54A2-420E-81BF-36D77BFFC053}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{8EE0A58A-4BFA-4D3B-8438-6285D7B99BC2}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{7FE89021-4F43-4660-B542-9DFFF7A90D0C}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS241B\HPDiagnosticCoreUI.exe
FirewallRules: [{2719F3E8-DA90-44B5-B610-3F6861FE888E}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS241B\HPDiagnosticCoreUI.exe
FirewallRules: [{1E0376CA-E646-4E74-904E-C6EF805200BB}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS7933\HPDiagnosticCoreUI.exe
FirewallRules: [{7EEAB372-D80E-47EB-8D67-39CACDCF93D7}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS7933\HPDiagnosticCoreUI.exe
FirewallRules: [{C6971E9B-207A-4E17-8D91-DFCF428A144B}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS55EE\HPDiagnosticCoreUI.exe
FirewallRules: [{35CEF966-610E-4347-A20C-4F366988F03B}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS55EE\HPDiagnosticCoreUI.exe
FirewallRules: [{3672BAC1-D29C-416A-8FF8-0B84ED1D38D2}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS46CE\HPDiagnosticCoreUI.exe
FirewallRules: [{E04B3A70-ACA8-4666-9DB1-F0D1A23E642B}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS46CE\HPDiagnosticCoreUI.exe
FirewallRules: [{01D10076-6379-49E5-A651-22DBC25E7425}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS1BE5\HPDiagnosticCoreUI.exe
FirewallRules: [{F9CDAB3F-A976-4DAB-8D25-B6F67DECB265}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS1BE5\HPDiagnosticCoreUI.exe
FirewallRules: [{F894C3CB-A90C-4A81-AB8D-AADA077992F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{46656325-0BF2-4495-B190-A49EF8D73346}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
07-07-2016 07:12:52 Installed LibreOffice 5.1.4.2
07-07-2016 07:46:58 Installed LibreOffice 5.1.4.2
08-07-2016 12:23:24 Removed Vodafone Mobile Connect Lite.
09-07-2016 12:23:19 Windows Update
09-07-2016 14:38:26 Windows Update
10-07-2016 09:28:50 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/10/2016 09:10:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2016 08:09:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2016 03:21:51 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (07/09/2016 05:22:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2016 02:07:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2016 02:05:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2016 02:03:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2016 01:46:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 43.0.1.5828, Zeitstempel: 0x56723a12
Name des fehlerhaften Moduls: NPSWF32_20_0_0_267.dll, Version: 20.0.0.267, Zeitstempel: 0x567b2f55
Ausnahmecode: 0x80000003
Fehleroffset: 0x00387acd
ID des fehlerhaften Prozesses: 0x1d2c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (07/09/2016 01:09:28 PM) (Source: MsiInstaller) (EventID: 11935) (User: Mas-HP)
Description: Product: MSXML 4.0 SP2 (KB973688) -- Error 1935. An error occured during the installation of assembly component {7B2B4EA5-1028-B7E6-A06B-D6B9ABF34537}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9876.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86"
Error: (07/09/2016 01:03:32 PM) (Source: MsiInstaller) (EventID: 11935) (User: Mas-HP)
Description: Product: MSXML 4.0 SP2 (KB954430) -- Error 1935. An error occured during the installation of assembly component {7B30B69B-0E6C-B7E0-A06B-D6B9ABF34537}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9870.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86"
Systemfehler:
=============
Error: (07/10/2016 09:12:14 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SpfdBus
Error: (07/10/2016 09:12:13 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.
Error: (07/10/2016 09:09:33 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (07/10/2016 08:10:32 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SpfdBus
Error: (07/10/2016 08:10:32 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.
Error: (07/10/2016 08:08:03 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\bcmihvsrv64.dll
Error: (07/10/2016 08:08:03 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\bcmihvsrv64.dll
Error: (07/10/2016 08:07:57 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\bcmihvsrv64.dll
Error: (07/10/2016 08:07:24 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056 = Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (07/10/2016 08:06:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 52%
Installierter physikalischer RAM: 3975.55 MB
Verfügbarer physikalischer RAM: 1876.63 MB
Summe virtueller Speicher: 7949.29 MB
Verfügbarer virtueller Speicher: 5566.95 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:222.67 GB) (Free:87.31 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Daten) (Fixed) (Total:223.1 GB) (Free:216.57 GB) NTFS
Drive f: (CDFD32) (CDROM) (Total:0.61 GB) (Free:0 GB) UDF
Drive g: (HP_RECOVERY) (Fixed) (Total:19.7 GB) (Free:3.02 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive h: () (Removable) (Total:0.94 GB) (Free:0.91 GB) FAT
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 50318F85)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=223.1 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 960 MB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
 |
|
10.07.2016, 09:45
| #11 |
| /// TB-Ausbilder | Frühjahrsputz ? ! Servus, sehr gut gemacht.  Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [118]
CMD: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\70e6ca8c" /f
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
10.07.2016, 10:35
| #12 |
| | Frühjahrsputz ? ! Hier fixlog.txt: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-07-2016
durchgeführt von Mas (2016-07-10 11:23:25) Run:1
Gestartet von C:\Users\Mas\Desktop
Geladene Profile: Mas (Verfügbare Profile: Mas)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [118]
CMD: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\70e6ca8c" /f
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozess erfolgreich geschlossen.
C:\ProgramData\Temp => ":373E1720" ADS erfolgreich entfernt.
========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\70e6ca8c" /f =========
Der Vorgang wurde erfolgreich beendet.
========= Ende von CMD: =========
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl�sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12599490 B
Java, Flash, Steam htmlcache => 145117 B
Windows/system/drivers => 86407645 B
Edge => 0 B
Chrome => 0 B
Firefox => 349981036 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 100957 B
systemprofile32 => 98728 B
LocalService => 0 B
NetworkService => 37398 B
Mas => 7041553773 B
RecycleBin => 538913255 B
EmptyTemp: => 7.5 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 11:24:50 ====
Code:
ATTFilter Farbar Recovery Scan Tool (x64) Version: 09-07-2016
durchgeführt von Mas (2016-07-10 11:33:09)
Gestartet von C:\Users\Mas\Desktop
Start-Modus: Normal
================== Registry-Suche: "DriverWhiz;FileOpener;VideoPlayer;jfilemanager;DealPly;distromatic;File Opener Packages;iLivid;Optimizer Pro;IePluginServices;Wajam" ===========
===================== Suchergebnis für "DriverWhiz" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\MostRecentApplication]
"Name"="DriverWhiz.exe"
[HKEY_USERS\S-1-5-21-2856982752-327615534-2607958787-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"C:\Users\Mas\Downloads\Driverwhiz.exe"="1"
===================== Suchergebnis für "FileOpener" ==========
[HKEY_USERS\S-1-5-21-2856982752-327615534-2607958787-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"C:\Users\Mas\Downloads\FileOpenerSetup.exe"="1"
===================== Suchergebnis für "VideoPlayer" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\VideoPlayer\"=""
===================== Suchergebnis für "iLivid" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.torrent]
"iLivid.torrent_backup"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Magnet]
""="iLivid.torrent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Magnet\shell\open\command]
""=""C:\Users\Mas\AppData\Local\iLivid\iLivid.exe" "%1""
[HKEY_USERS\S-1-5-21-2856982752-327615534-2607958787-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent]
""="iLivid.torrent"
[HKEY_USERS\S-1-5-21-2856982752-327615534-2607958787-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent\UserChoice]
"Progid"="iLivid.torrent"
[HKEY_USERS\S-1-5-21-2856982752-327615534-2607958787-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Users\Mas\AppData\Local\iLivid]
[HKEY_USERS\S-1-5-21-2856982752-327615534-2607958787-1001\Software\Classes\.torrent]
"iLivid.torrent_backup"=""
[HKEY_USERS\S-1-5-21-2856982752-327615534-2607958787-1001\Software\Classes\Magnet]
""="iLivid.torrent"
[HKEY_USERS\S-1-5-21-2856982752-327615534-2607958787-1001\Software\Classes\Magnet\shell\open\command]
""=""C:\Users\Mas\AppData\Local\iLivid\iLivid.exe" "%1""
[HKEY_USERS\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\.torrent]
""="iLivid.torrent"
[HKEY_USERS\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\Magnet\DefaultIcon]
""=""C:\Users\Mas\AppData\Local\iLivid\iLivid.exe",0"
====== Ende von Suche ======
|
|
10.07.2016, 10:41
| #13 |
| /// TB-Ausbilder | Frühjahrsputz ? ! Fehlen noch die beiden neuen Logdateien von FRST. |
|
10.07.2016, 10:46
| #14 |
| | Frühjahrsputz ? ! Und hier die beiden FRST-Dateien: frst.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-07-2016
durchgeführt von Mas (Administrator) auf MAS-HP (10-07-2016 11:34:47)
Gestartet von C:\Users\Mas\Desktop
Geladene Profile: Mas (Verfügbare Profile: Mas)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Dropbox, Inc.) C:\Users\Mas\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-03-05] (IDT, Inc.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [HP Color LaserJet CM2320 MFP Series Fax] => C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-06-01] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [334240 2012-09-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12310616 2012-03-22] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.8.0_91\bin\jusched.exe"
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: E - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: I - I:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {05f6733d-44a6-11e3-a35e-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {05f67348-44a6-11e3-a35e-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {05f673d0-44a6-11e3-a35e-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {44c7bea2-6562-11e3-b574-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {44c7bea4-6562-11e3-b574-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {450e1c20-c110-11e5-8c8e-2c44fd692798} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {6937a26d-45bd-11e3-88f5-70188b893308} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {88f79f1d-5b1c-11e3-b5c8-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {88f79f1f-5b1c-11e3-b5c8-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {88f79f77-5b1c-11e3-b5c8-0c84dce3889c} - E:\setup.exe
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\MountPoints2: {bd336851-00a4-11e4-9f7f-2c44fd692798} - H:\setup.exe
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-11-24]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Mas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-25]
ShortcutTarget: Dropbox.lnk -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9EB9DEE5-35FA-454D-AF55-7F07AF53ECF4}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2856982752-327615534-2607958787-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-22] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-26] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default
FF DefaultSearchEngine: Google Images
FF SelectedSearchEngine: Google Images
FF Homepage: hxxps://de.nachrichten.yahoo.com/
FF Keyword.URL: hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0835c2e9-9075-6cb0-a41d-a136f1e4a0ce&searchtype=ds&installDate=02/11/2013&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-06] ()
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-02-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2856982752-327615534-2607958787-1001: @www.flatcast.com/FlatViewer 5.2 -> C:\Users\Mas\AppData\Roaming\Mozilla\Plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-02-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mas\AppData\Roaming\mozilla\plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH)
FF Extension: Download Tab - C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\extensions\{a949831f-d9c0-45ae-8c60-91c2a86fbfb6}.xpi [2016-06-19]
FF Extension: Avira Browser Safety - C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\Extensions\abs@avira.com [2014-11-06] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-16]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-10-07] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\addon => nicht gefunden
FF HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Mas\AppData\Roaming\Mozilla\Firefox\Profiles\cvlvrze3.default\extensions\cliqz@cliqz.com => nicht gefunden
Chrome:
=======
CHR Profile: C:\Users\Mas\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 AAV UpdateService; C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S4 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [493904 2012-03-15] (DigitalPersona, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2519904 2016-04-13] (ESET)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477056 2012-11-19] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [523680 2012-09-13] (Hewlett-Packard Company)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
S4 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1127800 2012-01-27] (Infineon Technologies AG)
S4 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [984440 2012-01-27] (Infineon Technologies AG)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-28] ()
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-28] (Intel Corporation)
S4 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2012-03-22] () [Datei ist nicht signiert]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2014-11-17] (Hewlett-Packard) [Datei ist nicht signiert]
S4 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [212344 2012-01-27] (Infineon Technologies AG)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2014-11-17] (Hewlett-Packard) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5858304 2013-10-07] (Broadcom Corporation) [Datei ist nicht signiert]
S2 VMCService; "C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64832 2012-11-09] (Hewlett-Packard Company)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-05-12] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2016-05-12] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [142976 2016-05-12] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [198096 2016-05-12] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [53384 2016-05-12] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [84800 2016-05-12] (ESET)
R3 HPEWSFXBULK; C:\Windows\System32\drivers\hpfx64bulk.sys [29240 2015-10-28] (Hewlett Packard)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-07-16] (JMicron Technology Corp.)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [93640 2012-03-22] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158792 2012-03-22] (McAfee, Inc.)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
S3 pwdrvio; C:\windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 Spfd; C:\Windows\System32\DRIVERS\Spfd.sys [11336 2014-11-21] (Safend Ltd.)
S0 SpfdBus; C:\Windows\System32\DRIVERS\SpfdBus.sys [11336 2014-11-21] (Safend Ltd.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1064184 2012-09-23] (Sunplus)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-07-10 11:33 - 2016-07-10 11:33 - 00002768 _____ C:\Users\Mas\Desktop\Search.txt
2016-07-10 11:23 - 2016-07-10 11:24 - 00002555 _____ C:\Users\Mas\Desktop\Fixlog.txt
2016-07-10 09:36 - 2016-07-10 09:36 - 00000000 ____D C:\Users\Mas\Desktop\FRST-OlderVersion
2016-07-10 09:31 - 2016-07-10 09:31 - 00004422 _____ C:\Users\Mas\Desktop\JRT.txt
2016-07-10 09:28 - 2016-07-10 09:28 - 01610560 _____ (Malwarebytes) C:\Users\Mas\Desktop\JRT.exe
2016-07-10 09:26 - 2016-07-10 09:26 - 00030157 _____ C:\Users\Mas\Desktop\mbam.txt
2016-07-10 08:14 - 2016-07-10 09:24 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-10 08:13 - 2016-07-10 08:13 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-07-10 08:13 - 2016-07-10 08:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-07-10 08:13 - 2016-07-10 08:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-10 08:13 - 2016-07-10 08:13 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-07-10 08:13 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-07-10 08:13 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-07-10 08:13 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-07-10 08:12 - 2016-07-10 08:12 - 22851472 _____ (Malwarebytes ) C:\Users\Mas\Desktop\mbam-setup-2.2.1.1043.exe
2016-07-10 08:01 - 2016-07-10 08:06 - 00000000 ___DC C:\AdwCleaner
2016-07-10 08:00 - 2016-07-10 08:00 - 03712064 _____ C:\Users\Mas\Desktop\AdwCleaner_5.201.exe
2016-07-09 14:43 - 2016-07-09 14:43 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2016-07-09 13:37 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-07-09 13:37 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-07-09 12:25 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2016-07-09 12:25 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2016-07-09 12:25 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2016-07-09 12:25 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2016-07-09 12:25 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2016-07-09 12:25 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2016-07-09 12:25 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2016-07-09 12:25 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2016-07-09 12:22 - 2016-05-12 16:58 - 00464896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-07-09 12:22 - 2016-05-12 16:58 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2016-07-09 12:22 - 2016-05-12 16:58 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2016-07-09 12:22 - 2016-01-22 08:18 - 00961024 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2016-07-09 12:22 - 2016-01-22 08:18 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll
2016-07-09 12:22 - 2016-01-22 08:04 - 00642048 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2016-07-09 12:22 - 2016-01-22 08:04 - 00535040 _____ (Microsoft Corporation) C:\windows\SysWOW64\EncDec.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00994760 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00922432 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-07-09 12:22 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-07-09 12:21 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-07-09 12:21 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-07-09 12:21 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-07-09 12:21 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-07-09 12:21 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-07-09 12:20 - 2016-05-17 01:22 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-07-09 12:20 - 2016-05-17 01:19 - 05546216 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-07-09 12:20 - 2016-05-17 01:19 - 00706280 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-07-09 12:20 - 2016-05-17 01:19 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-07-09 12:20 - 2016-05-17 01:19 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-07-09 12:20 - 2016-05-17 01:18 - 03998952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-07-09 12:20 - 2016-05-17 01:18 - 03943144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-07-09 12:20 - 2016-05-17 01:17 - 01732888 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-07-09 12:20 - 2016-05-17 01:16 - 01314136 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-07-09 12:20 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-07-09 12:20 - 2016-05-16 23:23 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-07-09 12:20 - 2016-05-16 23:23 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-07-09 12:20 - 2016-05-16 23:23 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-07-09 12:20 - 2016-05-16 23:23 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-07-09 12:20 - 2016-05-16 23:19 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-07-09 12:20 - 2016-05-16 23:19 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-07-09 12:20 - 2016-05-16 23:16 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-07-09 12:20 - 2016-05-16 23:15 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-07-09 12:20 - 2016-05-16 23:15 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-07-09 12:20 - 2016-05-16 23:14 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-07-09 12:20 - 2016-05-16 23:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-07-09 12:20 - 2016-05-16 23:14 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-07-09 12:20 - 2016-05-16 23:10 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-07-09 12:20 - 2016-05-16 23:10 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-07-09 12:20 - 2016-05-16 23:10 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-07-09 12:20 - 2016-05-16 23:10 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-07-09 12:20 - 2016-05-16 23:09 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-07-09 12:20 - 2016-05-16 23:09 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-07-09 12:20 - 2016-05-16 23:09 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-09 12:20 - 2016-05-16 23:09 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-07-09 12:20 - 2016-05-16 23:09 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-07-09 12:20 - 2016-05-14 00:09 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2016-07-09 12:20 - 2016-05-14 00:09 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2016-07-09 12:20 - 2016-05-14 00:09 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2016-07-09 12:20 - 2016-05-14 00:07 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2016-07-09 12:20 - 2016-05-13 23:55 - 02607104 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-07-09 12:20 - 2016-05-13 23:53 - 00709120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-07-09 12:20 - 2016-05-13 23:53 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2016-07-09 12:20 - 2016-05-13 23:52 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-07-09 12:20 - 2016-05-13 23:52 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2016-07-09 12:20 - 2016-05-13 23:52 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2016-07-09 12:20 - 2016-05-13 23:52 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2016-07-09 12:20 - 2016-05-13 23:50 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2016-07-09 12:20 - 2016-05-13 23:38 - 00573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2016-07-09 12:20 - 2016-05-13 23:38 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2016-07-09 12:20 - 2016-05-13 23:38 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2016-07-09 12:20 - 2016-05-13 23:38 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2016-07-09 12:20 - 2016-05-12 19:14 - 00862208 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2016-07-09 12:20 - 2016-05-12 19:14 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2016-07-09 12:20 - 2016-05-12 17:18 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2016-07-09 12:20 - 2016-05-12 17:18 - 00090624 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
2016-07-09 12:20 - 2016-05-12 17:18 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\asycfilt.dll
2016-07-09 12:20 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-07-09 12:20 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2016-07-09 12:20 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2016-07-09 12:20 - 2016-05-04 19:21 - 00114408 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2016-07-09 12:20 - 2016-05-04 19:17 - 03244032 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-07-09 12:20 - 2016-05-04 19:17 - 02365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-07-09 12:20 - 2016-05-04 19:17 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-07-09 12:20 - 2016-05-04 19:17 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2016-07-09 12:20 - 2016-05-04 19:17 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2016-07-09 12:20 - 2016-05-04 19:17 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2016-07-09 12:20 - 2016-05-04 19:17 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2016-07-09 12:20 - 2016-05-04 19:16 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-07-09 12:20 - 2016-05-04 19:16 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2016-07-09 12:20 - 2016-05-04 17:04 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2016-07-09 12:20 - 2016-05-04 16:55 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2016-07-09 12:20 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2016-07-09 12:20 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2016-07-09 12:20 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2016-07-09 12:19 - 2015-08-05 19:56 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\icaapi.dll
2016-07-09 12:19 - 2015-08-05 19:06 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2016-07-09 12:19 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2016-07-09 12:19 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2016-07-09 12:19 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2016-07-09 12:19 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2016-07-09 12:19 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2016-07-09 12:19 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2016-07-09 12:19 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2016-07-09 12:19 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2016-07-09 12:19 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2016-07-09 12:19 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2016-07-09 12:19 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2016-07-09 12:19 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2016-07-09 12:18 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2016-07-09 12:18 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2016-07-09 12:18 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2016-07-09 12:18 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2016-07-09 12:17 - 2016-02-05 21:03 - 00147904 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2016-07-09 12:17 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\tbs.dll
2016-07-09 12:17 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2016-07-09 12:17 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tbs.dll
2016-07-09 12:17 - 2015-12-16 20:55 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\nlsbres.dll
2016-07-09 12:17 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\kbdgeoqw.dll
2016-07-09 12:17 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZEL.DLL
2016-07-09 12:17 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZE.DLL
2016-07-09 12:17 - 2015-12-16 20:48 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZE.DLL
2016-07-09 12:17 - 2015-12-16 20:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\kbdgeoqw.dll
2016-07-09 12:17 - 2015-12-16 20:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZEL.DLL
2016-07-09 12:17 - 2015-12-16 20:47 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlsbres.dll
2016-07-09 12:17 - 2015-12-16 16:38 - 00419928 _____ C:\windows\SysWOW64\locale.nls
2016-07-09 12:17 - 2015-12-16 16:37 - 00419928 _____ C:\windows\system32\locale.nls
2016-07-09 12:17 - 2015-11-10 20:55 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2016-07-09 12:17 - 2015-11-10 20:55 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2016-07-09 12:17 - 2015-11-10 20:55 - 01008640 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2016-07-09 12:17 - 2015-11-10 20:39 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2016-07-09 12:17 - 2015-11-10 20:37 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2016-07-09 12:17 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2016-07-09 12:16 - 2016-06-26 02:35 - 00041704 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-07-09 12:16 - 2016-06-26 02:27 - 01208320 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-07-09 12:16 - 2016-06-22 15:06 - 00268800 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2016-07-09 12:16 - 2016-06-17 20:24 - 01490432 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-07-09 12:16 - 2016-06-17 20:24 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-07-09 12:16 - 2016-06-17 20:24 - 00544256 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-07-09 12:16 - 2016-06-17 20:24 - 00294912 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-07-09 12:16 - 2016-06-17 20:24 - 00219136 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-07-09 12:16 - 2016-06-17 20:24 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-07-09 12:16 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\winipsec.dll
2016-07-09 12:16 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2016-07-09 12:16 - 2016-05-12 19:14 - 00793088 _____ (Microsoft Corporation) C:\windows\system32\gpprefcl.dll
2016-07-09 12:16 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
2016-07-09 12:16 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\polstore.dll
2016-07-09 12:16 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\gpapi.dll
2016-07-09 12:16 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\FwRemoteSvr.dll
2016-07-09 12:16 - 2016-05-12 19:14 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\gpscript.dll
2016-07-09 12:16 - 2016-05-12 17:18 - 00591872 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpprefcl.dll
2016-07-09 12:16 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\polstore.dll
2016-07-09 12:16 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpapi.dll
2016-07-09 12:16 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\winipsec.dll
2016-07-09 12:16 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\FwRemoteSvr.dll
2016-07-09 12:16 - 2016-05-12 17:06 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\gpscript.exe
2016-07-09 12:16 - 2016-05-12 17:03 - 03217408 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-07-09 12:16 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpscript.dll
2016-07-09 12:16 - 2016-05-12 16:57 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpscript.exe
2016-07-09 12:16 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-07-09 12:16 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-07-09 12:16 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-07-09 12:16 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-07-09 12:16 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-07-09 12:16 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-07-09 12:16 - 2015-12-08 23:54 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2016-07-09 12:16 - 2015-12-08 23:54 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2016-07-09 12:16 - 2015-12-08 23:54 - 01568768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVENCOD.DLL
2016-07-09 12:16 - 2015-12-08 23:54 - 01325056 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOE.DLL
2016-07-09 12:16 - 2015-12-08 23:54 - 00902144 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
2016-07-09 12:16 - 2015-12-08 23:54 - 00815616 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOE.DLL
2016-07-09 12:16 - 2015-12-08 23:54 - 00740352 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpmde.dll
2016-07-09 12:16 - 2015-12-08 23:54 - 00739328 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
2016-07-09 12:16 - 2015-12-08 23:54 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVXENCD.DLL
2016-07-09 12:16 - 2015-12-08 23:54 - 00541184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
2016-07-09 12:16 - 2015-12-08 23:54 - 00358400 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSENCD.DLL
2016-07-09 12:16 - 2015-12-08 23:54 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\VIDRESZR.DLL
2016-07-09 12:16 - 2015-12-08 23:53 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 00970240 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2adec.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 00829952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPEG2ENC.DLL
2016-07-09 12:16 - 2015-12-08 23:53 - 00609280 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFWMAAEC.DLL
2016-07-09 12:16 - 2015-12-08 23:53 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 00415744 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP4SDECD.DLL
2016-07-09 12:16 - 2015-12-08 23:53 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MPG4DECD.DLL
2016-07-09 12:16 - 2015-12-08 23:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP43DECD.DLL
2016-07-09 12:16 - 2015-12-08 23:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\RESAMPLEDMO.DLL
2016-07-09 12:16 - 2015-12-08 23:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\qasf.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
2016-07-09 12:16 - 2015-12-08 23:53 - 00153600 _____ (Microsoft Corporation) C:\windows\SysWOW64\COLORCNV.DLL
2016-07-09 12:16 - 2015-12-08 23:53 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP3DMOD.DLL
2016-07-09 12:16 - 2015-12-08 23:53 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\devenum.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfvdsp.dll
2016-07-09 12:16 - 2015-12-08 23:53 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2016-07-09 12:16 - 2015-12-08 23:53 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2016-07-09 12:16 - 2015-12-08 23:53 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksuser.dll
2016-07-09 12:16 - 2015-12-08 23:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 01955328 _____ (Microsoft Corporation) C:\windows\system32\WMVENCOD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 01575424 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOE.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 01573888 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 01393152 _____ (Microsoft Corporation) C:\windows\system32\WMALFXGFXDSP.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 01232896 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 01153024 _____ (Microsoft Corporation) C:\windows\system32\WMADMOE.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 01026048 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 01010688 _____ (Microsoft Corporation) C:\windows\system32\mcmde.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 00978944 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00666112 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00653824 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00642048 _____ (Microsoft Corporation) C:\windows\system32\WMVXENCD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00632320 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\MFWMAAEC.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\WMVSENCD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\SysFxUI.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 00292352 _____ (Microsoft Corporation) C:\windows\system32\VIDRESZR.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\qasf.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\RESAMPLEDMO.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00224768 _____ (Microsoft Corporation) C:\windows\system32\MPG4DECD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00223744 _____ (Microsoft Corporation) C:\windows\system32\MP43DECD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\COLORCNV.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\MP3DMOD.DLL
2016-07-09 12:16 - 2015-12-08 21:07 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\mfvdsp.dll
2016-07-09 12:16 - 2015-12-08 21:07 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2016-07-09 12:16 - 2015-12-08 21:07 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\ksuser.dll
2016-07-09 12:16 - 2015-12-08 21:06 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2016-07-09 12:16 - 2015-12-08 21:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2016-07-09 12:16 - 2015-12-08 21:04 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2016-07-09 12:16 - 2015-12-08 20:54 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2016-07-09 12:16 - 2015-12-08 20:12 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2016-07-09 12:16 - 2015-12-08 20:11 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys
2016-07-09 12:16 - 2015-10-29 19:50 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2016-07-09 12:16 - 2015-10-29 19:50 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2016-07-09 12:16 - 2015-10-29 19:50 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2016-07-09 12:16 - 2015-10-29 19:50 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2016-07-09 12:16 - 2015-10-29 19:50 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll
2016-07-09 12:16 - 2015-10-29 19:49 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2016-07-09 12:16 - 2015-10-29 19:49 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2016-07-09 12:16 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2016-07-09 12:16 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2016-07-09 12:16 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2016-07-09 12:16 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2016-07-09 12:16 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2016-07-09 12:16 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2016-07-09 12:16 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2016-07-09 12:16 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2016-07-09 12:16 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2016-07-09 12:16 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2016-07-09 12:15 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-07-09 12:15 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-07-09 12:15 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-07-09 12:15 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-07-09 12:15 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-07-09 12:15 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2016-07-09 12:15 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2016-07-09 12:15 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-07-09 12:15 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2016-07-09 12:15 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2016-07-09 12:15 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2016-07-09 12:15 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-07-09 12:15 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2016-07-09 12:15 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2016-07-09 12:15 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2016-07-09 12:15 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\ws2_32.dll
2016-07-09 12:15 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2016-07-09 12:15 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
2016-07-09 12:15 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2016-07-09 12:15 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ws2_32.dll
2016-07-09 12:15 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\netbtugc.exe
2016-07-09 12:15 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\netbtugc.exe
2016-07-09 12:15 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2016-07-09 12:15 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2016-07-09 12:15 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2016-07-09 12:15 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2016-07-09 12:15 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2016-07-09 12:15 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2016-07-09 12:15 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2016-07-09 12:15 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2016-07-09 12:15 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2016-07-09 12:15 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2016-07-09 12:15 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2016-07-09 12:15 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2016-07-09 12:15 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2016-07-09 12:15 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2016-07-09 12:15 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2016-07-09 12:15 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2016-07-09 12:15 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2016-07-09 12:15 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2016-07-09 12:15 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2016-07-09 12:15 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2016-07-09 12:15 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2016-07-09 12:15 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2016-07-09 12:15 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2016-07-09 12:15 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\windows\system32\mfds.dll
2016-07-09 12:15 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfds.dll
2016-07-09 12:15 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2016-07-09 12:15 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2016-07-09 12:15 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2016-07-09 12:15 - 2016-01-11 21:11 - 01684416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2016-07-09 12:15 - 2016-01-07 19:42 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2016-07-09 12:15 - 2015-12-20 20:50 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2016-07-09 12:15 - 2015-12-20 20:50 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2016-07-09 12:15 - 2015-12-20 16:08 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2016-07-09 12:15 - 2015-12-08 23:53 - 00509952 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2016-07-09 12:15 - 2015-12-08 21:07 - 00624640 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2016-07-09 12:15 - 2015-11-14 01:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
2016-07-09 12:15 - 2015-11-14 01:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
2016-07-09 12:15 - 2015-11-14 01:08 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe
2016-07-09 12:15 - 2015-11-14 00:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapistub.dll
2016-07-09 12:15 - 2015-11-14 00:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapi32.dll
2016-07-09 12:15 - 2015-11-14 00:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\fixmapi.exe
2016-07-09 12:15 - 2015-11-11 20:53 - 01735680 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2016-07-09 12:15 - 2015-11-11 20:53 - 00525312 _____ (Microsoft Corporation) C:\windows\system32\catsrvut.dll
2016-07-09 12:15 - 2015-11-11 20:39 - 01242624 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2016-07-09 12:15 - 2015-11-11 20:39 - 00487936 _____ (Microsoft Corporation) C:\windows\SysWOW64\catsrvut.dll
2016-07-09 12:15 - 2015-11-05 21:05 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\wshrm.dll
2016-07-09 12:15 - 2015-11-05 21:02 - 00014848 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshrm.dll
2016-07-09 12:15 - 2015-11-05 11:53 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys
2016-07-09 12:15 - 2015-11-03 21:04 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2016-07-09 12:15 - 2015-11-03 20:56 - 00627712 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2016-07-09 12:15 - 2015-10-13 18:41 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2016-07-09 12:15 - 2015-10-13 18:40 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2016-07-09 12:15 - 2015-10-13 06:57 - 00950720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2016-07-09 12:15 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2016-07-09 12:15 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2016-07-09 12:15 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2016-07-09 12:15 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2016-07-09 12:15 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2016-07-09 12:15 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2016-07-09 12:15 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2016-07-09 12:15 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2016-07-09 12:15 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\windows\notepad.exe
2016-07-09 12:15 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2016-07-09 12:15 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2016-07-09 12:15 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2016-07-09 12:15 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2016-07-09 12:15 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2016-07-09 12:15 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2016-07-09 12:15 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2016-07-09 12:15 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2016-07-09 12:15 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2016-07-09 12:15 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2016-07-09 12:15 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2016-07-09 12:15 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2016-07-09 12:15 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2016-07-09 12:15 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2016-07-09 12:15 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2016-07-09 12:15 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2016-07-09 12:15 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2016-07-09 12:15 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2016-07-09 12:15 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2016-07-09 12:14 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\webio.dll
2016-07-09 12:14 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll
2016-07-09 12:14 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\seclogon.dll
2016-07-09 12:14 - 2015-12-16 00:28 - 17892352 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-07-09 12:14 - 2015-12-16 00:25 - 02350080 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-07-09 12:14 - 2015-12-16 00:21 - 10938368 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-07-09 12:14 - 2015-12-16 00:20 - 01388032 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-07-09 12:14 - 2015-12-16 00:20 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-07-09 12:14 - 2015-12-16 00:19 - 02158080 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-07-09 12:14 - 2015-12-16 00:19 - 01392128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 02382848 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-07-09 12:14 - 2015-12-16 00:18 - 01494016 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-07-09 12:14 - 2015-12-16 00:18 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00579584 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00282112 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00248320 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00237056 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00173568 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-07-09 12:14 - 2015-12-16 00:18 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2016-07-09 12:14 - 2015-12-16 00:18 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2016-07-09 12:14 - 2015-12-16 00:18 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2016-07-09 12:14 - 2015-12-15 23:50 - 01814528 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-07-09 12:14 - 2015-12-15 23:49 - 12388864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-07-09 12:14 - 2015-12-15 23:47 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-07-09 12:14 - 2015-12-15 23:46 - 09753088 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-07-09 12:14 - 2015-12-15 23:45 - 01140224 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-07-09 12:14 - 2015-12-15 23:45 - 01129472 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-07-09 12:14 - 2015-12-15 23:44 - 01804800 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-07-09 12:14 - 2015-12-15 23:44 - 01427968 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-07-09 12:14 - 2015-12-15 23:44 - 00718848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-07-09 12:14 - 2015-12-15 23:44 - 00424960 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-07-09 12:14 - 2015-12-15 23:44 - 00231936 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2016-07-09 12:14 - 2015-12-15 23:44 - 00142848 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-07-09 12:14 - 2015-12-15 23:44 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-07-09 12:14 - 2015-12-15 23:43 - 02382848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-07-09 12:14 - 2015-12-15 23:43 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-07-09 12:14 - 2015-12-15 23:43 - 00353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-07-09 12:14 - 2015-12-15 23:43 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-07-09 12:14 - 2015-12-15 23:43 - 00176640 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-07-09 12:14 - 2015-12-15 23:43 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-07-09 12:14 - 2015-12-15 23:43 - 00041472 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2016-07-09 12:14 - 2015-12-15 23:43 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2016-07-09 12:14 - 2015-12-15 23:43 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2016-07-09 12:14 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2016-07-09 12:14 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2016-07-09 12:14 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2016-07-09 12:14 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2016-07-09 12:14 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
2016-07-09 12:13 - 2016-05-12 19:15 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-07-09 12:13 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-07-09 12:13 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2016-07-09 12:13 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2016-07-09 12:13 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2016-07-09 12:13 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2016-07-09 12:13 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2016-07-09 12:13 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2016-07-09 12:13 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2016-07-09 12:13 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2016-07-09 12:13 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2016-07-09 12:13 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2016-07-09 12:13 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2016-07-09 12:13 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2016-07-09 12:13 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2016-07-09 12:13 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2016-07-09 12:13 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2016-07-09 12:12 - 2015-11-03 21:04 - 00241664 _____ (Microsoft Corporation) C:\windows\system32\els.dll
2016-07-09 12:12 - 2015-11-03 20:55 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\els.dll
2016-07-09 11:58 - 2016-03-24 00:40 - 00634432 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2016-07-09 11:53 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2016-07-09 11:53 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2016-07-08 23:18 - 2016-07-08 23:26 - 00232652 ____C C:\TDSSKiller.3.1.0.9_08.07.2016_23.18.30_log.txt
2016-07-08 23:18 - 2016-07-08 23:18 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Mas\Desktop\tdsskiller.exe
2016-07-08 23:16 - 2016-07-10 09:37 - 00040172 _____ C:\Users\Mas\Desktop\Addition.txt
2016-07-08 23:15 - 2016-07-10 11:35 - 00019522 _____ C:\Users\Mas\Desktop\FRST.txt
2016-07-08 23:14 - 2016-07-10 11:34 - 00000000 ___DC C:\FRST
2016-07-08 23:14 - 2016-07-10 09:36 - 02390016 ____C (Farbar) C:\Users\Mas\Desktop\FRST64.exe
2016-07-08 16:06 - 2016-07-08 16:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-07-08 13:37 - 2016-07-08 13:37 - 00000000 ____D C:\Users\Mas\AppData\Local\ESET
2016-07-08 13:35 - 2016-07-08 13:35 - 00002027 _____ C:\Users\Public\Desktop\ESET Sicheres Online-Banking und Bezahlen.lnk
2016-07-08 13:35 - 2016-07-08 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-07-08 13:35 - 2016-07-08 13:35 - 00000000 ____D C:\ProgramData\ESET
2016-07-08 13:35 - 2016-07-08 13:35 - 00000000 ____D C:\Program Files\ESET
2016-07-08 13:31 - 2016-07-08 13:31 - 03033760 _____ (ESET) C:\Users\Mas\Downloads\eset_smart_security_live_installer_.exe
2016-07-08 13:25 - 2016-07-08 13:28 - 90601672 _____ (ESET) C:\Users\Mas\Downloads\eav_nt32_enu.exe
2016-07-08 13:24 - 2016-07-08 13:24 - 00000000 ____D C:\Program Files (x86)\ESET
2016-07-08 13:13 - 2016-07-08 13:13 - 02870984 _____ (ESET) C:\Users\Mas\Downloads\esetsmartinstaller_deu.exe
2016-07-07 07:58 - 2016-07-07 07:58 - 00000000 ____D C:\ProgramData\firebird
2016-07-07 07:53 - 2016-07-07 07:53 - 00002086 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-07-07 07:53 - 2016-07-07 07:53 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-07-07 07:48 - 2016-07-07 07:48 - 00001468 _____ C:\Users\Public\Desktop\LibreOffice 5.1.lnk
2016-07-07 07:48 - 2016-07-07 07:48 - 00000000 ____D C:\Users\Mas\AppData\Roaming\LibreOffice
2016-07-07 07:48 - 2016-07-07 07:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1
2016-07-07 07:47 - 2016-07-07 07:48 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2016-07-07 07:09 - 2016-07-07 07:10 - 221675520 _____ C:\Users\Mas\Downloads\LibreOffice_5.1.4_Win_x86.msi
2016-06-29 13:56 - 2016-07-07 09:15 - 00111837 _____ C:\Users\Mas\Desktop\Rabattübertragungsformular.pdf
2016-06-25 08:28 - 2016-06-25 08:28 - 00000000 ____D C:\Users\Mas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-07-10 11:30 - 2013-04-13 22:35 - 00699666 _____ C:\windows\system32\perfh007.dat
2016-07-10 11:30 - 2013-04-13 22:35 - 00149774 _____ C:\windows\system32\perfc007.dat
2016-07-10 11:30 - 2009-07-14 07:13 - 01620612 _____ C:\windows\system32\PerfStringBackup.INI
2016-07-10 11:30 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-07-10 11:28 - 2015-06-23 09:17 - 00001216 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2856982752-327615534-2607958787-1001UA.job
2016-07-10 11:25 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-07-10 09:20 - 2009-07-14 06:45 - 00031312 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-10 09:20 - 2009-07-14 06:45 - 00031312 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-10 08:08 - 2016-01-28 01:57 - 00000324 _____ C:\windows\Tasks\HPCeeScheduleForMas.job
2016-07-10 07:50 - 2013-10-25 22:57 - 00003914 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{13949E6C-47E7-40B7-A8DC-8736CCF27255}
2016-07-10 04:28 - 2015-06-23 09:17 - 00001164 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2856982752-327615534-2607958787-1001Core.job
2016-07-10 00:27 - 2016-04-01 01:19 - 00003174 _____ C:\windows\System32\Tasks\HPCeeScheduleForMas
2016-07-09 15:45 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2016-07-09 14:02 - 2013-12-04 22:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-09 14:02 - 2013-11-03 09:46 - 00000000 ____D C:\Program Files (x86)\Avira
2016-07-09 14:02 - 2009-07-14 06:45 - 00414944 _____ C:\windows\system32\FNTCACHE.DAT
2016-07-09 13:57 - 2015-05-18 11:52 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-07-09 13:57 - 2015-05-18 11:52 - 00000000 ___SD C:\windows\system32\GWX
2016-07-09 13:57 - 2015-05-18 11:52 - 00000000 ___SD C:\windows\system32\CompatTel
2016-07-09 13:57 - 2015-05-18 11:52 - 00000000 ____D C:\windows\system32\appraiser
2016-07-09 13:57 - 2013-04-13 22:24 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-09 13:57 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2016-07-09 13:22 - 2014-06-15 21:33 - 00000000 ____D C:\windows\system32\MRT
2016-07-09 13:16 - 2014-06-15 21:33 - 142482544 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-07-09 12:37 - 2013-04-14 01:02 - 01594892 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2016-07-09 07:34 - 2014-04-10 12:21 - 00000000 ____D C:\Program Files (x86)\CdFd32
2016-07-08 15:21 - 2014-06-06 11:48 - 00000000 ___DC C:\temp
2016-07-08 12:19 - 2013-11-03 09:50 - 00000000 ____D C:\Users\Mas\AppData\Roaming\Avira
2016-07-08 12:19 - 2013-11-03 09:46 - 00000000 ____D C:\ProgramData\Avira
2016-07-08 12:19 - 2013-10-25 22:58 - 00098488 _____ C:\Users\Mas\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-08 12:18 - 2014-11-06 14:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-07 15:08 - 2014-10-31 18:28 - 00000000 ____D C:\Users\Mas\AppData\Local\CutePDF Writer
2016-07-04 00:11 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\NDF
2016-07-01 18:15 - 2014-11-19 19:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-07-01 18:14 - 2013-10-26 19:27 - 00000000 ____D C:\Users\Mas\AppData\Local\Thunderbird
2016-06-25 08:28 - 2014-02-13 16:34 - 00000000 ____D C:\Users\Mas\AppData\Roaming\Dropbox
2016-06-21 12:13 - 2010-11-21 05:27 - 00485032 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-04-10 12:20 - 2006-09-27 11:35 - 0839745 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, Bonn) C:\Program Files\ActiveMap35.ocx
2014-04-10 12:20 - 2010-03-06 17:43 - 0610304 ____N (Hoppenstedt Firmeninformationen GmbH) C:\Program Files\AxRegister.exe
2014-04-10 12:20 - 1996-06-10 16:24 - 0307200 ____N (Software FX, Inc.) C:\Program Files\Cfx32.ocx
2014-04-10 12:20 - 2004-05-04 10:53 - 1645320 ____N (Microsoft Corporation) C:\Program Files\gdiplus.dll
2014-04-10 12:20 - 2010-02-08 14:35 - 0600576 ____N (Bisnode Informatics GmbH & Gunnar Leitz 1999-2010) C:\Program Files\GHLck32.dll
2014-04-10 12:20 - 2010-03-15 17:17 - 0564736 ____N (Hoppenstedt Firmeninformationen) C:\Program Files\Ghret32.dll
2014-04-10 12:20 - 2012-02-10 19:27 - 5708948 _____ (Hoppenstedt Firmeninformationen GmbH) C:\Program Files\Hfdb32.exe
2014-04-10 12:20 - 2010-03-01 20:26 - 0000347 ____N () C:\Program Files\Hfdb32.exe.manifest
2014-04-10 12:20 - 2014-04-10 12:20 - 0002617 _____ () C:\Program Files\Hfdb32.ini
2014-04-10 12:20 - 2011-05-17 18:22 - 0233984 ____N (Bisnode Informatics & Gunnar Leitz) C:\Program Files\Hfdb_eng.dll
2014-04-10 12:20 - 2011-05-17 18:21 - 0255488 ____N (Bisnode Informatics & Gunnar Leitz) C:\Program Files\Hfdb_ger.dll
2014-04-10 12:20 - 2014-04-10 12:20 - 0001284 _____ () C:\Program Files\Hfinst.log
2014-04-10 12:20 - 2010-03-17 16:59 - 0004762 ____N () C:\Program Files\Liesmich.txt
2014-04-10 12:20 - 2005-11-28 16:02 - 0172099 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, BONN) C:\Program Files\LtGeometry10.dll
2014-04-10 12:20 - 1998-01-14 13:34 - 0126976 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, Bonn) C:\Program Files\Ltmapx32.ocx
2014-04-10 12:20 - 2002-07-02 14:00 - 0036864 ____N (Lutum+Tappert) C:\Program Files\LtPictureHolder.ocx
2014-04-10 12:20 - 2003-11-04 11:52 - 0086071 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, Bonn) C:\Program Files\Lttool32.dll
2014-04-10 12:20 - 2006-02-28 13:00 - 1028096 ____N (Microsoft Corporation) C:\Program Files\mfc42.dll
2014-04-10 12:20 - 2006-02-28 13:00 - 0343040 ____N (Microsoft Corporation) C:\Program Files\Msvcrt.dll
2014-04-10 12:20 - 2000-08-24 15:13 - 0334336 ____N () C:\Program Files\UiHlp32.exe
2014-04-10 12:19 - 2006-09-27 11:35 - 0839745 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, Bonn) C:\Program Files (x86)\ActiveMap35.ocx
2014-04-10 12:18 - 2010-03-06 17:43 - 0610304 ____N (Hoppenstedt Firmeninformationen GmbH) C:\Program Files (x86)\AxRegister.exe
2014-04-10 12:19 - 1996-06-10 16:24 - 0307200 ____N (Software FX, Inc.) C:\Program Files (x86)\Cfx32.ocx
2014-04-10 12:18 - 2004-05-04 10:53 - 1645320 ____N (Microsoft Corporation) C:\Program Files (x86)\gdiplus.dll
2014-04-10 12:18 - 2010-02-08 14:35 - 0600576 ____N (Bisnode Informatics GmbH & Gunnar Leitz 1999-2010) C:\Program Files (x86)\GHLck32.dll
2014-04-10 12:18 - 2010-03-15 17:17 - 0564736 ____N (Hoppenstedt Firmeninformationen) C:\Program Files (x86)\Ghret32.dll
2014-04-10 12:18 - 2012-02-10 19:27 - 5708948 _____ (Hoppenstedt Firmeninformationen GmbH) C:\Program Files (x86)\Hfdb32.exe
2014-04-10 12:18 - 2010-03-01 20:26 - 0000347 ____N () C:\Program Files (x86)\Hfdb32.exe.manifest
2014-04-10 12:18 - 2014-04-10 12:19 - 0002677 _____ () C:\Program Files (x86)\Hfdb32.ini
2014-04-10 12:18 - 2011-05-17 18:22 - 0233984 ____N (Bisnode Informatics & Gunnar Leitz) C:\Program Files (x86)\Hfdb_eng.dll
2014-04-10 12:18 - 2011-05-17 18:21 - 0255488 ____N (Bisnode Informatics & Gunnar Leitz) C:\Program Files (x86)\Hfdb_ger.dll
2014-04-10 12:18 - 2014-04-10 12:19 - 0002509 _____ () C:\Program Files (x86)\Hfinst.log
2014-04-10 12:18 - 2010-03-17 16:59 - 0004762 ____N () C:\Program Files (x86)\Liesmich.txt
2014-04-10 12:18 - 2005-11-28 16:02 - 0172099 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, BONN) C:\Program Files (x86)\LtGeometry10.dll
2014-04-10 12:19 - 1998-01-14 13:34 - 0126976 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, Bonn) C:\Program Files (x86)\Ltmapx32.ocx
2014-04-10 12:19 - 2002-07-02 14:00 - 0036864 ____N (Lutum+Tappert) C:\Program Files (x86)\LtPictureHolder.ocx
2014-04-10 12:18 - 2003-11-04 11:52 - 0086071 ____N (LUTUM + TAPPERT DV-BERATUNG GMBH, Bonn) C:\Program Files (x86)\Lttool32.dll
2014-04-10 12:18 - 2006-02-28 13:00 - 1028096 ____N (Microsoft Corporation) C:\Program Files (x86)\mfc42.dll
2014-04-10 12:18 - 2006-02-28 13:00 - 0343040 ____N (Microsoft Corporation) C:\Program Files (x86)\Msvcrt.dll
2014-04-10 12:18 - 2000-08-24 15:13 - 0334336 ____N () C:\Program Files (x86)\UiHlp32.exe
2013-12-01 11:49 - 2015-11-24 13:47 - 0006349 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-07-09 00:41
==================== Ende von FRST.txt ============================
|
|
10.07.2016, 10:47
| #15 |
| | Frühjahrsputz ? ! und addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-07-2016
durchgeführt von Mas (2016-07-10 11:35:42)
Gestartet von C:\Users\Mas\Desktop
Windows 7 Professional Service Pack 1 (X64) (2013-10-25 20:52:59)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2856982752-327615534-2607958787-500 - Administrator - Disabled)
Gast (S-1-5-21-2856982752-327615534-2607958787-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2856982752-327615534-2607958787-1003 - Limited - Enabled)
Mas (S-1-5-21-2856982752-327615534-2607958787-1001 - Administrator - Enabled) => C:\Users\Mas
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: ESET Smart Security 9.0.381.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.381.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 18.2.4 - Hewlett-Packard) Hidden
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
ActiveTrader Deutschland (HKLM-x32\...\{0DE75F32-3E22-42F7-B6CD-5A6644581F4E}) (Version: 6.0.1 - Cortal Consors)
ActiveTrader Deutschland (HKLM-x32\...\{4B505F84-DB93-4C85-A8FE-AF8A55904F42}) (Version: 7.1.0 - Consorsbank)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.2.202.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.15) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.15 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.28.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.28.0 - Alcor Micro Corp.) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2300 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: - Broadcom Corporation)
BufferChm (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.2106 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3317 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2321 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2531 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.5101 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.1.3423 - CyberLink Corp.)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 7.1.2.0 - Hewlett-Packard Company)
DeviceDiscovery (x32 Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Drive Encryption For HP ProtectTools (HKLM\...\{27F1E086-5691-4EB8-8BA1-5CBA87D67EB5}) (Version: 7.0.28.30376 - Hewlett-Packard Company)
Dropbox (HKU\S-1-5-21-2856982752-327615534-2607958787-1001\...\Dropbox) (Version: 5.4.24 - Dropbox, Inc.)
Embedded Security for HP ProtectTools (HKLM\...\{43BE25B8-E69F-42CF-9414-7DDCF891629B}) (Version: 7.0.000.2882 - Hewlett-Packard Company)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESET Smart Security (HKLM\...\{64D5DBAE-3C56-4FBE-9A2F-44C63FA13BAF}) (Version: 9.0.381.1 - ESET, spol. s r.o.)
Face Recognition for HP ProtectTools (HKLM\...\Face Recognition for HP ProtectTools) (Version: 7.2.2.4549 - Hewlett-Packard Company)
Face Recognition for HP ProtectTools (Version: 7.2.2.4549 - Hewlett-Packard Company) Hidden
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 7.0.0.5 - Hewlett-Packard Company)
Formularpraxis - Verlag Dr. Otto Schmidt (HKLM-x32\...\{8AA8F0D7-30A6-4515-8839-4A6F60173519}) (Version: - )
Free DWG Viewer 7.2 (HKLM-x32\...\{90751489-B709-4D2F-8634-FEE00BFEC41A}) (Version: 7.2.0.77 - IGC)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Hoppenstedt Auskunfts-CD Firmendatenbank (HKLM-x32\...\{31FC28E2-D8F9-411E-A2F5-71AC76C0C79C}) (Version: 1.00.0010 - )
HP 3D DriveGuard (HKLM\...\{C0C9A493-51CB-4F3F-A296-5B5E410C338E}) (Version: 5.0.9.0 - Hewlett-Packard Company)
HP Color LaserJet CM2320 MFP Series 3.1 (HKLM\...\{ECF3E482-9188-4e29-9C31-E02FD8DC74C0}) (Version: 3.1 - HP)
HP Connection Manager (HKLM-x32\...\{F5AEB2E2-F856-448F-8C32-46CA5C6149FE}) (Version: 4.5.27.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{C65D5947-5FAF-499E-859F-75C3852D84B0}) (Version: 1.1.1.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{840021F2-FFC0-467A-BF85-29B8B7803717}) (Version: 2.0.8.1 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.16 - SunplusIT)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.6.11.2 - Hewlett-Packard Company)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HP Power Assistant (HKLM\...\{84642787-58C0-44AE-8B26-E2F544E380A1}) (Version: 2.5.0.16 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 7.0.0.1177 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{223AE3E8-4445-410F-8EDA-13EC137E3BDB}) (Version: 3.4.3.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.4.18.7 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{C4E9E8A4-EEC4-4F9E-B140-520A8B75F430}) (Version: 2.4.1.2 - Hewlett-Packard Company)
hppCLJCM2320 (x32 Version: 003.001.00097 - Hewlett-Packard) Hidden
hppFaxDrvCM2320 (x32 Version: 003.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM2320 (x32 Version: 003.001.00095 - Ihr Firmenname) Hidden
hppFonts (x32 Version: 001.001.00061 - Hewlett-Packard) Hidden
hppManualsCM2320 (x32 Version: 003.001.00087 - Ihr Firmenname) Hidden
hppQFolderCM2320 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
hppScanToCM2320 (x32 Version: 003.001.00090 - Ihr Firmenname) Hidden
hppSendFaxCM2320 (x32 Version: 003.000.00001 - Ihr Firmenname) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6392.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 17.3 - Intel)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.76.1 - JMicron Technology Corp.)
Lexware buchhalter 2013 (HKLM-x32\...\{6AB4E5CD-0062-48E8-96A3-E5B4486DFCB3}) (Version: 18.00.00.0090 - Haufe-Lexware GmbH & Co.KG)
Lexware Elster (HKLM-x32\...\{9F6BFB0F-6B1F-4D1A-A9DA-42F6794C9188}) (Version: 13.00.00.0027 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (HKLM-x32\...\{85BF9FDB-BD5B-407C-9CAE-3542E5164783}) (Version: 4.00.00.0075 - Haufe-Lexware GmbH & Co.KG)
LibreOffice 5.1.4.2 (HKLM-x32\...\{D5D4AC5C-C757-4EB2-857C-B021DB22482C}) (Version: 5.1.4.2 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
Mozilla Thunderbird 31.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.2.0 (x86 de)) (Version: 31.2.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.7 - F.J. Wechselberger)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Prezi Desktop (HKLM-x32\...\{cdd36780-8433-41ca-bab4-c224e2c4f95c}) (Version: 6.13.0.0 - Prezi)
Prezi Desktop (x32 Version: 6.13.0.0 - Prezi) Hidden
Privacy Manager for HP ProtectTools (HKLM\...\{CA2F6FAD-D8CD-42C1-B04D-6E5B1B1CFDCC}) (Version: 7.0.0.865 - Hewlett-Packard Company)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_5 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_5 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
SDK (x32 Version: 2.30.042 - Portrait Displays, Inc.) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
TAXMAN 2013 (HKLM-x32\...\{F289D934-2224-473B-B57E-0040D2693F83}) (Version: 19.06.00.0003 - Haufe-Lexware GmbH & Co.KG)
TAXMAN 2014 (HKLM-x32\...\{4A1C559D-38F6-49CF-BDA5-CF354FFE04E4}) (Version: 20.04.00.0003 - Haufe-Lexware GmbH & Co.KG)
TAXMAN 2015 (HKLM-x32\...\{5613CAD3-71ED-4207-95A0-1BA0BF465E38}) (Version: 20.35.162 - Haufe-Lexware GmbH & Co.KG)
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.0.10 - Hewlett-Packard Company)
Theft Recovery for HP ProtectTools (x32 Version: 7.0.0.10 - Hewlett-Packard Company) Hidden
TrayApp (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Validity Fingerprint Sensor Driver (HKLM\...\{93581599-ECF1-4DCD-BE36-BD969A6C8DB5}) (Version: 4.4.213.0 - Validity Sensors, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CF}) (Version: 15.0.10039 - WinZip Computing, S.L. )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2856982752-327615534-2607958787-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Mas\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {091F8B2D-CA30-4072-9DBB-1A1F98A3F98F} - System32\Tasks\HPCeeScheduleForMas => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {0A773406-9C08-4B30-BABC-DA3855FB7188} - System32\Tasks\{C7BC0C70-5BE9-45FE-8BB9-44C25FCDBCB2} => pcalua.exe -a F:\setup.exe -d F:\
Task: {0FEBB2FD-FCC9-4C91-B3C3-9A78C5892743} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2856982752-327615534-2607958787-1001Core => C:\Users\Mas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-23] (Dropbox, Inc.)
Task: {2965738B-02A5-440D-B92E-33F05B955B95} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2856982752-327615534-2607958787-1001UA => C:\Users\Mas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-23] (Dropbox, Inc.)
Task: {2EF6DC91-AB44-464D-A2E7-D2C71F273DA7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-10] (Hewlett-Packard Company)
Task: {3AA0548D-03EA-4625-B761-C17F664719D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {5E9CCE08-C28F-407A-B47D-59D55D5C47B0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-10] (Hewlett-Packard Company)
Task: {5F756987-7843-4CF7-87EB-9DF184777BFC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [2011-09-10] (Hewlett-Packard Company)
Task: {800029E7-855E-4645-A0EE-4C543AF0F93C} - System32\Tasks\{BDD60054-A66C-46A3-AB8E-7F89E4DB1CC4} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {AA5FAC01-3DCB-4FA0-85EA-053A509C6805} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-10] (Hewlett-Packard Company)
Task: {AF811964-1A10-43DD-B49D-C787CE9BC4C7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {B5270B58-B9F1-44B6-8DDC-DA22861D9C70} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {E0144AFC-D788-41A8-924F-6BA66DEF3A75} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-23] (Hewlett-Packard Company)
Task: {FF689E8E-6A65-4E8A-9A39-0605C9870D78} - System32\Tasks\{76837DD5-14C5-4059-BCE5-BD01C0037D44} => pcalua.exe -a C:\Users\Mas\Downloads\AVM_FRITZ_WLAN_Repeater_310_Assistent.exe -d C:\Users\Mas\Downloads
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2856982752-327615534-2607958787-1001Core.job => C:\Users\Mas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2856982752-327615534-2607958787-1001UA.job => C:\Users\Mas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForMas.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Public\Desktop\LibreOffice 5.1.lnk -> hxxp://www.documentfoundation.org (Keine Datei)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-10-31 18:27 - 2013-10-23 16:24 - 00087600 _____ () C:\windows\System32\cpwmon64.dll
2012-02-10 23:26 - 2012-02-10 23:26 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2013-10-07 11:50 - 2012-03-28 19:38 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2016-06-25 08:28 - 2016-05-25 19:03 - 00034768 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-06-25 08:28 - 2016-05-25 19:03 - 00134088 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-06-25 08:28 - 2016-05-25 19:04 - 00019408 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-06-25 08:28 - 2016-05-25 19:03 - 00116688 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-06-25 08:28 - 2016-05-25 19:03 - 00093640 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-06-25 08:28 - 2016-05-25 19:03 - 00018376 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\select.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00019760 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00105928 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-06-25 08:28 - 2016-05-25 19:03 - 00392144 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-06-25 08:28 - 2016-06-13 22:13 - 00381752 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-06-25 08:28 - 2016-05-25 19:03 - 00692688 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00020816 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-06-25 08:28 - 2016-05-25 19:04 - 00123856 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 01682760 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00020808 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00021840 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00052024 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00038696 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00020936 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00024528 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00114640 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00124880 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00021832 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00024016 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00175560 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00030160 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00043472 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00048592 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00023872 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00026456 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00057808 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00024016 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00246592 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00028616 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00020800 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00019776 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00020800 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-06-25 08:28 - 2016-05-25 19:03 - 00134608 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-06-25 08:28 - 2016-05-25 19:04 - 00240584 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00020280 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00023376 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00350152 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00022352 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00024392 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00036296 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\librsync.dll
2016-06-25 08:28 - 2016-06-13 22:13 - 00084280 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-06-25 08:28 - 2016-06-13 22:13 - 01826096 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-06-25 08:28 - 2016-05-25 19:04 - 00083912 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\sip.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 03928880 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 01971504 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00531248 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00132912 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00223544 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00207672 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-06-25 08:28 - 2016-05-25 19:05 - 00060880 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00024904 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00546096 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-06-25 08:28 - 2016-06-13 22:13 - 00357680 _____ () C:\Users\Mas\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2856982752-327615534-2607958787-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: AAV UpdateService => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Avira.ServiceHost => 2
MSCONFIG\Services: DpHost => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: IFXSpMgtSrv => 2
MSCONFIG\Services: IFXTCS => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McAfee Endpoint Encryption Agent => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: pdfcDispatcher => 2
MSCONFIG\Services: PersonalSecureDriveService => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: vcsFPService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Mas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: AccessSecureData => C:\Users\Mas\AppData\Local\Temp\{76C65A89-20BC-417C-93C6-512BC1A37786}\AccessSecureData.exe
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe
MSCONFIG\startupreg: CLMLServer_For_P2G8 => "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
MSCONFIG\startupreg: CLVirtualDrive => "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Mas\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: HotKeysCmds => C:\windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IFXSPMGT => "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
MSCONFIG\startupreg: IgfxTray => C:\windows\system32\igfxtray.exe
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LexwareInfoService => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe /autostart
MSCONFIG\startupreg: MfeEpePcMonitor => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: Persistence => C:\windows\system32\igfxpers.exe
MSCONFIG\startupreg: RemoteControl10 => "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Java\jre7\bin\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: YouCam Mirage => "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{08762CC0-6797-46DE-BC99-270CFB4E6DF8}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{5685469D-F351-4C3B-99DA-E9F75879F810}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{5CC97787-F726-4191-9D83-8606756D5960}] => (Allow) C:\Users\Mas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{44AD7AB6-866E-4A32-AF5F-FCCA5788BCD3}] => (Allow) C:\Users\Mas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{DF6DF202-F35E-4343-91CA-A2900A388AB6}C:\users\mas\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{E8BEEA45-0D9F-44C5-8799-9444874FF1B1}C:\users\mas\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{F51CDEA1-AFC2-4A36-8E4B-EF3A1AE065B2}C:\users\mas\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe] => (Allow) C:\users\mas\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [UDP Query User{DD710277-F378-45DD-808D-4605AE9D739D}C:\users\mas\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe] => (Allow) C:\users\mas\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [{4BC21A0C-4974-4EB7-95FD-CAF208100553}] => (Block) C:\users\mas\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [{DC3E36CE-6CBA-4CD2-AE19-C00C37A0966A}] => (Block) C:\users\mas\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [TCP Query User{9A44B86B-54A2-420E-81BF-36D77BFFC053}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{8EE0A58A-4BFA-4D3B-8438-6285D7B99BC2}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{7FE89021-4F43-4660-B542-9DFFF7A90D0C}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS241B\HPDiagnosticCoreUI.exe
FirewallRules: [{2719F3E8-DA90-44B5-B610-3F6861FE888E}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS241B\HPDiagnosticCoreUI.exe
FirewallRules: [{1E0376CA-E646-4E74-904E-C6EF805200BB}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS7933\HPDiagnosticCoreUI.exe
FirewallRules: [{7EEAB372-D80E-47EB-8D67-39CACDCF93D7}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS7933\HPDiagnosticCoreUI.exe
FirewallRules: [{C6971E9B-207A-4E17-8D91-DFCF428A144B}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS55EE\HPDiagnosticCoreUI.exe
FirewallRules: [{35CEF966-610E-4347-A20C-4F366988F03B}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS55EE\HPDiagnosticCoreUI.exe
FirewallRules: [{3672BAC1-D29C-416A-8FF8-0B84ED1D38D2}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS46CE\HPDiagnosticCoreUI.exe
FirewallRules: [{E04B3A70-ACA8-4666-9DB1-F0D1A23E642B}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS46CE\HPDiagnosticCoreUI.exe
FirewallRules: [{01D10076-6379-49E5-A651-22DBC25E7425}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS1BE5\HPDiagnosticCoreUI.exe
FirewallRules: [{F9CDAB3F-A976-4DAB-8D25-B6F67DECB265}] => (Allow) C:\Users\Mas\AppData\Local\Temp\7zS1BE5\HPDiagnosticCoreUI.exe
FirewallRules: [{F894C3CB-A90C-4A81-AB8D-AADA077992F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{46656325-0BF2-4495-B190-A49EF8D73346}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
07-07-2016 07:46:58 Installed LibreOffice 5.1.4.2
08-07-2016 12:23:24 Removed Vodafone Mobile Connect Lite.
09-07-2016 12:23:19 Windows Update
09-07-2016 14:38:26 Windows Update
10-07-2016 09:28:50 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/10/2016 11:26:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2016 09:10:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2016 08:09:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2016 03:21:51 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (07/09/2016 05:22:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2016 02:07:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2016 02:05:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2016 02:03:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2016 01:46:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 43.0.1.5828, Zeitstempel: 0x56723a12
Name des fehlerhaften Moduls: NPSWF32_20_0_0_267.dll, Version: 20.0.0.267, Zeitstempel: 0x567b2f55
Ausnahmecode: 0x80000003
Fehleroffset: 0x00387acd
ID des fehlerhaften Prozesses: 0x1d2c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (07/09/2016 01:09:28 PM) (Source: MsiInstaller) (EventID: 11935) (User: Mas-HP)
Description: Product: MSXML 4.0 SP2 (KB973688) -- Error 1935. An error occured during the installation of assembly component {7B2B4EA5-1028-B7E6-A06B-D6B9ABF34537}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9876.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86"
Systemfehler:
=============
Error: (07/10/2016 11:27:26 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SpfdBus
Error: (07/10/2016 11:27:26 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.
Error: (07/10/2016 11:25:03 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\bcmihvsrv64.dll
Error: (07/10/2016 11:25:03 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\bcmihvsrv64.dll
Error: (07/10/2016 11:24:57 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\bcmihvsrv64.dll
Error: (07/10/2016 11:23:56 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056 = Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (07/10/2016 11:23:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/10/2016 11:23:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/10/2016 11:23:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Audio Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/10/2016 11:23:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP Support Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 3975.55 MB
Verfügbarer physikalischer RAM: 1691.42 MB
Summe virtueller Speicher: 7949.29 MB
Verfügbarer virtueller Speicher: 5228.18 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:222.67 GB) (Free:94.71 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Daten) (Fixed) (Total:223.1 GB) (Free:216.57 GB) NTFS
Drive f: (CDFD32) (CDROM) (Total:0.61 GB) (Free:0 GB) UDF
Drive g: (HP_RECOVERY) (Fixed) (Total:19.7 GB) (Free:3.02 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive h: () (Removable) (Total:0.94 GB) (Free:0.91 GB) FAT
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 50318F85)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=223.1 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 960 MB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
| Themen zu Frühjahrsputz ? ! |
| aktuelle, aktuellen, andere, anderen, anleitung, dinge, einzelne, funktionieren, installiert, intel, programme, rechner, recht, scan, scanner, troja, update, updates, virenscan, virenscanner, win7, windows, windows 7, windows updates, zuverlässig |
