| |
| |||||||
Log-Analyse und Auswertung: Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder VirusWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
28.08.2016, 10:43
| #1 |
 |  Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus Hallo zusammen ich habe den Verdacht, dass ich von einem Trojaner/Virus/Malware befallen bin. Der Computer reagiert allerdings normal, bei allen Aktivitäten. Auch ist mein Computer nicht langsamer geworden, ausser bei Downloads hab ich das Gefühl es könnte schneller sein. Code:
ATTFilter ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe (Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Visicom Media Inc.) C:\ProgramData\ManyCam\Service\ManyCamService.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe (Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe (Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe (Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe (FreeDownloadManager.org) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Alexander Miehlke Softwareentwicklung) C:\Program Files (x86)\TraXEx\TraXEx.exe () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Murray Hurps Software Pty Ltd) C:\Program Files (x86)\Ad Muncher\AdMunch.exe (Murray Hurps Software Pty Ltd) C:\Program Files (x86)\Ad Muncher\AdMunch64.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe (Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (AVM Software Inc.) C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (AVM Software Inc.) C:\Program Files (x86)\Paltalk Messenger\paltalk.exe () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe (Mirko Böer) C:\Program Files (x86)\RouterControl\RouterControl.exe () C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe (CounterPath) C:\Program Files (x86)\CounterPath\Bria 4\Bria4.exe () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe (The CefSharp Authors) C:\Program Files (x86)\CounterPath\Bria 4\CefSharp.BrowserSubprocess.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe (AVM Software Inc.) C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe () C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe () C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (EJIE Technology) C:\Program Files (x86)\Clover\clover.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350232 2016-06-16] (ELAN Microelectronics Corp.) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [586352 2016-08-21] () HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [615144 2016-03-09] (Samsung Electronics Co.,Ltd) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated) HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe [4164944 2016-07-01] (Ashampoo Development GmbH & Co. KG) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4657312 2016-08-21] () HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [PowerDVD16Agent] => C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe [525352 2016-05-13] (CyberLink Corp.) HKLM-x32\...\Run: [Ad Muncher] => C:\Program Files (x86)\Ad Muncher\AdMunch.exe [560760 2016-08-06] (Murray Hurps Software Pty Ltd) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\jv16 PowerTools X\StartupOptimizer.exe "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [75776 2016-08-10] () HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498720 2016-06-23] (Adobe Systems Inc.) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425352 2016-06-03] (Acronis International GmbH) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2631120 2016-07-28] (Malwarebytes Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Atheros Communications) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-07-08] (Apple Inc.) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1084688 2016-04-21] (Apple Inc.) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-07-08] (Apple Inc.) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-07-08] (Apple Inc.) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\jv16 PowerTools X\StartupOptimizer.exe "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe [4535192 2016-06-09] () HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Bria 4] => C:\Program Files (x86)\CounterPath\Bria 4\Bria4.exe [4734344 2016-07-11] (CounterPath) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [RouterControl] => C:\Program Files (x86)\RouterControl\ROUTERCONTROL.EXE [3449344 2009-05-19] (Mirko Böer) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Yahoo Messenger Updater] => C:\Users\hochs\AppData\Roaming\Yahoo Messenger\YMUpdater\YMUpdater.exe [115144 2016-08-18] (Yahoo!, Inc.) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Yahoo Messenger] => C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe [61315088 2016-08-18] (Yahoo! Inc) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [9647104 2016-08-23] (FreeDownloadManager.org) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3966064 2016-08-05] (Tonec Inc.) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\MountPoints2: {3aefeae5-1f0f-11e6-9b9c-806e6f6e6963} - "E:\pcwstart.exe" HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google) ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis) ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis) ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TraXEx 7.0.lnk [2016-08-17] ShortcutTarget: TraXEx 7.0.lnk -> C:\Program Files (x86)\TraXEx\TraXEx.exe (Alexander Miehlke Softwareentwicklung) Startup: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2016-08-14] () Startup: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopVideoPlayer.lnk [2016-08-20] ShortcutTarget: DesktopVideoPlayer.lnk -> C:\Users\hochs\AppData\Local\vghd\bin\vghd.exe (Keine Datei) Startup: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2016-08-06] ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.) BootExecute: autocheck autochk * sdnclean64.exe CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{312630d7-a3ea-4a35-adc2-e36214d724f3}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{81c71945-0989-48f6-948e-0f58b3f79291}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{9758ba7f-718c-4803-9b3d-86710972f7a9}: [DhcpNameServer] 172.20.10.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000 BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-07-13] (Internet Download Manager, Tonec Inc.) BHO: Kein Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Keine Datei BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-08-27] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-06] (Oracle Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-27] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-06] (Oracle Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated) BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll [2014-01-23] (EJIE Technology) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-07-13] (Internet Download Manager, Tonec Inc.) BHO-x32: Kein Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Keine Datei BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-08-27] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-06] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-08-27] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-06] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated) BHO-x32: Kein Name -> {FFFFFEF0-5B30-21D4-945D-000000000000} -> C:\Program Files (x86)\Star Downloader\SDIEInt.dll [2006-02-26] () Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation) Edge: ====== Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.0.5.0_neutral__c1wakc4j0nefm [2016-08-07] FireFox: ======== FF ProfilePath: C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default FF Homepage: hxxps://www.startpage.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] () FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-06] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-06] (Oracle Corporation) FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-08-26] (LastPass) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] () FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-06] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-06] (Oracle Corporation) FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-08-26] (LastPass) FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-27] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-27] (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-08-28] (Nero AG) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-06-23] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems) FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-08-20] FF Extension: (LastPass) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\extensions\support@lastpass.com [2016-08-26] FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-08-03] FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2016-08-26] FF Extension: (Adblock Plus) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-26] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2016-05-12] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext FF HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\hochs\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\hochs\AppData\Roaming\IDM\idmmzcc5 [2016-08-28] [ist nicht signiert] FF HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi Chrome: ======= CHR HomePage: Default -> hxxps://startseite.com/ CHR DefaultSearchURL: Default -> hxxps://www.startpage.com/do/dsearch?query={searchTerms}&cat=web&pl=opensearch&language=deutsch CHR DefaultSearchKeyword: Default -> https://startpage.com CHR Profile: C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Free Download Manager Chrome extension) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2016-08-28] CHR Extension: (Google Docs) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-15] CHR Extension: (Google Drive) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-15] CHR Extension: (WhatsChrome) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan [2016-08-07] CHR Extension: (YouTube) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-15] CHR Extension: (Porno-Blocker und Kindersicherung) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\cenggogncmgefhljmbhbjgfbfjbmpkml [2016-08-15] CHR Extension: (Adobe Acrobat) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-08-20] CHR Extension: (Google Docs Offline) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-15] CHR Extension: (AdBlock) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-26] CHR Extension: (LastPass: Free Password Manager) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-08-27] CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2016-06-23] CHR Extension: (Chrono Download Manager) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2016-08-28] CHR Extension: (IDM Integration Module) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-08-28] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-15] CHR Extension: (Google Mail) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-15] CHR Extension: (Chrome Media Router) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20] CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-08-05] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-06-23] CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-08-05] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1277688 2016-08-21] () R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6086744 2016-08-25] () R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated) R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert] R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2016-06-20] (Sirrix AG) [Datei ist nicht signiert] R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [90112 2016-07-25] (Chip Digital GmbH) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2981056 2016-08-11] (Microsoft Corporation) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [391656 2016-07-22] (Digital Wave Ltd.) R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-06-11] (SurfRight B.V.) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.) S3 m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E; C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe [8331360 2015-11-26] (Swisscom (Schweiz) AG) R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.) R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [750032 2016-07-28] (Malwarebytes Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4692840 2016-08-15] (Acronis International GmbH) R2 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [7717528 2016-07-18] (Acronis International GmbH) R2 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1516920 2016-08-21] () S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1310448 2016-08-14] (Overwolf LTD) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [950200 2016-05-24] (Bitdefender) R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [623848 2016-03-09] (Samsung Electronics Co.,Ltd) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-17] (Microsoft Corporation) R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9729272 2016-08-11] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7248144 2016-08-08] (TeamViewer GmbH) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [156016 2016-07-01] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1693104 2016-07-01] (Bitdefender) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) R2 WO_LiveService2; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe [257872 2016-07-01] () S3 WsDrvInst; C:\Program Files (x86)\Wondershare\TunesGo Retro\DriverInstall.exe [116368 2016-04-16] (Wondershare) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [Datei ist nicht signiert] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare) S3 athr; C:\Windows\System32\drivers\athw10x.sys [4316456 2016-06-16] (Qualcomm Atheros Communications, Inc.) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1603264 2016-08-22] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [850464 2016-08-22] (BitDefender) S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-07-01] (BitDefender LLC) R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros) S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-09] (Disc Soft Ltd) S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-09] (Disc Soft Ltd) R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [75360 2016-08-04] () R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [375136 2016-08-25] (Acronis International GmbH) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [182936 2015-12-16] (BitDefender LLC) R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [299816 2016-07-01] (Bitdefender) R2 LiveTuner2PM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner64.sys [14320 2014-03-20] () R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-28] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] () S3 prl_virtual_hid; C:\Windows\System32\drivers\prl_virtual_hid.sys [19688 2015-09-18] () R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [34608 2016-06-09] (Audials AG) S3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42064 2016-08-15] (Anchorfree Inc.) R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1267544 2016-08-25] (Acronis International GmbH) R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [212320 2016-08-25] (Acronis International GmbH) S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [687968 2016-08-25] (Acronis International GmbH) R3 TotRec8; C:\WINDOWS\system32\drivers\TotRec8.sys [125568 2015-10-20] (High Criteria inc.) R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [520032 2016-07-01] (BitDefender S.R.L.) S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [182480 2016-04-29] (Oracle Corporation) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135768 2016-04-28] (Oracle Corporation) R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [331104 2016-08-25] (Acronis International GmbH) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; C:\Program Files (x86)\CyberLink\PowerDVD16\Common\NavFilter\000.fcl [29624 2016-03-28] (CyberLink Corp.) U3 DfSdkS; kein ImagePath S3 NPF; system32\drivers\NPF.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-08-28 11:25 - 2016-08-28 11:35 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Adobe 2016-08-28 11:19 - 2016-08-28 11:19 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Atheros 2016-08-28 11:10 - 2016-08-28 11:19 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Bitdefender 2016-08-28 11:05 - 2016-08-28 11:06 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit 2016-08-28 11:05 - 2016-08-28 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit 2016-08-28 11:05 - 2016-08-28 11:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit 2016-08-28 10:48 - 2016-08-28 11:37 - 00000000 ____D C:\FRST 2016-08-28 10:13 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part6.rar 2016-08-28 10:13 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part5.rar 2016-08-28 10:13 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part4.rar 2016-08-28 10:13 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part3.rar 2016-08-28 10:13 - 2016-08-28 10:13 - 54107190 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part7.rar 2016-08-28 10:12 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part1.rar 2016-08-28 10:12 - 2016-08-28 10:13 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part2.rar 2016-08-28 10:07 - 2016-08-28 10:07 - 00002756 _____ C:\Users\hochs\Downloads\333179792d081560db7da4895d27228227acbdda.dlc 2016-08-28 09:58 - 2016-08-28 09:58 - 00001347 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box.lnk 2016-08-28 09:58 - 2016-08-28 09:58 - 00001335 _____ C:\Users\Public\Desktop\Browser in the Box.lnk 2016-08-28 09:58 - 2016-08-28 09:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box 2016-08-28 09:57 - 2016-08-28 09:57 - 00000000 ____D C:\ProgramData\Sirrix AG 2016-08-28 09:57 - 2016-08-28 09:57 - 00000000 ____D C:\Program Files (x86)\Sirrix AG 2016-08-28 09:55 - 2016-08-28 09:55 - 00000000 ____D C:\Program Files\Oracle 2016-08-28 09:46 - 2016-08-14 16:09 - 00485873 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160828-094649.backup 2016-08-28 09:41 - 2016-08-28 09:41 - 00000000 ____D C:\Program Files\Common Files\AV 2016-08-28 09:41 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe 2016-08-28 09:39 - 2016-08-28 09:47 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2016-08-28 09:39 - 2016-08-28 09:41 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2016-08-28 09:39 - 2016-08-28 09:39 - 00001475 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2016-08-28 09:39 - 2016-08-28 09:39 - 00001463 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2016-08-28 09:39 - 2016-08-28 09:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking 2016-08-28 09:39 - 2016-08-28 09:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2016-08-28 09:39 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe 2016-08-28 09:30 - 2016-08-28 09:30 - 00344928 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-08-28 02:26 - 2016-08-28 02:29 - 00000000 ____D C:\Users\hochs\Downloads\home_made_pro_am_pussy_4_720p.mp4 - hd-area.org 2016-08-28 02:23 - 2016-08-28 02:23 - 00002992 _____ C:\Users\hochs\Downloads\dad82ff837cf7d22a95974c8353b6eeba7879229.dlc 2016-08-28 02:23 - 2016-08-28 02:23 - 00002992 _____ C:\Users\hochs\Downloads\dad82ff837cf7d22a95974c8353b6eeba7879229 (3).dlc 2016-08-28 02:23 - 2016-08-28 02:23 - 00002992 _____ C:\Users\hochs\Downloads\dad82ff837cf7d22a95974c8353b6eeba7879229 (2).dlc 2016-08-28 02:23 - 2016-08-28 02:23 - 00002992 _____ C:\Users\hochs\Downloads\dad82ff837cf7d22a95974c8353b6eeba7879229 (1).dlc 2016-08-28 02:22 - 2016-08-28 02:22 - 00013755 _____ C:\Users\hochs\Downloads\helper.html 2016-08-28 01:41 - 2016-08-28 11:28 - 00000000 ____D C:\Users\hochs\AppData\Roaming\IDM 2016-08-28 01:41 - 2016-08-28 09:30 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager 2016-08-28 01:41 - 2016-08-28 02:11 - 00000000 ____D C:\Users\hochs\Downloads\Compressed 2016-08-28 01:41 - 2016-08-28 01:44 - 00001093 _____ C:\Users\hochs\Desktop\Internet Download Manager.lnk 2016-08-28 01:41 - 2016-08-28 01:41 - 00000000 ____D C:\Users\hochs\Downloads\Video 2016-08-28 01:41 - 2016-08-28 01:41 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2016-08-28 01:41 - 2016-08-28 01:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2016-08-28 01:41 - 2016-08-28 01:41 - 00000000 ____D C:\ProgramData\IDM 2016-08-28 01:41 - 2016-08-28 01:41 - 00000000 _____ C:\Users\hochs\Downloads\Download.htm 2016-08-28 01:39 - 2016-08-28 01:41 - 06895345 _____ (Tonec Inc.) C:\Users\hochs\Downloads\IDM_Pre.exe 2016-08-28 01:39 - 2016-08-28 01:39 - 06895345 _____ (Tonec Inc.) C:\Users\hochs\Downloads\IDM_Pre (1).exe 2016-08-28 01:38 - 2016-08-28 01:38 - 00000000 _____ C:\Users\hochs\Downloads\da9e.tmp 2016-08-28 01:35 - 2016-08-28 01:35 - 00000000 ____D C:\Users\hochs\Downloads\Internet Download Manager 6 25 Build 25 Pre-Activated 2016-08-28 01:29 - 2016-08-28 01:29 - 00000196 _____ C:\Users\hochs\Downloads\a6dbb02e-c968-40a7-899f-d43a357ae8b4.htm 2016-08-28 01:26 - 2016-08-28 01:26 - 03875576 _____ C:\Users\hochs\Downloads\Nicht bestätigt 790328.crdownload 2016-08-28 01:26 - 2016-08-28 01:26 - 03875576 _____ C:\Users\hochs\Downloads\Nicht bestätigt 72968.crdownload 2016-08-28 01:25 - 2016-08-28 01:25 - 03875576 _____ C:\Users\hochs\Downloads\Nicht bestätigt 426776.crdownload 2016-08-28 01:20 - 2016-08-28 01:20 - 00004440 _____ C:\Users\hochs\Downloads\e7b3c70dacfd72a5689c890d8fbb75d688f8b75d.dlc 2016-08-28 01:20 - 2016-08-28 01:20 - 00004440 _____ C:\Users\hochs\Downloads\e7b3c70dacfd72a5689c890d8fbb75d688f8b75d (3).dlc 2016-08-28 01:20 - 2016-08-28 01:20 - 00004440 _____ C:\Users\hochs\Downloads\e7b3c70dacfd72a5689c890d8fbb75d688f8b75d (2).dlc 2016-08-28 01:20 - 2016-08-28 01:20 - 00004440 _____ C:\Users\hochs\Downloads\e7b3c70dacfd72a5689c890d8fbb75d688f8b75d (1).dlc 2016-08-28 01:15 - 2016-08-28 11:24 - 00000000 ____D C:\Users\hochs\AppData\Local\Free Download Manager 2016-08-28 01:15 - 2016-08-28 01:15 - 00001168 _____ C:\Users\Public\Desktop\Free Download Manager 5.lnk 2016-08-28 01:15 - 2016-08-28 01:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager 2016-08-28 01:15 - 2016-08-28 01:15 - 00000000 ____D C:\Program Files\FreeDownloadManager.ORG 2016-08-27 20:41 - 2016-08-27 20:42 - 00000000 ____D C:\Users\hochs\Downloads\Cuban.Fury.Echte.Maenner.tanzen.German.2014.AC3.BDRip.x264-FRACTAL 2016-08-27 20:39 - 2016-08-27 20:39 - 00003480 _____ C:\Users\hochs\Downloads\5b1f9ae276247c172704601f80fd4f7e6cdb3388 (1).dlc 2016-08-27 20:38 - 2016-08-27 20:38 - 00003480 _____ C:\Users\hochs\Downloads\5b1f9ae276247c172704601f80fd4f7e6cdb3388.dlc 2016-08-27 20:37 - 2016-08-27 20:37 - 00001918 _____ C:\Users\Public\Desktop\Star Downloader.lnk 2016-08-27 20:37 - 2016-08-27 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Downloader 2016-08-27 20:37 - 2016-08-27 20:37 - 00000000 ____D C:\Program Files (x86)\Star Downloader 2016-08-27 20:36 - 2016-08-27 20:37 - 02452082 _____ (Star Downloader) C:\Users\hochs\Downloads\sdfree.exe 2016-08-27 20:32 - 2016-08-27 20:33 - 00000000 ____D C:\Users\hochs\Downloads\Star.Trek.Beyond.2016.German.TS.V2.MD.x264-MULTiPLEX - filecrypt.cc 2016-08-27 20:11 - 2016-08-27 20:11 - 00001348 _____ C:\Users\hochs\Desktop\4K Video Downloader.lnk 2016-08-27 20:11 - 2016-08-27 20:11 - 00000000 ____D C:\Users\hochs\AppData\Local\4kdownload.com 2016-08-27 20:11 - 2016-08-27 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download 2016-08-27 20:11 - 2016-08-27 20:11 - 00000000 ____D C:\Program Files (x86)\4KDownload 2016-08-27 20:10 - 2016-08-27 20:11 - 31335352 _____ (Open Media LLC ) C:\Users\hochs\Downloads\4kvideodownloader_4.1.exe 2016-08-27 20:04 - 2016-08-27 20:04 - 00003113 _____ C:\Users\hochs\Downloads\ardmediathek.host 2016-08-27 19:52 - 2016-08-27 19:52 - 00003149 _____ C:\Users\hochs\Downloads\zdfmediathek.host 2016-08-27 11:56 - 2016-08-27 11:59 - 00000000 ____D C:\Users\hochs\Downloads\The.Mechanic.2.Resurrection.2016.TS.MD.German.x264-PS - filecrypt.cc 2016-08-27 09:14 - 2016-08-27 09:14 - 00000838 _____ C:\Users\hochs\Documents\psr7.lic 2016-08-27 09:13 - 2016-08-27 09:55 - 00548864 _____ C:\Users\hochs\Documents\Passwort.ps7 2016-08-27 09:07 - 2016-08-27 09:07 - 00001214 _____ C:\Users\Public\Desktop\Password Safe 7.lnk 2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\Users\hochs\Downloads\Bitdefender Safepay 2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Password Safe and Repository 7 2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\ProgramData\InstallMate 2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\Program Files (x86)\Password Safe and Repository 7 2016-08-27 08:47 - 2016-08-27 08:47 - 00418464 _____ C:\Users\hochs\Downloads\SecureSafe-Recovery-Code.pdf 2016-08-27 08:08 - 2016-08-27 08:08 - 00001542 _____ C:\Users\Public\Desktop\Ein-Klick-Optimierung (WO14).lnk 2016-08-27 08:08 - 2016-08-27 08:08 - 00001314 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 14.lnk 2016-08-27 08:08 - 2016-08-27 08:08 - 00000214 _____ C:\Users\Public\Desktop\My Software Deals.url 2016-08-27 08:08 - 2016-08-27 08:08 - 00000000 ____D C:\ProgramData\Ashampoo 2016-08-27 08:08 - 2009-08-24 22:13 - 00034304 _____ (mst software GmbH, Germany) C:\WINDOWS\system32\DfSdkBt.exe 2016-08-27 08:07 - 2016-08-27 08:08 - 28473112 _____ (Ashampoo GmbH & Co. KG ) C:\Users\hochs\Downloads\ashampoo_winoptimizer_14_e14.00.02_sm.exe 2016-08-27 05:34 - 2015-11-11 13:56 - 00043618 ____N C:\Users\hochs\Downloads\qualcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_630.dll 2016-08-27 05:34 - 2015-11-11 13:56 - 00029361 ____N C:\Users\hochs\Downloads\manual_installation_guidequalcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_630.pdf 2016-08-27 05:34 - 2015-11-11 13:56 - 00005159 ____N C:\Users\hochs\Downloads\qualcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_6301.sys 2016-08-27 05:34 - 2015-11-11 13:56 - 00003638 ____N C:\Users\hochs\Downloads\READ-ME.txt 2016-08-27 05:34 - 2015-11-11 13:56 - 00001474 ____N C:\Users\hochs\Downloads\qualcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_630.cat 2016-08-27 05:33 - 2016-08-27 05:33 - 00031404 _____ C:\Users\hochs\Downloads\qualcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_630_driver.zip 2016-08-27 04:55 - 2016-08-27 04:55 - 00981592 _____ (SlimWare Utilities, Inc.) C:\Users\hochs\Downloads\SlimDrivers-setup.exe 2016-08-27 04:40 - 2016-08-27 04:50 - 00000000 ____D C:\Users\hochs\Downloads\lhd-hwahrheit-1080p.mkv - hd-area.org 2016-08-27 04:21 - 2016-08-27 04:49 - 00000000 ____D C:\Users\hochs\Downloads\Nichts.mehr.wie.vorher.German.2013.AC3.DVDRip.x264-iMPERiUM - filecrypt.cc 2016-08-26 18:00 - 2016-08-27 04:02 - 00000000 ____D C:\Users\hochs\Downloads\Wie.Klaut.Man.Eine.Million.German.DL.1966.HDTV.720p.x264.AC3-msd - hd-area.org 2016-08-26 17:50 - 2016-08-26 17:54 - 00000000 ____D C:\Users\hochs\Downloads\Dafranosuri 2016-08-26 16:31 - 2016-08-26 16:31 - 00001158 _____ C:\Users\Public\Desktop\My LastPass Vault.lnk 2016-08-26 16:31 - 2016-08-26 16:31 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass 2016-08-26 16:31 - 2016-08-26 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass 2016-08-26 16:30 - 2016-08-26 16:31 - 00000000 ____D C:\Program Files (x86)\LastPass 2016-08-26 16:03 - 2016-08-28 11:28 - 00000000 ____D C:\Users\hochs\AppData\LocalLow\LastPass 2016-08-26 15:57 - 2016-08-26 15:57 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Mozilla 2016-08-26 11:43 - 2016-08-26 15:54 - 00000000 ____D C:\Users\hochs\Downloads\Crouching.Tiger.Hidden.Dragon.Sword.of.Destiny.2016.German.Dubbed.DL.2160p.WEB-DL.x264-NIMA4K 2016-08-25 19:45 - 2016-08-26 11:41 - 00000000 ____D C:\Users\hochs\Downloads\Made.in.France.2015.German.1080p.BluRay.x264-ROOR - filecrypt.cc 2016-08-25 18:26 - 2016-08-25 18:26 - 00331104 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file2355.sys 2016-08-25 18:26 - 2016-08-25 18:26 - 00181088 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2263.sys 2016-08-25 18:26 - 2016-08-25 18:26 - 00000000 ____D C:\ProgramData\Acronis Mobile Backup Data 2016-08-24 04:24 - 2016-08-24 04:24 - 00142170 _____ C:\Users\hochs\Documents\Invoice_9636875_3300331493042016.pdf 2016-08-24 04:23 - 2016-08-24 04:23 - 00071918 _____ C:\Users\hochs\Documents\Details_9636875_3300765375082016_10000149531615.pdf 2016-08-24 04:17 - 2016-08-24 04:27 - 204759040 _____ C:\Users\hochs\Documents\DSM_DS214+_8451.pat 2016-08-23 19:03 - 2016-08-24 20:04 - 00000000 ____D C:\Users\hochs\Downloads\xan-The.Ardennes-avc.mkv - hd-area.org 2016-08-23 18:53 - 2016-08-24 20:03 - 00000000 ____D C:\Users\hochs\Downloads\kilotwobravo180.mkv - hd-area.org 2016-08-23 18:47 - 2016-08-23 18:51 - 00000000 ____D C:\Users\hochs\Downloads\The.Confirmation.2016.German.AC3.DVDRip.x264-MULTiPLEX - filecrypt.cc 2016-08-23 18:31 - 2016-08-23 18:31 - 00000000 ____D C:\Users\hochs\AppData\Local\Deployment 2016-08-22 20:18 - 2016-08-22 20:32 - 00000000 ____D C:\Users\hochs\Downloads\Riff.Piraten.1939.German.DL.1080p.BluRay.x264-CONTRiBUTiON - filecrypt.cc 2016-08-22 19:57 - 2016-08-22 19:57 - 00002126 _____ C:\Users\Public\Desktop\Google Slides.lnk 2016-08-22 19:57 - 2016-08-22 19:57 - 00002124 _____ C:\Users\Public\Desktop\Google Sheets.lnk 2016-08-22 19:57 - 2016-08-22 19:57 - 00002114 _____ C:\Users\Public\Desktop\Google Docs.lnk 2016-08-22 19:57 - 2016-08-22 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-08-22 19:32 - 2016-08-22 19:32 - 00000000 ____D C:\Snort 2016-08-22 19:30 - 2016-08-22 19:30 - 00000000 ____D C:\ProgramData\AVAST Software 2016-08-21 16:07 - 2016-08-22 20:17 - 00000000 ____D C:\Users\hochs\Downloads\Der.Wert.des.Menschen.German.2015.DL.PAL.DVDR-SAViOUR - filecrypt.cc 2016-08-21 15:59 - 2016-08-22 20:17 - 00000000 ____D C:\Users\hochs\Downloads\Nick.Knattertons.Abenteuer.Der.Raub.der.Gloria.Nylon.1959.German.BDRip.x264-MONOBiLD - filecrypt.cc 2016-08-21 13:45 - 2016-08-21 13:45 - 00000000 ____D C:\Users\hochs\Downloads\Unterschrift 2016-08-21 04:04 - 2016-08-21 04:04 - 00000000 ____D C:\ProgramData\Wondershare 2016-08-21 04:03 - 2016-08-21 04:03 - 00000000 ____D C:\Users\hochs\AppData\Local\CrashRpt 2016-08-21 04:03 - 2016-08-21 04:03 - 00000000 ____D C:\Users\hochs\AppData\Local\BMExplorer 2016-08-20 19:13 - 2016-08-22 20:17 - 00000000 ____D C:\Users\hochs\Downloads\Suicide.Squad.TS.MD.GERMAN.x264-KarlsKrone - filecrypt.cc 2016-08-20 15:12 - 2016-08-20 15:12 - 00000000 ____D C:\Users\hochs\AppData\Local\PeerDistRepub 2016-08-20 14:01 - 2016-08-20 14:01 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iStripper 2016-08-20 10:41 - 2016-08-20 10:41 - 00000000 ____D C:\Users\hochs\AppData\Local\Remove_Empty_Directories 2016-08-20 10:36 - 2016-08-20 10:36 - 00001179 _____ C:\Users\Public\Desktop\Remove Empty Directories.lnk 2016-08-20 10:36 - 2016-08-20 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remove Empty Directories 2016-08-20 10:36 - 2016-08-20 10:36 - 00000000 ____D C:\Program Files (x86)\Remove Empty Directories 2016-08-20 10:23 - 2016-08-25 18:47 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Paltalk 2016-08-20 07:47 - 2016-08-20 07:47 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk 2016-08-20 07:47 - 2016-08-20 07:47 - 00002298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk 2016-08-20 07:47 - 2016-08-20 07:47 - 00002228 _____ C:\Users\Public\Desktop\Adobe FormsCentral.lnk 2016-08-20 07:47 - 2016-08-20 07:47 - 00002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk 2016-08-20 07:47 - 2016-08-20 07:47 - 00002114 _____ C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk 2016-08-19 22:36 - 2016-08-20 07:39 - 00001150 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-08-19 22:36 - 2016-08-20 07:39 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-08-19 22:36 - 2016-08-19 22:41 - 00004208 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-08-19 22:36 - 2016-08-19 22:41 - 00003976 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-08-18 18:24 - 2016-08-28 11:24 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Yahoo Messenger 2016-08-18 18:24 - 2016-08-18 18:24 - 00002381 _____ C:\Users\hochs\Desktop\Yahoo Messenger.lnk 2016-08-18 18:24 - 2016-08-18 18:24 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yahoo! Inc 2016-08-18 18:24 - 2016-08-18 18:24 - 00000000 ____D C:\Users\hochs\AppData\Local\yahoomessenger 2016-08-18 00:11 - 2016-08-18 00:11 - 00002449 ____R C:\WINDOWS\RouterControl0_Uninstall.in 2016-08-18 00:11 - 2009-05-19 13:49 - 00330344 _____ (Mirko Böer) C:\WINDOWS\RCoUn0.exe 2016-08-18 00:10 - 2016-08-18 00:11 - 00001107 _____ C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RouterControl.lnk 2016-08-18 00:10 - 2016-08-18 00:11 - 00001077 _____ C:\Users\hochs\Desktop\RouterControl.lnk 2016-08-18 00:10 - 2016-08-18 00:11 - 00000000 ____D C:\Program Files (x86)\RouterControl 2016-08-18 00:10 - 2016-08-18 00:10 - 00002449 ____R C:\WINDOWS\RouterControl_Uninstall.in 2016-08-18 00:10 - 2016-08-18 00:10 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RouterControl 2016-08-18 00:10 - 2009-05-19 13:49 - 00330344 _____ (Mirko Böer) C:\WINDOWS\RCoUn.EXE 2016-08-17 18:30 - 2016-08-17 18:30 - 00002081 _____ C:\Users\Public\Desktop\TraXEx-Schredder.lnk 2016-08-17 18:30 - 2016-08-17 18:30 - 00002059 _____ C:\Users\Public\Desktop\TraXEx-Löschautomat.lnk 2016-08-17 18:30 - 2016-08-17 18:30 - 00002051 _____ C:\Users\Public\Desktop\TraXEx 7.0.lnk 2016-08-17 18:30 - 2016-08-17 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TraXEx 7.0 2016-08-17 18:30 - 2016-08-17 18:30 - 00000000 ____D C:\Program Files (x86)\TraXEx 2016-08-17 00:17 - 2016-08-17 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-08-17 00:17 - 2016-08-17 00:17 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-08-17 00:17 - 2016-08-17 00:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-08-15 11:40 - 2016-08-15 11:40 - 00042064 _____ (Anchorfree Inc.) C:\WINDOWS\system32\Drivers\taphss6.sys 2016-08-15 03:42 - 2016-08-15 03:43 - 00000000 ____D C:\ProgramData\F-Secure 2016-08-15 03:42 - 2016-08-15 03:42 - 00000000 ____D C:\Users\hochs\AppData\Local\F-Secure 2016-08-14 16:09 - 2016-08-14 16:09 - 00006666 _____ C:\WINDOWS\system32\Drivers\etc\hosts_PTbackup2.bak 2016-08-14 16:05 - 2016-08-14 16:05 - 08981510 _____ C:\Users\hochs\Documents\DESKTOP-GBIJB17.arn 2016-08-14 15:56 - 2016-08-14 15:56 - 00000022 ___SH C:\Users\hochs\AppData\Roaming\App1755 Conf_DB.ind 2016-08-14 15:56 - 2016-08-14 15:56 - 00000022 ___SH C:\Users\hochs\AppData\Roaming\0BF913075E33065.xrd 2016-08-14 15:56 - 2016-08-14 15:56 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools X 2016-08-14 15:55 - 2016-08-22 19:42 - 00000000 ____D C:\Program Files (x86)\jv16 PowerTools X 2016-08-14 15:55 - 2016-08-14 15:55 - 00001952 _____ C:\Users\hochs\Desktop\jv16 PowerTools X.lnk 2016-08-14 15:37 - 2016-08-14 15:49 - 00000000 ____D C:\ProgramData\WindSolutions 2016-08-14 15:37 - 2016-08-14 15:37 - 00001436 _____ C:\Users\hochs\Desktop\CopyTrans Control Center.lnk 2016-08-14 15:37 - 2016-08-14 15:37 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center 2016-08-14 15:18 - 2016-08-14 15:18 - 00001428 _____ C:\Users\Public\Desktop\Wondershare TunesGo Retro.lnk 2016-08-14 15:18 - 2016-08-14 15:18 - 00000000 ____D C:\Users\hochs\AppData\Local\Wondershare 2016-08-14 15:18 - 2016-08-14 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2016-08-14 15:17 - 2016-08-14 15:17 - 00000000 ____D C:\Program Files (x86)\Wondershare 2016-08-14 14:29 - 2016-08-14 14:29 - 00002266 _____ C:\Users\Public\Desktop\Xilisoft Video Converter Ultimate.lnk 2016-08-14 14:29 - 2016-08-14 14:29 - 00000000 ____D C:\ProgramData\Xilisoft 2016-08-14 14:29 - 2016-08-14 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft 2016-08-14 14:29 - 2016-08-14 14:29 - 00000000 ____D C:\Program Files (x86)\Xilisoft 2016-08-14 14:22 - 2016-08-14 14:23 - 00000000 ____D C:\ProgramData\Freemake 2016-08-14 14:22 - 2016-08-14 14:22 - 00001408 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk 2016-08-14 14:22 - 2016-08-14 14:22 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake 2016-08-14 14:22 - 2016-08-14 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake 2016-08-14 14:22 - 2016-08-14 14:22 - 00000000 ____D C:\Program Files (x86)\Freemake 2016-08-14 13:35 - 2016-08-14 13:35 - 00000000 ____D C:\Users\hochs\Documents\Benutzerdefinierte Office-Vorlagen 2016-08-14 12:55 - 2016-08-14 12:55 - 00000000 ____D C:\Users\hochs\AppData\Local\CrashReportClient 2016-08-14 12:21 - 2016-08-14 12:21 - 00000000 ____D C:\Program Files\Epic Games 2016-08-14 12:19 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll 2016-08-14 12:19 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll 2016-08-14 12:19 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll 2016-08-14 12:19 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll 2016-08-14 12:19 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll 2016-08-14 12:19 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll 2016-08-14 12:19 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll 2016-08-14 12:19 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll 2016-08-14 12:19 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll 2016-08-14 12:19 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll 2016-08-14 12:19 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll 2016-08-14 12:19 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll 2016-08-14 12:18 - 2016-08-14 12:20 - 00002617 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk 2016-08-14 12:18 - 2016-08-14 12:20 - 00002605 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk 2016-08-14 12:18 - 2016-08-14 12:19 - 00000000 ____D C:\ProgramData\Epic 2016-08-14 12:18 - 2016-08-14 12:18 - 00000000 ____D C:\Users\hochs\AppData\Local\UnrealEngine 2016-08-14 12:18 - 2016-08-14 12:18 - 00000000 ____D C:\Users\hochs\AppData\Local\EpicGamesLauncher 2016-08-14 12:18 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll 2016-08-13 23:41 - 2016-08-13 23:41 - 00000000 ____D C:\Program Files\CMAK 2016-08-13 23:41 - 2016-08-13 23:41 - 00000000 ____D C:\Program Files (x86)\CMAK 2016-08-13 10:03 - 2016-08-13 10:03 - 00000000 ___HD C:\$Windows.~WS 2016-08-12 22:02 - 2016-08-12 22:02 - 00001961 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk 2016-08-12 22:02 - 2016-08-12 22:02 - 00001949 _____ C:\Users\Public\Desktop\ImgBurn.lnk 2016-08-12 22:02 - 2016-08-12 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn 2016-08-12 22:02 - 2016-08-12 22:02 - 00000000 ____D C:\Program Files (x86)\ImgBurn 2016-08-12 21:20 - 2016-08-12 21:20 - 00000000 ____D C:\Users\hochs\AppData\Local\Disc_Soft_Ltd 2016-08-11 20:03 - 2016-08-11 20:03 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe 2016-08-10 05:51 - 2016-08-02 10:58 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-08-10 05:51 - 2016-08-02 10:53 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-08-10 05:51 - 2016-08-02 10:52 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-08-10 05:51 - 2016-08-02 10:48 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-08-10 05:51 - 2016-08-02 10:48 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2016-08-10 05:51 - 2016-08-02 10:44 - 00151232 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-08-10 05:51 - 2016-08-02 10:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2016-08-10 05:51 - 2016-08-02 10:23 - 22572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-08-10 05:51 - 2016-08-02 10:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2016-08-10 05:51 - 2016-08-02 10:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2016-08-10 05:51 - 2016-08-02 10:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-08-10 05:51 - 2016-08-02 10:20 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2016-08-10 05:51 - 2016-08-02 10:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2016-08-10 05:51 - 2016-08-02 10:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll 2016-08-10 05:51 - 2016-08-02 10:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2016-08-10 05:51 - 2016-08-02 10:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-08-10 05:51 - 2016-08-02 10:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-08-10 05:51 - 2016-08-02 10:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll 2016-08-10 05:51 - 2016-08-02 10:11 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-08-10 05:51 - 2016-08-02 10:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll 2016-08-10 05:51 - 2016-08-02 10:09 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll 2016-08-10 05:51 - 2016-08-02 10:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-08-10 05:51 - 2016-08-02 10:07 - 09125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-08-10 05:51 - 2016-08-02 10:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-08-10 05:51 - 2016-08-02 10:00 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2016-08-10 05:51 - 2016-08-02 09:59 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-08-10 05:51 - 2016-08-02 09:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-08-10 05:51 - 2016-08-02 09:57 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-08-10 05:51 - 2016-08-02 09:56 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2016-08-10 05:51 - 2016-08-02 09:56 - 01785856 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-08-10 05:51 - 2016-08-02 09:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2016-08-10 05:51 - 2016-08-02 09:55 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-08-10 05:51 - 2016-08-02 09:55 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-08-10 05:51 - 2016-08-02 09:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll 2016-08-10 05:51 - 2016-08-02 06:56 - 02251440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-08-10 05:51 - 2016-08-02 06:51 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-08-10 05:51 - 2016-08-02 06:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2016-08-10 05:51 - 2016-08-02 06:39 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2016-08-10 05:51 - 2016-08-02 06:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2016-08-10 05:51 - 2016-08-02 06:37 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-08-10 05:51 - 2016-08-02 06:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2016-08-10 05:51 - 2016-08-02 06:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll 2016-08-10 05:51 - 2016-08-02 06:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-08-10 05:51 - 2016-08-02 06:28 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-08-10 05:51 - 2016-08-02 06:27 - 07623168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-08-10 05:51 - 2016-08-02 06:26 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-08-10 05:51 - 2016-08-02 06:26 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-08-10 05:51 - 2016-08-02 06:25 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2016-08-10 05:51 - 2016-08-02 06:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-08-10 05:51 - 2016-08-02 06:23 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2016-08-10 05:51 - 2016-08-02 06:16 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-08-10 05:51 - 2016-08-02 06:13 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-08-10 05:51 - 2016-08-02 06:13 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2016-08-10 05:51 - 2016-08-02 06:12 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2016-08-10 05:51 - 2016-08-02 06:09 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll 2016-08-10 05:51 - 2016-07-22 03:32 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2016-08-10 05:51 - 2016-07-22 03:27 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-08-10 05:51 - 2016-07-22 03:27 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-08-10 05:51 - 2016-07-22 03:27 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-08-10 05:51 - 2016-07-22 03:26 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-08-10 05:51 - 2016-07-22 03:25 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2016-08-10 05:51 - 2016-07-22 03:20 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-08-10 05:51 - 2016-07-22 03:18 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-08-10 05:51 - 2016-07-22 03:18 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-08-10 05:51 - 2016-07-22 03:18 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2016-08-10 05:51 - 2016-07-22 03:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-08-10 05:51 - 2016-07-22 03:11 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-08-10 05:51 - 2016-07-22 02:49 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-08-10 05:51 - 2016-07-22 02:32 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2016-08-10 05:51 - 2016-07-22 02:31 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-08-09 20:38 - 2016-08-09 20:38 - 00047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys 2016-08-09 20:38 - 2016-08-09 20:38 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys 2016-08-09 20:38 - 2016-08-09 20:38 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images 2016-08-09 20:09 - 2016-08-09 20:09 - 00002315 _____ C:\Users\hochs\Desktop\RT 7 Lite (64-Bit).lnk 2016-08-09 20:09 - 2016-08-09 20:09 - 00000000 ____D C:\WINDOWS\system32\RT 7 Lite 2016-08-09 20:09 - 2016-08-09 20:09 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockers Team 2016-08-09 20:09 - 2016-08-09 20:09 - 00000000 ____D C:\Program Files\Rockers Team 2016-08-08 17:27 - 2016-08-08 17:27 - 00000000 ____D C:\WINDOWS\system32\EventProviders 2016-08-08 17:15 - 2016-08-28 11:22 - 00000000 ____D C:\AdwCleaner 2016-08-07 15:28 - 2016-08-07 15:28 - 00000000 ____D C:\Users\hochs\AppData\Local\ElevatedDiagnostics 2016-08-07 15:17 - 2016-08-17 01:11 - 00000000 ___DC C:\WINDOWS\Panther 2016-08-07 15:15 - 2016-08-07 15:15 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2016-08-07 15:14 - 2016-08-07 15:14 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2016-08-07 15:14 - 2016-08-07 15:14 - 00000000 ____D C:\Program Files\Reference Assemblies 2016-08-07 15:14 - 2016-08-07 15:14 - 00000000 ____D C:\Program Files\MSBuild 2016-08-07 15:14 - 2016-08-07 15:14 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2016-08-07 15:14 - 2016-08-07 15:14 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-08-07 15:14 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2016-08-07 15:14 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2016-08-07 15:14 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2016-08-07 15:14 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2016-08-07 15:14 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2016-08-07 15:14 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2016-08-07 14:29 - 2016-08-08 16:59 - 00000000 ____D C:\Users\hochs\AppData\Local\ConnectedDevicesPlatform 2016-08-07 14:29 - 2016-08-07 14:29 - 00000020 ___SH C:\Users\hochs\ntuser.ini 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Vorlagen 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Startmenü 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien 2016-08-07 14:26 - 2016-08-09 20:48 - 00002563 _____ C:\WINDOWS\diagwrn.xml 2016-08-07 14:26 - 2016-08-09 20:48 - 00001908 _____ C:\WINDOWS\diagerr.xml 2016-08-07 14:25 - 2016-08-28 11:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-08-07 14:25 - 2016-08-25 18:44 - 00003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForhochs 2016-08-07 14:25 - 2016-08-07 14:43 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-08-07 14:25 - 2016-08-07 14:25 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat 2016-08-07 14:25 - 2016-08-07 14:25 - 00003566 _____ C:\WINDOWS\System32\Tasks\Driver Easy Scheduled Scan 2016-08-07 14:25 - 2016-08-07 14:25 - 00003314 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{82C7B0E5-717C-433B-B746-49CB807503D5} 2016-08-07 14:25 - 2016-08-07 14:25 - 00003098 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-08-07 14:25 - 2016-08-07 14:25 - 00002676 _____ C:\WINDOWS\System32\Tasks\IPTV-Aufnahme Teleclub 2016-08-07 14:25 - 2016-08-07 14:25 - 00002668 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task 2016-08-07 14:25 - 2016-08-07 14:25 - 00002668 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 2016-08-07 14:25 - 2016-08-07 14:25 - 00002536 _____ C:\WINDOWS\System32\Tasks\SamsungMagician 2016-08-07 14:25 - 2016-08-07 14:25 - 00002494 _____ C:\WINDOWS\System32\Tasks\Samsung_PSSD_Registration 2016-08-07 14:25 - 2016-08-07 14:25 - 00002428 _____ C:\WINDOWS\System32\Tasks\PrivaZer_SkipUAC 2016-08-07 14:25 - 2016-08-07 14:25 - 00002346 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice 2016-08-07 14:25 - 2016-08-07 14:25 - 00002288 _____ C:\WINDOWS\System32\Tasks\RtHDVBg 2016-08-07 14:25 - 2016-08-07 14:25 - 00002280 _____ C:\WINDOWS\System32\Tasks\RTKCPL 2016-08-07 14:25 - 2016-08-07 14:25 - 00000000 ____D C:\WINDOWS\System32\Tasks\Nero 2016-08-07 14:25 - 2016-08-07 14:25 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard 2016-08-07 14:25 - 2016-08-07 14:25 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple 2016-08-07 14:23 - 2016-08-07 14:23 - 00000000 ____D C:\ProgramData\USOShared 2016-08-07 14:22 - 2016-08-07 14:22 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-08-07 14:20 - 2016-08-07 14:22 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2016-08-07 14:19 - 2016-08-21 19:49 - 00000000 ____D C:\Users\hochs 2016-08-07 14:19 - 2016-08-07 14:23 - 00000000 ____D C:\Users\Administrator 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Vorlagen 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Startmenü 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Netzwerkumgebung 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Lokale Einstellungen 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Eigene Dateien 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Druckumgebung 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Documents\Eigene Videos 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Documents\Eigene Musik 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Documents\Eigene Bilder 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\AppData\Local\Verlauf 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\AppData\Local\Anwendungsdaten 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Anwendungsdaten 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Vorlagen 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Startmenü 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten 2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten 2016-08-07 14:18 - 2016-08-07 14:18 - 00317063 _____ C:\WINDOWS\system32\Drivers\RTWAVES40.dat 2016-08-07 14:18 - 2016-08-07 14:18 - 00006786 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat 2016-08-07 14:18 - 2016-08-07 14:18 - 00002626 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat 2016-08-07 14:18 - 2016-08-07 14:18 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2016-08-07 14:18 - 2016-08-07 14:18 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2016-08-07 14:18 - 2016-08-07 14:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-08-07 14:18 - 2016-08-07 14:18 - 00000000 ____D C:\ProgramData\NVIDIA 2016-08-07 14:18 - 2016-08-07 14:18 - 00000000 ____D C:\Program Files\Realtek 2016-08-07 14:18 - 2016-08-07 14:18 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-08-07 14:18 - 2016-08-07 14:18 - 00000000 ____D C:\Program Files\Elantech 2016-08-07 14:18 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2016-08-07 14:18 - 2016-06-03 05:59 - 06452948 _____ C:\WINDOWS\system32\nvcoproc.bin 2016-08-07 14:18 - 2016-06-03 05:59 - 06364216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2016-08-07 14:18 - 2016-06-03 05:59 - 02455608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2016-08-07 14:18 - 2016-06-03 05:59 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2016-08-07 14:18 - 2016-06-03 05:59 - 01352760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2016-08-07 14:18 - 2016-06-03 05:59 - 00534072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2016-08-07 14:18 - 2016-06-03 05:59 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2016-08-07 14:18 - 2016-06-03 05:59 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2016-08-07 14:18 - 2016-06-03 05:59 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2016-08-07 14:17 - 2016-08-28 09:22 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-08-07 14:17 - 2016-08-07 14:17 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2016-08-07 13:57 - 2016-08-07 13:59 - 00000036 _____ C:\WINDOWS\progress.ini 2016-08-07 13:51 - 2016-08-08 20:28 - 00000000 ____D C:\Windows10Upgrade 2016-08-07 13:51 - 2016-08-07 14:29 - 00000000 ___HD C:\$GetCurrent 2016-08-07 13:51 - 2016-08-07 13:51 - 00000742 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Upgrade-Assistent.lnk 2016-08-07 13:51 - 2016-08-07 13:51 - 00000730 _____ C:\Users\hochs\Desktop\Windows 10-Upgrade-Assistent.lnk 2016-08-07 09:09 - 2016-08-07 09:09 - 00001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-08-07 09:09 - 2016-08-07 09:09 - 00001115 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2016-08-07 09:03 - 2016-08-19 19:27 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-08-07 08:47 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician 2016-08-07 08:47 - 2016-08-07 08:47 - 00001313 _____ C:\Users\Public\Desktop\Samsung Magician.lnk 2016-08-07 08:47 - 2016-08-07 08:47 - 00000000 ____D C:\Program Files (x86)\Samsung 2016-08-07 08:46 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Portable SSD T3 2016-08-07 08:46 - 2016-08-07 08:46 - 00001729 _____ C:\Users\Public\Desktop\Samsung Portable SSD T3.lnk 2016-08-07 08:46 - 2016-08-07 08:46 - 00000000 ____D C:\ProgramData\Samsung Apps 2016-08-06 18:49 - 2016-08-07 14:22 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger 2016-08-06 18:49 - 2016-08-06 18:49 - 00002065 _____ C:\Users\hochs\Desktop\Paltalk Messenger.lnk 2016-08-06 18:49 - 2016-08-06 18:49 - 00001186 _____ C:\Users\hochs\Desktop\Upgrade to Paltalk Extreme.lnk 2016-08-06 18:49 - 2016-08-06 18:49 - 00000000 ____D C:\Program Files (x86)\Paltalk Messenger 2016-08-06 18:12 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery 2016-08-06 18:12 - 2016-08-06 18:12 - 00000000 ____D C:\ProgramData\Elcomsoft Password Recovery 2016-08-06 18:12 - 2016-08-06 18:12 - 00000000 ____D C:\Program Files (x86)\Elcomsoft Password Recovery 2016-08-06 18:12 - 2016-08-06 18:12 - 00000000 ____D C:\Program Files (x86)\Elcomsoft 2016-08-06 11:42 - 2016-08-18 18:26 - 00000000 ____D C:\Users\hochs\AppData\Local\SquirrelTemp 2016-08-06 11:42 - 2016-08-07 14:19 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2016-08-06 11:42 - 2016-08-06 11:42 - 00002253 _____ C:\Users\hochs\Desktop\WhatsApp.lnk 2016-08-06 11:42 - 2016-08-06 11:42 - 00000000 ____D C:\Users\hochs\AppData\Local\WhatsApp 2016-08-06 10:16 - 2016-08-06 10:16 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll 2016-08-06 09:27 - 2016-08-20 10:41 - 00000000 ____D C:\xampp2 2016-08-06 09:19 - 2016-08-20 07:37 - 00000000 ____D C:\WINDOWS\system32\appmgmt 2016-08-06 09:18 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP 2016-08-06 09:16 - 2016-08-20 10:41 - 00000000 ____D C:\xampp 2016-08-06 09:05 - 2016-08-06 09:05 - 00000000 ____D C:\Program Files (x86)\MySQL 2016-08-06 08:57 - 2016-08-20 10:37 - 00000000 ____D C:\Users\hochs\.mythtv 2016-08-06 08:57 - 2016-08-07 14:22 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MythTV 2016-08-06 08:56 - 2016-08-06 08:57 - 00000000 ____D C:\Program Files (x86)\MythTV 2016-08-06 08:15 - 2016-08-20 13:56 - 00000000 ____D C:\ProgramData\Ad Muncher 2016-08-06 08:15 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad Muncher 2016-08-06 08:15 - 2016-08-06 08:15 - 00000000 ____D C:\Program Files (x86)\Ad Muncher 2016-08-05 17:50 - 2016-08-05 15:04 - 00217256 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys 2016-08-04 18:57 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minimal ADB and Fastboot 2016-08-04 18:57 - 2016-08-04 18:57 - 00001184 _____ C:\Users\Public\Desktop\Minimal ADB and Fastboot.lnk 2016-08-04 18:57 - 2016-08-04 18:57 - 00000000 ____D C:\Program Files (x86)\Minimal ADB and Fastboot 2016-08-04 18:21 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-08-04 18:21 - 2016-08-04 18:21 - 00001833 _____ C:\Users\Public\Desktop\iTunes.lnk 2016-08-04 18:21 - 2016-08-04 18:21 - 00000000 ____D C:\Program Files\iTunes 2016-08-04 18:21 - 2016-08-04 18:21 - 00000000 ____D C:\Program Files\iPod 2016-08-04 18:21 - 2016-08-04 18:21 - 00000000 ____D C:\Program Files (x86)\iTunes 2016-08-01 10:03 - 2016-08-07 14:22 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileBot 2016-08-01 10:03 - 2016-08-01 10:03 - 00002164 _____ C:\Users\hochs\Desktop\FileBot.lnk 2016-08-01 10:03 - 2016-08-01 10:03 - 00000000 ____D C:\Program Files\FileBot 2016-07-31 23:01 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam 2016-07-31 22:57 - 2016-07-31 23:05 - 00000000 ____D C:\Users\hochs\AppData\Local\ManyCam 2016-07-31 22:51 - 2016-07-31 23:01 - 00001075 _____ C:\Users\Public\Desktop\ManyCam.lnk 2016-07-31 22:51 - 2016-07-31 22:51 - 00000000 ____D C:\ProgramData\ManyCam 2016-07-31 22:50 - 2016-07-31 23:02 - 00000000 ____D C:\Program Files (x86)\ManyCam 2016-07-31 16:33 - 2016-08-07 14:22 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.5 2016-07-31 16:33 - 2016-07-31 16:33 - 00000000 ____D C:\Users\hochs\AppData\Local\Package Cache 2016-07-31 08:56 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeaZip 2016-07-31 08:56 - 2016-07-31 08:56 - 00000836 _____ C:\Users\hochs\Desktop\PeaZip.lnk 2016-07-31 08:55 - 2016-07-31 08:59 - 00000000 ____D C:\Program Files\PeaZip 2016-07-31 08:45 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clover 2016-07-31 08:45 - 2016-07-31 08:45 - 00001063 _____ C:\Users\Public\Desktop\Clover.lnk 2016-07-31 08:45 - 2016-07-31 08:45 - 00000000 ____D C:\Users\hochs\AppData\Local\Clover 2016-07-31 08:45 - 2016-07-31 08:45 - 00000000 ____D C:\Program Files (x86)\Clover 2016-07-31 07:21 - 2016-07-30 23:34 - 00001172 _____ C:\Users\hochs\Desktop\KaraFun Player 2 - Kopie.lnk 2016-07-31 00:59 - 2016-08-07 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games 2016-07-31 00:59 - 2016-07-31 00:59 - 00001519 _____ C:\Users\Public\Desktop\Unreal Tournament 3 Black Edition.lnk 2016-07-31 00:49 - 2016-08-14 12:18 - 00000000 ____D C:\Program Files (x86)\Epic Games 2016-07-30 23:34 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KaraFun Player 2 2016-07-30 23:34 - 2016-07-30 23:34 - 00001172 _____ C:\Users\hochs\Desktop\KaraFun Player 2.lnk 2016-07-30 23:34 - 2016-07-30 23:34 - 00000000 ____D C:\ProgramData\Recisio 2016-07-30 23:34 - 2016-07-30 23:34 - 00000000 ____D C:\Program Files (x86)\KaraFun Player 2 2016-07-30 11:57 - 2016-08-27 04:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-07-30 11:57 - 2016-08-26 16:05 - 00000000 ____D C:\Users\hochs\AppData\Local\Mozilla 2016-07-30 11:57 - 2016-08-26 15:57 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-07-30 11:57 - 2016-08-26 15:57 - 00001231 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-07-30 11:57 - 2016-08-26 15:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-07-30 03:20 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2016-07-30 03:20 - 2016-07-30 03:20 - 00001154 _____ C:\Users\Public\Desktop\VLC media player.lnk ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-08-28 11:30 - 2016-07-17 00:51 - 01719680 _____ C:\WINDOWS\system32\perfh007.dat 2016-08-28 11:30 - 2016-07-17 00:51 - 00429702 _____ C:\WINDOWS\system32\perfc007.dat 2016-08-28 11:30 - 2016-05-20 20:58 - 03711796 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-08-28 11:28 - 2016-07-16 08:04 - 00065536 _____ C:\WINDOWS\system32\config\ELAM 2016-08-28 11:28 - 2016-06-11 01:58 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-08-28 11:24 - 2016-05-20 21:29 - 00000000 ___RD C:\Users\hochs\iCloudDrive 2016-08-28 11:24 - 2016-05-20 21:05 - 00000000 ____D C:\Program Files\Bitdefender Agent 2016-08-28 11:23 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2016-08-28 11:19 - 2016-05-20 21:27 - 00070504 _____ C:\bdlog.txt 2016-08-28 10:36 - 2016-06-23 07:03 - 00000000 ____D C:\Users\hochs\Documents\Outlook-Dateien 2016-08-28 09:55 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF 2016-08-28 09:48 - 2016-05-20 21:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-08-28 09:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-08-28 09:25 - 2016-05-20 20:55 - 00000000 ____D C:\Program Files (x86)\Google 2016-08-28 04:07 - 2016-07-24 21:14 - 00000000 ____D C:\Users\hochs\AppData\Local\Glance 2016-08-28 03:09 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-08-28 01:20 - 2016-05-20 21:32 - 00000000 ____D C:\Users\hochs\AppData\Local\JDownloader 2.0 2016-08-27 17:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-08-27 08:08 - 2016-05-29 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo 2016-08-27 08:08 - 2016-05-29 19:27 - 00000000 ____D C:\Program Files (x86)\Ashampoo 2016-08-27 08:06 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-08-26 11:20 - 2016-05-22 18:12 - 00000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForhochs.job 2016-08-25 18:39 - 2016-05-20 21:00 - 00000000 ____D C:\ProgramData\Acronis 2016-08-25 18:26 - 2016-05-20 21:01 - 01267544 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys 2016-08-25 18:26 - 2016-05-20 21:01 - 00687968 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys 2016-08-25 18:26 - 2016-05-20 21:01 - 00375136 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys 2016-08-25 18:26 - 2016-05-20 21:01 - 00368480 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys 2016-08-25 18:26 - 2016-05-20 21:01 - 00331104 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys 2016-08-25 18:26 - 2016-05-20 21:01 - 00212320 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys 2016-08-25 18:26 - 2016-05-20 21:01 - 00181088 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys 2016-08-25 18:26 - 2016-05-20 21:01 - 00001297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk 2016-08-25 18:26 - 2016-05-20 21:01 - 00001285 _____ C:\Users\Public\Desktop\Acronis True Image.lnk 2016-08-25 18:22 - 2016-05-20 21:26 - 00000000 ____D C:\Users\hochs\AppData\Local\Apple 2016-08-23 18:31 - 2016-05-28 10:47 - 00000000 ____D C:\Users\hochs\AppData\Local\Apps\2.0 2016-08-22 19:57 - 2016-05-20 20:55 - 00000000 ____D C:\Users\hochs\AppData\Local\Google 2016-08-22 18:34 - 2016-05-20 21:07 - 01603264 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys 2016-08-22 18:34 - 2016-05-20 21:07 - 00850464 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys 2016-08-21 16:04 - 2016-05-20 21:27 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Apple Computer 2016-08-21 07:36 - 2016-05-20 20:53 - 00000000 ____D C:\Users\hochs\AppData\Local\Packages 2016-08-21 07:18 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps 2016-08-21 04:03 - 2016-05-31 18:39 - 00000000 ____D C:\ProgramData\Atheros 2016-08-21 04:03 - 2016-05-20 21:27 - 00000000 ____D C:\Users\hochs\AppData\Local\Apple Computer 2016-08-20 18:43 - 2016-05-27 07:02 - 00001390 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk 2016-08-20 18:43 - 2016-05-27 07:02 - 00001329 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2016-08-20 18:43 - 2016-05-27 07:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2016-08-20 18:43 - 2016-05-27 07:02 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2016-08-20 16:20 - 2016-05-20 20:55 - 00000000 ____D C:\Users\hochs\AppData\Local\MicrosoftEdge 2016-08-20 14:42 - 2016-07-10 08:42 - 00000000 ____D C:\ProgramData\Overwolf 2016-08-20 10:40 - 2016-07-15 20:16 - 00000000 ____D C:\Users\hochs\AppData\Local\PrivaZer 2016-08-20 10:40 - 2016-05-21 05:50 - 00000000 ____D C:\Users\hochs\AppData\LocalLow\Adobe 2016-08-20 10:38 - 2016-07-10 08:41 - 00000000 ____D C:\Users\hochs\AppData\Local\Overwolf 2016-08-20 10:37 - 2016-05-20 20:53 - 00000000 ____D C:\Users\hochs\AppData\Local\Comms 2016-08-20 07:49 - 2016-05-21 05:48 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2016-08-20 07:46 - 2016-05-21 05:47 - 00000000 ____D C:\ProgramData\Adobe 2016-08-20 07:46 - 2016-05-21 05:47 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-08-18 02:42 - 2016-07-10 08:42 - 00000000 ____D C:\Program Files (x86)\Overwolf 2016-08-17 00:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning 2016-08-17 00:17 - 2016-05-21 09:20 - 00000000 ____D C:\ProgramData\Package Cache 2016-08-17 00:16 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-08-15 20:17 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache 2016-08-15 04:20 - 2016-07-09 04:00 - 00002126 _____ C:\Users\hochs\Desktop\cnlabSpeedTest.lnk 2016-08-15 04:20 - 2016-07-09 04:00 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\cnlab AG 2016-08-15 04:20 - 2016-07-09 04:00 - 00000000 ____D C:\Users\hochs\AppData\Local\cnlabSpeedTest 2016-08-14 15:41 - 2016-07-16 07:48 - 00006664 _____ C:\WINDOWS\system32\Drivers\etc\hosts_PTBackup.bak 2016-08-13 23:41 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-08-13 23:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV 2016-08-13 23:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT 2016-08-13 23:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE 2016-08-13 23:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX 2016-08-13 23:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB 2016-08-13 23:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-08-13 23:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-08-13 23:41 - 2016-05-20 20:53 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-08-12 23:17 - 2016-05-21 10:19 - 00000000 ____D C:\Users\hochs\.VirtualBox 2016-08-12 23:00 - 2016-05-21 10:19 - 00000000 ____D C:\Users\hochs\VirtualBox VMs 2016-08-08 17:17 - 2016-07-05 19:50 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2016-08-08 17:17 - 2016-06-22 12:27 - 00000000 ____D C:\ProgramData\Lavasoft 2016-08-08 17:17 - 2016-06-22 12:27 - 00000000 ____D C:\Program Files (x86)\Lavasoft 2016-08-08 04:48 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat 2016-08-07 18:09 - 2016-05-20 21:09 - 00002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2016-08-07 15:23 - 2016-05-20 20:53 - 00000000 ____D C:\Users\hochs\AppData\Local\VirtualStore 2016-08-07 15:17 - 2016-07-16 13:49 - 00000000 ____D C:\WINDOWS\Setup 2016-08-07 15:17 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2016-08-07 15:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2016-08-07 15:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI 2016-08-07 15:14 - 2016-07-16 13:43 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\telnet.exe 2016-08-07 14:31 - 2016-05-20 20:55 - 00002398 _____ C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-08-07 14:31 - 2016-05-20 20:55 - 00000000 ___RD C:\Users\hochs\OneDrive 2016-08-07 14:29 - 2016-06-03 03:46 - 00000468 __RSH C:\ProgramData\ntuser.pol 2016-08-07 14:27 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT 2016-08-07 14:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2016-08-07 14:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration 2016-08-07 14:26 - 2016-05-20 21:41 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2016-08-07 14:24 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries 2016-08-07 14:23 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate 2016-08-07 14:22 - 2016-07-24 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2016-08-07 14:22 - 2016-07-24 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Stream Recorder 2016-08-07 14:22 - 2016-07-24 01:08 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt 2016-08-07 14:22 - 2016-07-21 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2016-08-07 14:22 - 2016-07-20 19:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CounterPath Bria 4 2016-08-07 14:22 - 2016-07-17 12:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EMDB 2016-08-07 14:22 - 2016-07-16 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Recorder 2016-08-07 14:22 - 2016-07-16 10:39 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gabriel Denys 2016-08-07 14:22 - 2016-07-16 10:36 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jan Sušnik 2016-08-07 14:22 - 2016-07-16 10:33 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Playlist Creator 3.6.2 2016-08-07 14:22 - 2016-07-16 07:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-08-07 14:22 - 2016-07-15 20:16 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer 2016-08-07 14:22 - 2016-07-05 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-08-07 14:22 - 2016-06-22 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DoNotSpy10 2016-08-07 14:22 - 2016-06-22 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock 2016-08-07 14:22 - 2016-06-22 08:46 - 00000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e 2016-08-07 14:22 - 2016-06-18 23:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avery Zweckform 2016-08-07 14:22 - 2016-06-12 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour-Druckdienste 2016-08-07 14:22 - 2016-06-11 03:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Network Inventory 3 2016-08-07 14:22 - 2016-06-11 03:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Network Monitor 2 2016-08-07 14:22 - 2016-06-11 01:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2016-08-07 14:22 - 2016-06-01 05:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyMDb 2016-08-07 14:22 - 2016-05-28 10:47 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logitech 2016-08-07 14:22 - 2016-05-27 13:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2016-08-07 14:22 - 2016-05-23 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016 2016-08-07 14:22 - 2016-05-23 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016-08-07 14:22 - 2016-05-21 09:19 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi 2016-08-07 14:22 - 2016-05-21 06:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2016-08-07 14:22 - 2016-05-21 06:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2016-08-07 14:22 - 2016-05-21 05:41 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-08-07 14:22 - 2016-05-21 05:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-08-07 14:22 - 2016-05-20 21:35 - 00000000 ____D C:\Users\Default.migrated 2016-08-07 14:22 - 2016-05-20 21:32 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2016-08-07 14:22 - 2016-05-20 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Swisscom 2016-08-07 14:22 - 2016-05-20 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools 2016-08-07 14:22 - 2016-05-20 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016 2016-08-07 14:20 - 2016-07-24 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft 2016-08-07 14:20 - 2016-07-17 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger 2016-08-07 14:20 - 2016-07-17 00:52 - 00000000 ____D C:\WINDOWS\OCR 2016-08-07 14:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-08-07 14:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool 2016-08-07 14:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-08-07 14:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-08-07 14:20 - 2016-06-22 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2016-08-07 14:20 - 2016-06-12 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital 2016-08-07 14:20 - 2016-05-27 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-08-07 14:20 - 2016-05-20 21:41 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2016-08-07 14:20 - 2016-05-20 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis 2016-08-07 14:19 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-08-07 14:19 - 2016-07-10 08:42 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2016-08-07 14:19 - 2016-07-01 16:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages 2016-08-07 14:18 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog 2016-08-07 14:18 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView 2016-08-07 14:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Help 2016-08-07 13:54 - 2016-05-20 21:02 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-08-07 12:28 - 2016-05-21 05:48 - 00000000 ____D C:\Users\hochs\AppData\Local\Adobe 2016-08-07 09:11 - 2016-05-20 21:30 - 00000000 ____D C:\Users\hochs\AppData\Local\F1E5964B-262A-4856-A13B-52D28ED9F3FF.aplzod 2016-08-07 08:47 - 2016-05-27 13:45 - 00000000 ____D C:\ProgramData\SAMSUNG 2016-08-06 10:21 - 2016-07-05 19:48 - 00000000 ____D C:\ProgramData\Oracle 2016-08-06 10:16 - 2016-07-12 20:23 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2016-08-06 10:16 - 2016-07-12 20:22 - 00000000 ____D C:\Program Files\Java 2016-08-06 10:16 - 2016-07-05 19:48 - 00000000 ____D C:\Users\hochs\.oracle_jre_usage 2016-08-06 10:16 - 2016-07-05 19:48 - 00000000 ____D C:\Program Files (x86)\Java 2016-08-06 10:15 - 2016-07-05 19:48 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-08-04 18:21 - 2016-05-20 21:26 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-07-31 22:23 - 2016-05-31 18:35 - 00000000 ____D C:\Users\hochs\Documents\Bluetooth Folder 2016-07-31 22:20 - 2016-05-27 19:48 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-07-31 22:20 - 2016-05-27 19:48 - 00000000 ____D C:\ProgramData\Skype ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-03-26 13:48 - 2015-03-26 13:48 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll 2016-08-14 15:56 - 2016-08-14 15:56 - 0000022 ___SH () C:\Users\hochs\AppData\Roaming\0BF913075E33065.xrd 2016-08-14 15:56 - 2016-08-14 15:56 - 0000022 ___SH () C:\Users\hochs\AppData\Roaming\App1755 Conf_DB.ind 2016-05-20 21:09 - 2016-05-20 21:09 - 0427224 _____ () C:\ProgramData\1463771146.bdinstall.bin 2016-06-14 18:42 - 2016-06-14 18:42 - 0026778 _____ () C:\ProgramData\1465922534.bdinstall.bin 2016-05-21 06:09 - 2016-05-21 06:09 - 0000057 _____ () C:\ProgramData\Ament.ini 2016-01-26 00:34 - 2016-01-26 00:34 - 0003439 _____ () C:\ProgramData\cfGH0330.ini 2016-01-26 00:34 - 2016-01-26 00:34 - 0002297 _____ () C:\ProgramData\cfSB1580.ini 2016-01-26 00:34 - 2016-01-26 00:34 - 0002244 _____ () C:\ProgramData\cfSB1590.ini 2016-01-26 00:34 - 2016-01-26 00:34 - 0002595 _____ () C:\ProgramData\cfSB1600.ini 2016-01-26 00:34 - 2016-01-26 00:34 - 0002595 _____ () C:\ProgramData\cfSB1610.ini 2016-01-26 00:34 - 2016-01-26 00:34 - 0002244 _____ () C:\ProgramData\cfSB1700.ini 2016-01-26 00:34 - 2016-01-26 00:34 - 0003582 _____ () C:\ProgramData\cfSB1710.ini 2016-08-07 14:18 - 2016-08-07 14:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2016-01-26 00:34 - 2016-01-26 00:34 - 0057587 _____ () C:\ProgramData\SBXH7.cfg Einige Dateien in TEMP: ==================== C:\Users\hochs\AppData\Local\Temp\libeay32.dll C:\Users\hochs\AppData\Local\Temp\msvcr120.dll C:\Users\hochs\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-08-19 05:59 ==================== Ende von FRST.txt ============================ |
|
28.08.2016, 11:04
| #2 |
| | Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder VirusCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-08-2016
durchgeführt von hochs (28-08-2016 10:49:14)
Gestartet von C:\Users\hochs\Downloads\Programs
Windows 10 Pro Version 1607 (X64) (2016-08-07 12:29:07)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2615813048-3284018108-3599952075-500 - Administrator - Disabled) => C:\Users\Administrator
BitBox (S-1-5-21-2615813048-3284018108-3599952075-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-2615813048-3284018108-3599952075-503 - Limited - Disabled)
Gast (S-1-5-21-2615813048-3284018108-3599952075-501 - Limited - Disabled)
hochs (S-1-5-21-2615813048-3284018108-3599952075-1001 - Administrator - Enabled) => C:\Users\hochs
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.2.2075 - Open Media LLC)
Acronis True Image (HKLM-x32\...\{1D97407D-1C0C-4749-8A57-A57C17C71D45}Visible) (Version: 20.0.5534 - Acronis)
Acronis True Image (x32 Version: 20.0.5534 - Acronis) Hidden
Ad Muncher v4.94.34121 (Free) (HKLM-x32\...\Ad Muncher) (Version: - )
adbLink version 2.04 (HKLM-x32\...\{284C09DA-1752-4856-BE41-52D34D3DBD11}_is1) (Version: 2.04 - jocala.com)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.17 - Adobe Systems)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{6E356EEF-203C-451B-9144-CBF099E3738A}) (Version: 4.54.55.1642 - Elcomsoft Co. Ltd.)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Internet Accelerator 3.20 (HKLM-x32\...\Ashampoo Internet Accelerator 3_is1) (Version: 3.2.0 - ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 14 (HKLM-x32\...\{4209F371-DEAB-BE89-2E8A-9643100258DD}_is1) (Version: 14.00.02 - Ashampoo GmbH & Co. KG)
Audials (HKLM-x32\...\{1FB97FD3-587A-41CC-BDE2-1651FDE7008F}) (Version: 14.1.4900.0 - Audials AG)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.26.1436 - Bitdefender)
Bitdefender Total Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.28.1478 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
Bria 4 (HKLM-x32\...\{446E2A79-E395-4FB2-98FE-B39A42153EF0}) (Version: 45.8.1133 - CounterPath Corporation)
Browser in the Box (HKLM-x32\...\BitBox) (Version: 4.3.2-r211 - Sirrix AG)
CamStudio (HKLM-x32\...\CamStudio) (Version: - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6139 - CDBurnerXP)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.8.9 - Chip Digital GmbH)
Clover 3.0 (HKLM-x32\...\Clover) (Version: 3.0 - EJIE Technology)
cnlabSpeedTest (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\{fxApplication}}_is1) (Version: 1.4.0 - cnlab AG)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\CopyTrans Suite) (Version: 4.010 - WindSolutions)
CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.1713.60 - CyberLink Corp.)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 3.01 - NCH Software)
Design & Print (HKLM-x32\...\Design & Print 3.0.2) (Version: 3.0.2 - Avery Zweckform)
DoNotSpy10 (HKLM-x32\...\{32D066BD-F94C-4948-8FA8-84653EE9617E}_is1) (Version: 1.1.0.0 - pXc-coding.com)
ELAN Touchpad 11.5.21.6_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.21.6 - ELAN Microelectronic Corp.)
EMDB 2.56 (HKLM-x32\...\EMDB_is1) (Version: - Wicked & Wild Inc.)
Epic Games Launcher (HKLM-x32\...\{C8E7C575-FCFA-46B2-8FC0-E8AC65501350}) (Version: 1.1.78.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.6.2.3 - Telerik)
FileBot (HKLM\...\{3C2F8747-8A77-4CF9-8751-83BEA632F148}) (Version: 4.7 - Reinhard Pointner)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: 5.1.17.4597 - FreeDownloadManager.ORG)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.26.721 - Digital Wave Ltd)
Freemake Video Converter Version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.14.265 - SurfRight B.V.)
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{9086D601-50B7-491D-A143-28193DADE36B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6700 Hilfe (HKLM-x32\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.37 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{724A887F-2B55-4306-B6F9-8F0E7A04B1B5}) (Version: 5.2.2.87 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
IPTV Playlist Editor (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\b5c1fe538a4271cb) (Version: 1.2.0.0 - Jan Sušnik)
iStripper Version 1.2.126 (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\iStripper_is1) (Version: 1.2.126 - Totem Entertainment)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
jv16 PowerTools X (HKLM-x32\...\jv16 PowerTools X) (Version: - Macecraft Software)
KaraFun Player 2 (HKLM-x32\...\KaraFun Player 2_is1) (Version: 2.2.10.1 - Recisio)
Kodi (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Kodi) (Version: - XBMC-Foundation)
Kodi M3U IPTV Editor (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\9dd71a3ef5f76512) (Version: 1.3.6.0 - Gabriel Denys)
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version: - LastPass)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.7167.2040 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.3.1 (HKLM-x32\...\{26AC9666-A2C6-4D33-8370-A50F50F277C4}_is1) (Version: 1.3.1 - Sam Rodberg)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)
My Swisscom Assistant (HKLM-x32\...\My Swisscom Assistant) (Version: 2.15.3.2514 - Swisscom (Schweiz) AG)
MyHarmony (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
MyMDb 3.6 (HKLM-x32\...\MyMDb_0) (Version: - )
MyMDb 3.6 (HKLM-x32\...\MyMDb_1) (Version: - )
Nero 2016 (HKLM-x32\...\{4297E807-5633-466A-8AC0-5AC48D310471}) (Version: 17.0.02000 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.0.20_Sirrix (HKLM\...\{D5D3DA57-5784-4703-845B-7AC08D13C4DE}) (Version: 5.0.20 - Sirrix AG)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.97.31.0 - Overwolf Ltd.)
Paltalk Messenger 11.7 (HKLM-x32\...\Paltalk Messenger) (Version: 11.7.646.17836 - AVM Software Inc.)
Password Safe and Repository 7 (HKLM\...\{7B6F4DF3-57DA-49AD-8A6B-5639E9D66E8B}) (Version: 7.5.1.2259 - MATESO GmbH)
PeaZip 6.1.0 (WIN64) (HKLM\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: 6.1.0 - Giorgio Tani)
PeaZip configuration (WIN64) (HKLM\...\{4F8D60A8-C53D-47BD-AE5C-31AE6566D638}_is1) (Version: - Giorgio Tani)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Playlist Creator 3.6.2 (HKLM-x32\...\Playlist Creator 3.6.2) (Version: 3.6.2.0 - oddgravity)
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 3.0.7.0 - Goversoft LLC)
Python 3.5.2 (32-bit) (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\{cf72a2ab-2f1d-49fd-a0d7-1065e6357e1e}) (Version: 3.5.2150.0 - Python Software Foundation)
Python 3.5.2 Core Interpreter (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Development Libraries (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Documentation (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Executables (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 pip Bootstrap (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Standard Library (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Tcl/Tk Support (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Test Suite (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Utility Scripts (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{963ECCDD-F09F-4C24-9367-8B5D748AA7C8}) (Version: 3.5.2121.0 - Python Software Foundation)
Qt (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\{81da7fc6-efa6-4d35-b234-db73874b715f}) (Version: 2.0.3 - The Qt Company Ltd)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros Communications)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
RouterControl 2.0 (HKLM-x32\...\RouterControl) (Version: - )
RT 7 Lite (64-Bit) (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\RT 7 Lite x64) (Version: 2.6.0 - Rockers Team)
RT 7 Lite x64 (Version: 2.6.0 - Rockers Team) Hidden
Samsung Link 2.0.0.1603091618 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1603091618 - Samsung Electronics Co.,Ltd)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.7 - Samsung Electronics)
Samsung Portable SSD T3 (HKLM-x32\...\Samsung Portable SSD T3_is1) (Version: 1.3 - Samsung Electronics)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
Smart View (HKLM-x32\...\{C7B50A89-F1D6-41C1-9375-0AF0C4CFE66F}) (Version: 1.0.0.0 - Samsung )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Star Downloader Free (HKLM-x32\...\Star Downloader Free) (Version: - )
Stashimi Stub Installer (x32 Version: 18.001.1 - Nero AG) Hidden
Streaming Video Recorder V5.1.5 (HKLM-x32\...\{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1) (Version: 5.1.5 - APOWERSOFT LIMITED)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.64630 - TeamViewer)
Total Network Inventory 3.2.6 (build 2170) (HKLM-x32\...\Total Network Inventory 3_is1) (Version: 3.2.6 (build 2170) - Softinventive Lab Inc.)
Total Network Monitor 2.2.0 build 5530 (HKLM-x32\...\Total Network Monitor 2_is1) (Version: 2.2.0.5530 - Softinventive Lab Inc.)
Total Recorder 8.6 Standard Edition (HKLM-x32\...\TotalRecorder) (Version: - )
TraXEx 7.0 (HKLM-x32\...\TraXEx_is1) (Version: 7.0.4.0 - Alexander Miehlke Softwareentwicklung)
Unreal Tournament 3 Black Edition (HKLM-x32\...\Unreal Tournament 3 Black Edition_is1) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WD My Cloud (HKLM\...\{8F19C800-80A5-4636-B560-39A58112D45B}) (Version: 1.0.4.37 - Western Digital Technologies, Inc.)
Web Stream Recorder (HKLM-x32\...\{8AAD9D0F-567C-4F8C-A0DA-1AB5B1243F68}_is1) (Version: 2015 - Bolide Software)
WhatsApp (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\WhatsApp) (Version: 0.2.1455 - WhatsApp)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17349 - Microsoft Corporation)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinSCP 5.9 (HKLM-x32\...\winscp3_is1) (Version: 5.9 - Martin Prikryl)
Wondershare TunesGo Retro ( Version 4.9.4 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 4.9.4 - Wondershare)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.23-0 - Bitnami)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.8.9.20150724 - Xilisoft)
Yahoo Messenger (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\yahoomessenger) (Version: 0.8.267 - Yahoo! Inc)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\hochs\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {014A23F3-4FD2-4CC1-89F5-50C64F67DDA1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {066A3A47-D27F-4DEF-9189-C6FB99B5B162} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [2016-08-23] ()
Task: {0B31C88B-C034-447A-B8E0-8BF61BE68D8C} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-06-16] (Realtek Semiconductor)
Task: {0FA1FC81-0D50-4851-AC9F-2C2EAE5040FA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {194DD19D-B90E-4126-96BD-7E1DDE29E035} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {2151EF65-8E8C-444A-8F75-D90BB06DE0B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-19] (Google Inc.)
Task: {314B3FC5-739D-47A9-8702-E033F3877F43} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-06-16] (Realtek Semiconductor)
Task: {38A9EE0B-8E9C-4A01-82DC-40B6330F693F} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-04-18] (Bitdefender)
Task: {3A2C9311-F1E6-4C8E-BC84-28963425BD13} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {4E1D73B5-F965-479D-97C5-33F034146192} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation)
Task: {52FFA039-7427-4D25-8CED-CBCD652C7577} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-08-14] (Overwolf LTD)
Task: {5AF9AC36-72BD-4969-B753-A860668E308B} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-06-16] (Realtek Semiconductor)
Task: {5BC4ABE8-3F33-480B-9295-269F26798125} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {5C273A34-718A-4DB0-91C6-112B4C8BE155} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe [2016-08-07] (Samsung Electronics)
Task: {62DA9560-171B-40EF-8500-CA0D2108E695} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: {69150610-66DB-492D-AA16-C7922304FAD7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-19] (Google Inc.)
Task: {691BB049-358D-418E-835D-54B7F92C2B96} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {6C75780B-C958-436F-9B36-56BD2DC44DDE} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {78322402-802C-4E32-93A7-8BD20C1A6AD6} - System32\Tasks\IPTV-Aufnahme Teleclub => C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe [2016-01-19] (Apowersoft)
Task: {95397DA6-0DEF-4CC5-B6FA-635F80193EA2} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2016-05-13] (Samsung Electronics.)
Task: {9C507C6A-0B3E-4E9D-87EF-435A16FD9D00} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {B6D11EBB-4770-4E55-B8A2-05125A2D3C70} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation)
Task: {BC66FB7B-8212-43F2-A7CF-B334BAABAF3A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-08-27] (Microsoft Corporation)
Task: {BD932F3F-F960-4A3B-9146-CBF0CEA98DCF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {C21528CB-8193-47C7-A21F-64C9F317D0C2} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe
Task: {C71A9BB8-F2FC-460A-92F8-10CB9CF6954D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {CA58EC51-4051-4FD1-9F64-02DB8C292240} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-06-15] (HP Inc.)
Task: {CB5F307D-E26B-43DC-B54B-8BC1B055C2BC} - System32\Tasks\HPCeeScheduleForhochs => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {E627355A-F73B-4AF5-B3E1-3426007C6138} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {EDD95F92-D0AB-4058-8B1E-94FA1A272854} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-08-27] (Microsoft Corporation)
Task: {F2C68BBE-C583-44A9-8DDF-2EC7450F738A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForhochs.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\hochs\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.html
ShortcutWithArgument: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt\5.7\MinGW 5.3.0 (32-bit)\Qt 5.7 for Desktop (MinGW 5.3.0 32 bit).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /A /Q /K C:\Qt\5.7\mingw53_32\bin\qtenv2.bat
ShortcutWithArgument: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt\5.6\MinGW 4.9.2 (32-bit)\Qt 5.6 for Desktop (MinGW 4.9.2 32 bit).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /A /Q /K C:\Qt\5.6\mingw49_32\bin\qtenv2.bat
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-20 21:07 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2016-05-20 21:07 - 2016-05-09 11:29 - 01006336 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpbr.mdl
2016-05-20 21:07 - 2016-05-09 11:29 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpdsp.mdl
2016-05-20 21:07 - 2016-05-09 11:29 - 03035488 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpph.mdl
2016-05-20 21:07 - 2016-05-09 11:29 - 01541440 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttprbl.mdl
2016-08-28 01:15 - 2016-08-23 20:27 - 00848896 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe
2016-08-28 01:15 - 2016-08-23 20:24 - 00029696 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\WinDivert.dll
2016-08-07 14:18 - 2016-06-03 05:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-25 18:26 - 2016-08-25 18:26 - 06086744 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2016-08-21 14:38 - 2016-08-21 14:38 - 01277688 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2016-05-27 13:45 - 2016-03-09 17:18 - 00025088 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2016-05-27 13:45 - 2016-03-09 17:18 - 02513920 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2016-05-27 13:45 - 2016-03-09 17:18 - 02436096 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-12-21 11:25 - 2013-12-21 11:25 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 11:26 - 2013-12-21 11:26 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 00030720 _____ () C:\WINDOWS\SYSTEM32\MediaDB64.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 00908800 _____ () C:\WINDOWS\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00049152 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00016896 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00058880 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00299520 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2016-05-27 13:45 - 2016-03-09 17:18 - 00049664 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2016-08-20 08:45 - 2016-08-20 08:45 - 00669696 _____ () C:\Windows\Temp\sqlite-3.7.151-amd64-sqlitejdbc.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-07 14:31 - 2016-08-07 14:31 - 00959168 _____ () C:\Users\hochs\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-08-10 05:51 - 2016-08-02 10:15 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2013-09-25 03:04 - 2013-09-25 03:04 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-25 03:01 - 2013-09-25 03:01 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-25 03:08 - 2013-09-25 03:08 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2016-08-28 01:15 - 2016-06-28 19:14 - 02160128 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avformat-57.dll
2016-08-28 01:15 - 2016-06-28 19:14 - 00484352 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avutil-55.dll
2016-08-28 01:15 - 2016-06-28 19:14 - 12621312 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avcodec-57.dll
2016-08-28 01:15 - 2016-06-28 19:14 - 02111488 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avfilter-6.dll
2016-08-28 01:15 - 2016-06-28 19:14 - 00663040 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swscale-4.dll
2016-08-28 01:15 - 2016-06-28 19:14 - 00139264 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swresample-2.dll
2016-08-28 01:15 - 2016-06-28 19:14 - 00071168 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\postproc-54.dll
2016-08-28 01:15 - 2016-08-23 20:24 - 00099328 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winunivappfeatures.dll
2016-08-28 01:15 - 2016-06-28 18:32 - 65771520 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libcef.dll
2016-08-28 01:15 - 2016-06-28 18:32 - 02129920 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libglesv2.dll
2016-08-28 01:15 - 2016-06-28 18:32 - 00087040 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libegl.dll
2016-08-21 15:11 - 2016-08-21 15:11 - 04657312 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2016-08-21 14:28 - 2016-08-21 14:28 - 00586352 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2016-06-09 10:27 - 2016-06-09 10:27 - 04535192 _____ () C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe
2016-08-14 14:22 - 2016-08-10 14:19 - 00075776 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2016-08-21 14:37 - 2016-08-21 14:37 - 01516920 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
2016-08-11 14:29 - 2016-08-11 14:29 - 09729272 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2016-08-27 08:08 - 2016-07-01 09:02 - 00257872 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe
2016-05-20 21:07 - 2016-07-01 16:30 - 00521112 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\intermsec.dll
2016-05-20 21:07 - 2016-04-05 16:31 - 00159232 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\ui\ltr\intermsec.ui
2016-05-20 21:07 - 2016-05-12 17:48 - 00032256 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\lang\de-DE\intermsec.txtui
2016-05-20 21:07 - 2016-05-12 17:48 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\lang\de-DE\bdaphconp.txtui
2016-05-20 21:07 - 2016-07-01 16:30 - 00061392 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bddpsp.dll
2016-08-10 05:51 - 2016-08-02 10:01 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-10 05:51 - 2016-08-02 09:53 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-10 05:51 - 2016-08-02 09:53 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-08-10 05:51 - 2016-08-02 09:54 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-10 05:51 - 2016-08-02 09:56 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-27 07:02 - 2016-07-22 08:26 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-05-27 07:02 - 2016-07-22 08:24 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-05-27 07:02 - 2016-07-22 08:24 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-05-27 07:02 - 2016-07-22 08:24 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-08-21 15:11 - 2016-08-21 15:11 - 03847320 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\atih_mms_addon.dll
2016-08-03 15:47 - 2016-08-03 15:47 - 00685488 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sqlite3.dll
2016-08-21 15:05 - 2016-08-21 15:05 - 20655296 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2016-08-21 14:27 - 2016-08-21 14:27 - 00391088 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2016-07-23 17:15 - 2016-07-23 17:15 - 00129968 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2016-08-11 14:14 - 2016-08-11 14:14 - 00248752 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll
2016-06-14 17:24 - 2016-06-14 17:24 - 00444336 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2016-06-22 09:16 - 2016-06-22 09:16 - 00115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\expat.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-10-22 09:48 - 2013-10-22 09:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 16:38 - 2013-04-19 16:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-10-25 19:49 - 2013-10-25 19:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01041208 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-08-07 08:47 - 2016-05-13 01:35 - 00021600 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 00244536 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-08-18 18:24 - 2016-08-18 18:24 - 01942016 _____ () C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\ffmpeg.dll
2016-08-18 18:24 - 2016-08-18 18:24 - 02196480 _____ () C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\libglesv2.dll
2016-08-18 18:24 - 2016-08-18 18:24 - 00080384 _____ () C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\libegl.dll
2016-08-21 14:27 - 2016-08-21 14:27 - 06068656 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_resources.dll
2016-08-21 14:27 - 2016-08-21 14:27 - 00049072 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2016-07-11 12:34 - 2016-07-11 12:34 - 20925320 _____ () C:\Program Files (x86)\CounterPath\Bria 4\CPCLR.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00047616 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_signals-vc110-mt-1_58.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00016896 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_system-vc110-mt-1_58.dll
2016-07-11 12:13 - 2016-07-11 12:13 - 11112904 _____ () C:\Program Files (x86)\CounterPath\Bria 4\CPCAPI2_SharedLibrary.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00084480 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_thread-vc110-mt-1_58.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00633856 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_regex-vc110-mt-1_58.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00104960 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_filesystem-vc110-mt-1_58.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00041984 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_date_time-vc110-mt-1_58.dll
2016-07-11 12:13 - 2016-07-11 12:13 - 00199168 _____ () C:\Program Files (x86)\CounterPath\Bria 4\G729AsDLL.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00025600 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_chrono-vc110-mt-1_58.dll
2016-03-11 10:54 - 2016-03-11 10:54 - 01006080 _____ () C:\Program Files (x86)\CounterPath\Bria 4\CefSharp.Core.dll
2016-03-11 10:54 - 2016-03-11 10:54 - 53437440 _____ () C:\Program Files (x86)\CounterPath\Bria 4\libcef.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00049424 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_thread-vc90-mt-1_39.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00048400 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_date_time-vc90-mt-1_39.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00068504 _____ () C:\Program Files (x86)\Audials\Audials 2016\CrashRpt.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00618256 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_regex-vc90-mt-1_39.dll
2016-06-09 10:28 - 2016-06-09 10:28 - 00544152 _____ () C:\Program Files (x86)\Audials\Audials 2016\StreamingClient.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00016144 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_system-vc90-mt-1_39.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00340992 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Utils\253112fb994d35639dccd8cfd4d8ea44\Utils.ni.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00549888 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ManagedInterfaces\c2038fe4c76d7c29e7c8c678ce57ce9b\ManagedInterfaces.ni.dll
2016-08-14 01:26 - 2016-08-14 01:26 - 04721664 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\AudialsComponents\0cbf997999fb8e51109670cf37d0e1f5\AudialsComponents.ni.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00774144 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\RSControls\310fef0d63d899fee88ad0282663d230\RSControls.ni.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00177664 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\fastJSON\63dae86ea47483367bae63c22fd55c56\fastJSON.ni.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00062464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CrashHandlerNET\a68af5e6e5d69b9e255d6b41d82c7688\CrashHandlerNET.ni.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00040856 _____ () C:\Program Files (x86)\Audials\Audials 2016\CrashHandlerNET.dll
2016-03-11 10:54 - 2016-03-11 10:54 - 00683520 _____ () C:\Program Files (x86)\CounterPath\Bria 4\CefSharp.BrowserSubprocess.Core.dll
2016-03-11 10:54 - 2016-03-11 10:54 - 01976832 _____ () C:\Program Files (x86)\CounterPath\Bria 4\libglesv2.dll
2016-03-11 10:54 - 2016-03-11 10:54 - 00075264 _____ () C:\Program Files (x86)\CounterPath\Bria 4\libegl.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\Acrotray.deu
2016-08-14 15:18 - 2015-04-28 15:22 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-08-14 15:18 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-06-22 11:27 - 2016-06-22 11:27 - 00217008 _____ () C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\pcs_io.dll
2016-07-02 21:30 - 2016-07-02 21:30 - 00376240 _____ () C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\archive3.dll
2016-03-09 10:28 - 2016-03-09 10:28 - 00042416 _____ () C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\winpthreads4.dll
2016-08-28 09:39 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-08-28 09:39 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-08-28 09:39 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-08-28 09:39 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-08-28 09:39 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2010-12-23 12:06 - 2010-12-23 12:06 - 00028672 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\cx_Logging.pyd
2012-10-27 16:21 - 2012-10-27 16:21 - 00098816 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32api.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00110080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pywintypes27.dll
2012-10-27 16:20 - 2012-10-27 16:20 - 00018432 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32event.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00119808 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32file.pyd
2012-10-27 16:21 - 2012-10-27 16:21 - 00167936 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32gui.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00024064 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32pipe.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00035840 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32process.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00017408 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32profile.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00108544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32security.pyd
2012-10-27 16:21 - 2012-10-27 16:21 - 00022528 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32ts.pyd
2012-10-27 16:22 - 2012-10-27 16:22 - 00364544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pythoncom27.dll
2012-10-27 16:23 - 2012-10-27 16:23 - 00320512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32com.shell.shell.pyd
2014-06-30 17:04 - 2014-06-30 17:04 - 00087552 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ctypes.pyd
2014-06-30 17:04 - 2014-06-30 17:04 - 00715264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_hashlib.pyd
2014-06-30 17:03 - 2014-06-30 17:03 - 00046080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_socket.pyd
2014-06-30 17:04 - 2014-06-30 17:04 - 01160704 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ssl.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00025600 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32cred.pyd
2014-04-14 16:06 - 2014-04-14 16:06 - 00055510 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pacparser._pacparser.pyd
2014-04-14 16:06 - 2014-04-14 16:06 - 00976827 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pacparser.dll
2012-10-27 16:20 - 2012-10-27 16:20 - 00011264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32crypt.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00064512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32net.pyd
2014-02-15 16:29 - 2014-02-15 16:29 - 01853440 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\PySide.QtCore.pyd
2014-02-15 16:25 - 2014-02-15 16:25 - 00110592 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pyside-python2.7.dll
2014-02-15 16:24 - 2014-02-15 16:24 - 00108544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\shiboken-python2.7.dll
2014-02-15 16:47 - 2014-02-15 16:47 - 06947328 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\PySide.QtGui.pyd
2016-08-06 18:49 - 2015-03-27 18:24 - 38713856 _____ () C:\Program Files (x86)\Paltalk Messenger\libcef.dll
2016-08-06 18:49 - 2016-06-02 00:06 - 02226688 _____ () C:\Program Files (x86)\Paltalk Messenger\Images.dll
2016-08-26 16:02 - 2016-08-26 16:02 - 01114136 _____ () C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe:BDU [0]
AlternateDataStreams: C:\ProgramData\TEMP:D31D1159 [148]
AlternateDataStreams: C:\Users\hochs\Downloads\4kvideodownloader_4.1.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\ashampoo_winoptimizer_14_e14.00.02_sm.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\da9e.tmp:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\IDM_Pre (1).exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\IDM_Pre.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\Nicht bestätigt 426776.crdownload:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\Nicht bestätigt 72968.crdownload:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\Nicht bestätigt 790328.crdownload:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\sdfree.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\SlimDrivers-setup.exe:BDU [0]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7914 mehr Seiten.
IE trusted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123simsen.com -> www.123simsen.com
Da befinden sich 7914 mehr Seiten.
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\123simsen.com -> www.123simsen.com
Da befinden sich 7914 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-16 07:48 - 2016-08-28 09:46 - 00894386 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 local
Da befinden sich 29468 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2615813048-3284018108-3599952075-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{B4E61C76-7673-488F-A116-49FCE5D5562C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{1ACFA3B3-DFF8-4530-8B59-132842D75DD0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C5918D25-ACC2-4745-BE52-06B22FAF943E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F5A95913-3636-4E67-89AB-D9161B718754}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E60F03FC-5F55-4EEA-A53B-C707E1158D5F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
26-08-2016 15:38:19 Geplanter Prüfpunkt
28-08-2016 09:55:31 Installed Oracle VM VirtualBox 5.0.20_Sirrix
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Killer Wireless-N 1202 Network Adapter
Description: Killer Wireless-N 1202 Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/28/2016 10:40:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (08/28/2016 10:40:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (08/28/2016 10:40:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (08/28/2016 10:39:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (08/28/2016 10:38:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (08/28/2016 10:38:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (08/28/2016 10:37:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (08/28/2016 10:37:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (08/28/2016 10:37:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (08/28/2016 10:36:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Systemfehler:
=============
Error: (08/28/2016 09:33:06 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (08/28/2016 09:33:06 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (08/28/2016 09:33:05 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (08/28/2016 09:32:58 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (08/28/2016 09:32:58 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (08/28/2016 09:32:38 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst VSSERV erreicht.
Error: (08/28/2016 09:32:05 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GBIJB17)
Description: {CEFF45EE-C862-41DE-AEE2-A022C81EDA92}
Error: (08/28/2016 09:30:43 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (08/28/2016 09:30:43 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (08/28/2016 09:30:37 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 32717.54 MB
Verfügbarer physikalischer RAM: 26538.31 MB
Summe virtueller Speicher: 32917.54 MB
Verfügbarer virtueller Speicher: 25158.32 MB
==================== Laufwerke ================================
Drive c: (Windows 10 ) (Fixed) (Total:380.77 GB) (Free:73.91 GB) NTFS
Drive d: () (Fixed) (Total:931.39 GB) (Free:103.29 GB) NTFS
Drive w: (web) (Network) (Total:1829.25 GB) (Free:651.89 GB) NTFS
Drive x: (TV Recording) (Network) (Total:1829.25 GB) (Free:651.89 GB) NTFS
Drive y: (Videos) (Network) (Total:3663.13 GB) (Free:3160.3 GB) NTFS
Drive z: (video) (Network) (Total:1829.25 GB) (Free:651.89 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: 5B98F280)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
30.08.2016, 08:09
| #3 |
| /// Malwareteam  | Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus Mein Name ist Dennis und ich werde dir bei der Bereinigung helfen. Bitte beachte, dass es ein paar Regeln gibt:
Sollte ich nicht innerhalb von 48h antworten, schreibe mir eine PM! Posten in CODE-Tags  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Los gehts! Das erste FRST-Log ist nicht vollständig. Spybot Search and Destroy würde ich jetzt nicht unbedingt empfehlen. Schritt # 1: TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Schritt # 2: Bitte Posten
__________________ |
|
03.09.2016, 08:37
| #4 |
| | Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus Lieber Dennis Hier das Logfile von TSKILLER 1. Teil Code:
ATTFilter 09:22:54.0268 0x6b784 TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
09:22:54.0268 0x6b784 UEFI system
09:22:57.0309 0x6b784 ============================================================
09:22:57.0309 0x6b784 Current date / time: 2016/09/03 09:22:57.0309
09:22:57.0310 0x6b784 SystemInfo:
09:22:57.0310 0x6b784
09:22:57.0310 0x6b784 OS Version: 10.0.14393 ServicePack: 0.0
09:22:57.0310 0x6b784 Product type: Workstation
09:22:57.0310 0x6b784 ComputerName: DESKTOP-GBIJB17
09:22:57.0310 0x6b784 UserName: admin
09:22:57.0311 0x6b784 Windows directory: C:\WINDOWS
09:22:57.0311 0x6b784 System windows directory: C:\WINDOWS
09:22:57.0311 0x6b784 Running under WOW64
09:22:57.0311 0x6b784 Processor architecture: Intel x64
09:22:57.0311 0x6b784 Number of processors: 8
09:22:57.0311 0x6b784 Page size: 0x1000
09:22:57.0311 0x6b784 Boot type: Normal boot
09:22:57.0311 0x6b784 CodeIntegrityOptions = 0x00000001
09:22:57.0311 0x6b784 ============================================================
09:22:57.0409 0x6b784 KLMD registered as C:\WINDOWS\system32\drivers\01324397.sys
09:22:57.0409 0x6b784 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.82, osProperties = 0x19
09:22:57.0555 0x6b784 System UUID: {002C4BDC-1A3F-BA68-F7C2-FC488927941E}
09:22:58.0029 0x6b784 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:22:58.0029 0x6b784 Drive \Device\Harddisk1\DR1 - Size: 0x773C256000 ( 476.94 Gb ), SectorSize: 0x200, Cylinders: 0xF334, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:22:58.0065 0x6b784 ============================================================
09:22:58.0066 0x6b784 \Device\Harddisk0\DR0:
09:22:58.0066 0x6b784 GPT partitions:
09:22:58.0066 0x6b784 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {0F8ADA34-56F9-4300-BCCB-BE087D1D0DFD}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
09:22:58.0066 0x6b784 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C1A65E69-8C24-4562-8C4B-6AE577730CB0}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746C6000
09:22:58.0066 0x6b784 MBR partitions:
09:22:58.0066 0x6b784 \Device\Harddisk1\DR1:
09:22:58.0066 0x6b784 GPT partitions:
09:22:58.0067 0x6b784 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {22A35F56-058F-4F85-B0DA-971E23248B92}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
09:22:58.0067 0x6b784 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {286A3D8A-EB66-4C20-B03D-4FD9622524A8}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x32000
09:22:58.0067 0x6b784 \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E233DDD9-35E4-4C1B-B2C4-911C1F1BC446}, Name: Microsoft reserved partition, StartLBA 0xC8800, BlocksNum 0x40000
09:22:58.0067 0x6b784 \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2196C8DD-49A6-40B0-8B17-2B54BC5B3E1E}, Name: , StartLBA 0x108800, BlocksNum 0x2F98AFFD
09:22:58.0067 0x6b784 \Device\Harddisk1\DR1\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {715E91B4-AC5E-4C79-B199-17AC748DE4A5}, Name: , StartLBA 0x2FA93800, BlocksNum 0xE1000
09:22:58.0067 0x6b784 \Device\Harddisk1\DR1\Partition6: GPT, TypeGUID: {0FC63DAF-8483-4772-8E79-3D69D8477DE4}, UniqueGUID: {7588D454-8CF2-459A-9CD4-1E8A4D718B48}, Name: , StartLBA 0x2FB74800, BlocksNum 0x7E86000
09:22:58.0067 0x6b784 \Device\Harddisk1\DR1\Partition7: GPT, TypeGUID: {0657FD6D-A4AB-43C4-84E5-0933C84B4F4F}, UniqueGUID: {D978BBAB-B2AB-4C9F-BA9F-142148D03BCA}, Name: , StartLBA 0x379FA800, BlocksNum 0x3FE6800
09:22:58.0067 0x6b784 MBR partitions:
09:22:58.0067 0x6b784 ============================================================
09:22:58.0068 0x6b784 C: <-> \Device\Harddisk1\DR1\Partition4
09:22:58.0071 0x6b784 D: <-> \Device\Harddisk0\DR0\Partition2
09:22:58.0071 0x6b784 ============================================================
09:22:58.0071 0x6b784 Initialize success
09:22:58.0071 0x6b784 ============================================================
09:23:22.0934 0x6b560 ============================================================
09:23:22.0934 0x6b560 Scan started
09:23:22.0935 0x6b560 Mode: Manual; SigCheck; TDLFS;
09:23:22.0935 0x6b560 ============================================================
09:23:22.0935 0x6b560 KSN ping started
09:23:22.0974 0x6b560 KSN ping finished: true
09:23:26.0345 0x6b560 ================ Scan system memory ========================
09:23:26.0346 0x6b560 System memory - ok
09:23:26.0346 0x6b560 ================ Scan services =============================
09:23:26.0376 0x6b560 [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
09:23:26.0415 0x6b560 1394ohci - ok
09:23:26.0423 0x6b560 [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
09:23:26.0435 0x6b560 3ware - ok
09:23:26.0449 0x6b560 [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
09:23:26.0476 0x6b560 ACPI - ok
09:23:26.0480 0x6b560 [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
09:23:26.0494 0x6b560 AcpiDev - ok
09:23:26.0500 0x6b560 [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
09:23:26.0513 0x6b560 acpiex - ok
09:23:26.0517 0x6b560 [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
09:23:26.0529 0x6b560 acpipagr - ok
09:23:26.0533 0x6b560 [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
09:23:26.0547 0x6b560 AcpiPmi - ok
09:23:26.0551 0x6b560 [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
09:23:26.0564 0x6b560 acpitime - ok
09:23:26.0592 0x6b560 [ 3B4FDD0E324492636F5E093A32718E8F, 971F5B42BDCA6BCFA3D36761F65C62625BDAF109812D819702AB8ACE811A99E5 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
09:23:26.0624 0x6b560 AcrSch2Svc - ok
09:23:26.0631 0x6b560 [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:23:26.0639 0x6b560 AdobeARMservice - ok
09:23:26.0656 0x6b560 [ 32B31B696CB8E8F380831DFEB80A67E4, 8C8F6E16F2FB3E8F10569261B7712BBC931A2924B6C27D561E7F828041C4F3E6 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:23:26.0669 0x6b560 AdobeFlashPlayerUpdateSvc - ok
09:23:26.0694 0x6b560 [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
09:23:26.0728 0x6b560 ADP80XX - ok
09:23:26.0845 0x6b560 [ 276E1A64159AB954C8C0DE9E73028AF7, F305E2BF794AAAAB27607D052255646747BBF45AF89723816F440B5D72968E37 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
09:23:26.0971 0x6b560 afcdpsrv - ok
09:23:26.0990 0x6b560 [ 983266DA83FFF73DBDDD3730A4712228, 433A2731DAC687C52FB7E23093B8E11D92CCCF4C35B493D73AC30C6A4A6D2A6C ] AFD C:\WINDOWS\system32\drivers\afd.sys
09:23:27.0012 0x6b560 AFD - ok
09:23:27.0056 0x6b560 [ E20C1118524DF19945BCD83A3843E8CF, 90C87096E9E2595DAA503CFD9C24D7D8F9CB2D567ACAB06FBF5527C8A6059409 ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
09:23:27.0102 0x6b560 AGSService - ok
09:23:27.0112 0x6b560 [ E44DB3F7225EC3E119560738B3619972, 32946FBC2BD74072F22E48D769A034183F6C3728FCCC3CF0DD561602511E39B2 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
09:23:27.0130 0x6b560 ahcache - ok
09:23:27.0134 0x6b560 [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter C:\WINDOWS\System32\AJRouter.dll
09:23:27.0144 0x6b560 AJRouter - ok
09:23:27.0149 0x6b560 [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG C:\WINDOWS\System32\alg.exe
09:23:27.0164 0x6b560 ALG - ok
09:23:27.0174 0x6b560 [ 5EE5E5DF9E92B3A5581B9DE7DCC05972, 6AD4D98F00C2B454807450EDB9ED3545BA91B608A853A59BDE7282808CBFF6B0 ] AllShare Framework DMS C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
09:23:27.0192 0x6b560 AllShare Framework DMS - detected UnsignedFile.Multi.Generic ( 1 )
09:23:27.0225 0x6b560 Detect skipped due to KSN trusted
09:23:27.0225 0x6b560 AllShare Framework DMS - ok
09:23:27.0230 0x6b560 [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
09:23:27.0244 0x6b560 AmdK8 - ok
09:23:27.0249 0x6b560 [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
09:23:27.0263 0x6b560 AmdPPM - ok
09:23:27.0268 0x6b560 [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
09:23:27.0278 0x6b560 amdsata - ok
09:23:27.0286 0x6b560 [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
09:23:27.0304 0x6b560 amdsbs - ok
09:23:27.0308 0x6b560 [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
09:23:27.0317 0x6b560 amdxata - ok
09:23:27.0339 0x6b560 [ 6AFF881E38E4C984131358A0F215401F, C26E5715E62BAED5FEA4EB0110975A3C9A235D93F0F3408D418BBCCFCFA36BCB ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
09:23:27.0373 0x6b560 AntiVirMailService - ok
09:23:27.0386 0x6b560 [ AC0A0FDFB1C1FC25B9455C1C710A28DA, 2B007C8DD3F490EC6B3FFC2453C0C88344C2E08626992C84FCC6F1065404B8E5 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
09:23:27.0402 0x6b560 AntiVirSchedulerService - ok
09:23:27.0413 0x6b560 [ AC0A0FDFB1C1FC25B9455C1C710A28DA, 2B007C8DD3F490EC6B3FFC2453C0C88344C2E08626992C84FCC6F1065404B8E5 ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
09:23:27.0426 0x6b560 AntiVirService - ok
09:23:27.0454 0x6b560 [ DFAA497B31EB75657F90017D67588DB5, 022E02E5A663B622E07CA17498CEDCA568CE2F593569D6CD88831D5C2111F0EB ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
09:23:27.0489 0x6b560 AntiVirWebService - ok
09:23:27.0493 0x6b560 [ 4542CC17440E85D2D2D73A7D40FAED0A, F157F9A137DEACFC5A1A982265F5CE05A79C0CF8F13291773E2351BEFCB94E08 ] Apowersoft_AudioDevice C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys
09:23:27.0501 0x6b560 Apowersoft_AudioDevice - ok
09:23:27.0506 0x6b560 [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID C:\WINDOWS\system32\drivers\appid.sys
09:23:27.0520 0x6b560 AppID - ok
09:23:27.0526 0x6b560 [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
09:23:27.0543 0x6b560 AppIDSvc - ok
09:23:27.0548 0x6b560 [ 008E4CCA7A4B33042276061E0A5B8244, DAD980540B564EFA06760435AF1B3213056E6DE8B2A55DF98E7D871625D4B080 ] Appinfo C:\WINDOWS\System32\appinfo.dll
09:23:27.0564 0x6b560 Appinfo - ok
09:23:27.0570 0x6b560 [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:23:27.0577 0x6b560 Apple Mobile Device Service - ok
09:23:27.0580 0x6b560 [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
09:23:27.0595 0x6b560 applockerfltr - ok
09:23:27.0602 0x6b560 [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
09:23:27.0618 0x6b560 AppMgmt - ok
09:23:27.0630 0x6b560 [ 41BF82B41BD24BAC9D9890DAC3212007, 0644BEE740244188B3D39F875D313B560D288B7FC33064E352C2A5F09073E361 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
09:23:27.0663 0x6b560 AppReadiness - ok
09:23:27.0682 0x6b560 [ 1C37C4C7172DFF2B1824F063C4527E71, 9F3C3906CB71A8AD5C63F12A9CC2495BE062366E136D389FCBCF5F40AFA7DEAB ] AppVClient C:\WINDOWS\system32\AppVClient.exe
09:23:27.0708 0x6b560 AppVClient - ok
09:23:27.0713 0x6b560 [ FC51FBAF73621601693DA24262353DE3, 147A5F185724E76C7E4EC6FA829A0311773B6A77B8F0A7953C1E6073AD5F4F94 ] AppvStrm C:\WINDOWS\system32\drivers\AppvStrm.sys
09:23:27.0726 0x6b560 AppvStrm - ok
09:23:27.0732 0x6b560 [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr C:\WINDOWS\system32\drivers\AppvVemgr.sys
09:23:27.0743 0x6b560 AppvVemgr - ok
09:23:27.0749 0x6b560 [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs C:\WINDOWS\system32\drivers\AppvVfs.sys
09:23:27.0761 0x6b560 AppvVfs - ok
09:23:27.0804 0x6b560 [ 757646A22C2E9BC21E6A50842FE79139, 6AEBD3486F79C55154D677204D0CCB8179DAFC90941A743D277B44C1EED9DB12 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
09:23:27.0892 0x6b560 AppXSvc - ok
09:23:27.0900 0x6b560 [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
09:23:27.0910 0x6b560 arcsas - ok
09:23:27.0914 0x6b560 [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
09:23:27.0926 0x6b560 AsyncMac - ok
09:23:27.0929 0x6b560 [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
09:23:27.0941 0x6b560 atapi - ok
09:23:27.0947 0x6b560 [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort C:\WINDOWS\system32\DRIVERS\btath_flt.sys
09:23:27.0954 0x6b560 AthBTPort - ok
09:23:27.0962 0x6b560 [ 18BDDA150B814F6EC8477499470F76CE, FD78EFC593288FE4F41ADBEBFF0DAB00C0DF0D3802BBD7B41DCCBFF8C5BF5525 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
09:23:27.0980 0x6b560 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:23:28.0013 0x6b560 Detect skipped due to KSN trusted
09:23:28.0013 0x6b560 AtherosSvc - ok
09:23:28.0087 0x6b560 [ 9E6592755C8A8C2C716FBC36D49D7D43, 51A86935971D2E62E8902769B503201C4FA69E08C822B66DBDDD3A42585BABE2 ] athr C:\WINDOWS\System32\drivers\athw10x.sys
09:23:28.0178 0x6b560 athr - ok
09:23:28.0191 0x6b560 [ 5D637DF654D6386487876ADF5AF301B3, 7B53356237369D892F5BBEA9C967B20DCA40FA2B6B3C5AF7A4304FFD00DF1BFC ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
09:23:28.0212 0x6b560 AudioEndpointBuilder - ok
09:23:28.0229 0x6b560 [ 57CEE51D9D84870F93D404302705A054, 14364B9798E9FE3F8A42109D749804795FA507C1A7D535DC17876ECCD47644E9 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
09:23:28.0272 0x6b560 Audiosrv - ok
09:23:28.0279 0x6b560 [ AA0F13E719C3C527287AD87E9205F4D9, 818AB6B2B9AF0ABA28954A142527CE71C25CC24DDC64581EF7117CA88C6CF302 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
09:23:28.0287 0x6b560 avgntflt - ok
09:23:28.0294 0x6b560 [ 9039B209BA877AF088288DB83C18D3D8, 11EC0E195A735A7599C74DD25A00F86BD44AEBAE6C20D9A995DCEB252887679E ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
09:23:28.0304 0x6b560 avipbb - ok
09:23:28.0312 0x6b560 [ A177265C1777ABE56B22D921F91DDC38, D4E9C5BFC65063EDA015723058805B03C51F5B7456B404A4548CEC8DF6A3F7B7 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
09:23:28.0323 0x6b560 Avira.ServiceHost - ok
09:23:28.0331 0x6b560 [ 6F08E7D6AA35DD33EC1026A809D55166, 51D2C63319522CA96D61F9722DF4E4852176F39230A3A2DE96CECE5EE99D6629 ] AviraPhantomVPN C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
09:23:28.0341 0x6b560 AviraPhantomVPN - ok
09:23:28.0344 0x6b560 [ F830C969F1F1ACBBA8C862F9A196C7B3, F64DCC79EBD2272F08C1A25F205F9B1C92629943F089ECA4DFB3FC44D0961B9F ] AviraUpdaterService C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
09:23:28.0352 0x6b560 AviraUpdaterService - ok
09:23:28.0356 0x6b560 [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
09:23:28.0365 0x6b560 avkmgr - ok
09:23:28.0370 0x6b560 [ 899D89FDF015BBAF628076987D74C295, 7534A10F652FBE559431B9B1C6BC13874E8BC7438D7AFD7553F96811FD3E59BD ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
09:23:28.0377 0x6b560 avnetflt - ok
09:23:28.0382 0x6b560 [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
09:23:28.0399 0x6b560 AxInstSV - ok
09:23:28.0411 0x6b560 [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
09:23:28.0432 0x6b560 b06bdrv - ok
09:23:28.0436 0x6b560 [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
09:23:28.0450 0x6b560 BasicDisplay - ok
09:23:28.0453 0x6b560 [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
09:23:28.0465 0x6b560 BasicRender - ok
09:23:28.0470 0x6b560 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
09:23:28.0481 0x6b560 bcmfn - ok
09:23:28.0485 0x6b560 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
09:23:28.0496 0x6b560 bcmfn2 - ok
09:23:28.0505 0x6b560 [ D4EFDA0D56429018281F8F3188E6F86C, 020B861338BAF8E2A861CA1D2D22640CCD39BA84F18260F9862F7E3AC5014985 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
09:23:28.0529 0x6b560 BDESVC - ok
09:23:28.0533 0x6b560 [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:23:28.0546 0x6b560 Beep - ok
09:23:28.0562 0x6b560 [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE C:\WINDOWS\System32\bfe.dll
09:23:28.0600 0x6b560 BFE - ok
09:23:28.0617 0x6b560 [ DEEDB9C7504B423FFA3AEFF986A687B0, 96E7F43D0A18AEF6C7FEACCE0D26AD49B47C0DF90B9D9503F567D782777977BD ] BitBoxService C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe
09:23:28.0643 0x6b560 BitBoxService - detected UnsignedFile.Multi.Generic ( 1 )
09:23:28.0681 0x6b560 Detect skipped due to KSN trusted
09:23:28.0681 0x6b560 BitBoxService - ok
09:23:28.0702 0x6b560 [ BC27BF1FCD63540A194E549FB80C9C8D, E0D698201AC00BA8A8D8E2B19FAAB6DD0488E837EDB011943ACAD5E72EF281DA ] BITS C:\WINDOWS\System32\qmgr.dll
09:23:28.0748 0x6b560 BITS - ok
09:23:28.0761 0x6b560 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:23:28.0773 0x6b560 Bonjour Service - ok
09:23:28.0779 0x6b560 [ EEBFAEB4702E1049ECD44B10485E6C0C, 8F4D31E36717101B6172D7346E86EBC77B9CDAA5CC14AA1379661C16A7FF05E2 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
09:23:28.0792 0x6b560 bowser - ok
09:23:28.0810 0x6b560 [ 78C35DD7CF780428650B1EE9B0F8D41E, C5A3111383CD9813A4ED33E244E20E2E0607CDEFC5BF00A760F63DAD019EE90E ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
09:23:28.0843 0x6b560 BrokerInfrastructure - ok
09:23:28.0850 0x6b560 [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser C:\WINDOWS\System32\browser.dll
09:23:28.0865 0x6b560 Browser - ok
09:23:28.0875 0x6b560 [ 4DCAF7A846AAABA6D3565F827A917576, 543D6436283C315103BDE557794A740D61A3BEA773D8CD413143F801E94955B9 ] BTATH_A2DP C:\WINDOWS\system32\drivers\btath_a2dp.sys
09:23:28.0886 0x6b560 BTATH_A2DP - ok
09:23:28.0891 0x6b560 [ 1D175D11CEC6B7D4C53CBA1CFFC126E8, 38170E4616140CF68D8C59EC4D478E5AF76642A3CA00E4DB7EB019AD23147051 ] btath_avdt C:\WINDOWS\system32\drivers\btath_avdt.sys
09:23:28.0898 0x6b560 btath_avdt - ok
09:23:28.0902 0x6b560 [ 32507307D899CDCA4173F210BC70A796, DFA643BEB06C672EDBDB4333040CE49A31E82EA026D5ACCACBD9ABBED11BF8CA ] BTATH_BUS C:\WINDOWS\system32\drivers\btath_bus.sys
09:23:28.0913 0x6b560 BTATH_BUS - ok
09:23:28.0919 0x6b560 [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP C:\WINDOWS\System32\drivers\btath_hcrp.sys
09:23:28.0928 0x6b560 BTATH_HCRP - ok
09:23:28.0932 0x6b560 [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
09:23:28.0938 0x6b560 BTATH_LWFLT - ok
09:23:28.0943 0x6b560 [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP C:\WINDOWS\System32\drivers\btath_rcp.sys
09:23:28.0951 0x6b560 BTATH_RCP - ok
09:23:28.0965 0x6b560 [ CD5B031E0A313CCFF6DCF54E9F732FF7, FD07B233943902E3A10EAEF1D76C703E8365A9CD60C60BB4786F85E8663560FA ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
09:23:28.0986 0x6b560 BtFilter - ok
09:23:28.0991 0x6b560 [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
09:23:29.0002 0x6b560 BthAvrcpTg - ok
09:23:29.0008 0x6b560 [ FF218FBB511B733F8A6829FB17CA972D, 05BB1C3BFE189549E78A02C5C0C0C832C248680668D821F92FE7B6B39DC111A0 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
09:23:29.0021 0x6b560 BthEnum - ok
09:23:29.0025 0x6b560 [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
09:23:29.0039 0x6b560 BthHFEnum - ok
09:23:29.0042 0x6b560 [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
09:23:29.0054 0x6b560 bthhfhid - ok
09:23:29.0062 0x6b560 [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
09:23:29.0083 0x6b560 BthHFSrv - ok
09:23:29.0090 0x6b560 [ 8EDA0733FF6266C2FB26BCE0B4AA8B15, F60BE5630EE714B718233933DC6101130DF672A01F99C7389D0708BC00E8D5DF ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
09:23:29.0110 0x6b560 BthLEEnum - ok
09:23:29.0114 0x6b560 [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
09:23:29.0126 0x6b560 BTHMODEM - ok
09:23:29.0132 0x6b560 [ D2A121586B660311B09964D2A6DDF864, 539953D953D40014366918BB38FADD3F21417EF8ADA532E1ABD1824949B952D4 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
09:23:29.0145 0x6b560 BthPan - ok
09:23:29.0166 0x6b560 [ E465D7F6F3E4CA9F0E5FB6FD346F2F3D, 8F01051202903E8E16A6AE42B3F5F900C4D0B021311AE44225E8D11BE48DB129 ] BTHPORT C:\WINDOWS\system32\DRIVERS\BTHport.sys
09:23:29.0204 0x6b560 BTHPORT - ok
09:23:29.0212 0x6b560 [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv C:\WINDOWS\system32\bthserv.dll
09:23:29.0226 0x6b560 bthserv - ok
09:23:29.0231 0x6b560 [ 7E844E3B520CA7873674D36286BC380F, 8B2A079B59625754D4CDFC486FC606B036B063DB382F6449A0CB69C5675F7A8A ] BTHUSB C:\WINDOWS\system32\DRIVERS\BTHUSB.sys
09:23:29.0244 0x6b560 BTHUSB - ok
09:23:29.0249 0x6b560 [ 5A458422B4312BAEEFA3E64D321596E6, 1213D86B9B6FBB1414D1D3E5F4B0ED0C68D05EB98C902395AB0F0FC3D8A29AD5 ] busenum C:\WINDOWS\System32\drivers\busenum.sys
09:23:29.0256 0x6b560 busenum - ok
09:23:29.0259 0x6b560 [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
09:23:29.0271 0x6b560 buttonconverter - ok
09:23:29.0277 0x6b560 [ 4C61113687EB66035A70A55EE9B7DB4A, 3339821A3853B90F3B468470493A813053D82014E2677E726C16E19AABE2A440 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
09:23:29.0292 0x6b560 CapImg - ok
09:23:29.0296 0x6b560 [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
09:23:29.0310 0x6b560 cdfs - ok
09:23:29.0320 0x6b560 [ 7AD576CF28F1E7AEFC3D6E8279DF84F6, 1F7E26F9354B543881E940F5183086AC00684CDC0AB7A797E1F0AB21C4AD8716 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
09:23:29.0349 0x6b560 CDPSvc - ok
09:23:29.0358 0x6b560 [ 0415CA08674F64D63329CB51D4004685, 12F3AB9A263F2E131F4969E6CED2AE6DD7AF06C10AF02923256FF4C9E34698BF ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
09:23:29.0380 0x6b560 CDPUserSvc - ok
09:23:29.0388 0x6b560 [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
09:23:29.0405 0x6b560 cdrom - ok
09:23:29.0412 0x6b560 [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
09:23:29.0433 0x6b560 CertPropSvc - ok
09:23:29.0437 0x6b560 [ CF3FFDA7B06A62DC018AFF75B4749FF4, B9ECE0A37CA4A389114737EADF68334DBF6A77214E8794ADFC6F83AD42F90D56 ] chip1click C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
09:23:29.0445 0x6b560 chip1click - detected UnsignedFile.Multi.Generic ( 1 )
09:23:29.0546 0x6b560 chip1click ( UnsignedFile.Multi.Generic ) - warning
09:23:29.0638 0x6b560 [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
09:23:29.0656 0x6b560 cht4iscsi - ok
09:23:29.0696 0x6b560 [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
09:23:29.0749 0x6b560 cht4vbd - ok
09:23:29.0756 0x6b560 [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
09:23:29.0768 0x6b560 circlass - ok
09:23:29.0776 0x6b560 [ 09D0B94D3A06EFD1EB70189EC4B26DF7, 47E73C536C63F4C21E4ADBB122A152D3A291CF4EDD4CB4D07D09D14E1A9961F1 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
09:23:29.0794 0x6b560 CLFS - ok
09:23:29.0811 0x6b560 [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
09:23:29.0837 0x6b560 ClipSVC - ok
09:23:29.0845 0x6b560 [ 6DAB146CFE7B5EE2A691F1139AD570E6, 9D252E7A3906F28A197A1F4243D59DA82FE51F526F39C55635D9BBE30AB5191A ] Cloud Station Backup VSS Service x64 C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
09:23:29.0857 0x6b560 Cloud Station Backup VSS Service x64 - ok
09:23:29.0865 0x6b560 [ 45D908483D6BDE0B618E0351EBB29973, 2B8F884663C8AB07F0CAE606C8BC3DEC9D961AC1EE1B78E7832CCF6164C431EF ] Cloud Station Drive VSS Service x64 C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
09:23:29.0875 0x6b560 Cloud Station Drive VSS Service x64 - ok
09:23:29.0880 0x6b560 [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg C:\WINDOWS\System32\drivers\registry.sys
09:23:29.0894 0x6b560 clreg - ok
09:23:29.0905 0x6b560 [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
09:23:29.0918 0x6b560 CmBatt - ok
09:23:29.0931 0x6b560 [ 3E502EB1701CF54CF237B6250FBE38EA, E63F6F45D3990ACBCA96003F67C83697BA5B74B89F972C5E9CC45F90D05519FF ] CNG C:\WINDOWS\system32\Drivers\cng.sys
09:23:29.0955 0x6b560 CNG - ok
09:23:29.0959 0x6b560 [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
09:23:29.0969 0x6b560 cnghwassist - ok
09:23:29.0979 0x6b560 [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
09:23:29.0990 0x6b560 CompositeBus - ok
09:23:29.0993 0x6b560 COMSysApp - ok
09:23:29.0997 0x6b560 [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
09:23:30.0008 0x6b560 condrv - ok
09:23:30.0023 0x6b560 [ 9CE94A05A5BA6A92013CAD1B924B1EC2, 19ECE2C607BAE5DCE7ED4AB46722E63EF834B219716F3A90AF661C02B58088C4 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
09:23:30.0050 0x6b560 CoreMessagingRegistrar - ok
09:23:30.0058 0x6b560 [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
09:23:30.0078 0x6b560 CryptSvc - ok
09:23:30.0091 0x6b560 [ 03214883D52FAD46573233852344C72C, 63DCCDD895EB804D205ABB8EA381B34FB0879D09E4D0EB0B28F9B2BB1024BAB7 ] CSC C:\WINDOWS\system32\drivers\csc.sys
09:23:30.0121 0x6b560 CSC - ok
09:23:30.0136 0x6b560 [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService C:\WINDOWS\System32\cscsvc.dll
09:23:30.0168 0x6b560 CscService - ok
09:23:30.0173 0x6b560 [ 68B1E0DA1BB1680494227E88CE821E2F, DE9AFCE4CC28F3484180D6A63FBBDA5B89F208E056BD17870C074094159ED6AF ] dam C:\WINDOWS\system32\drivers\dam.sys
09:23:30.0182 0x6b560 dam - ok
09:23:30.0202 0x6b560 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:23:30.0244 0x6b560 DcomLaunch - ok
09:23:30.0251 0x6b560 [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
09:23:30.0272 0x6b560 DcpSvc - ok
09:23:30.0285 0x6b560 [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
09:23:30.0315 0x6b560 defragsvc - ok
09:23:30.0327 0x6b560 [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
09:23:30.0352 0x6b560 DeviceAssociationService - ok
09:23:30.0357 0x6b560 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
09:23:30.0380 0x6b560 DeviceInstall - ok
09:23:30.0384 0x6b560 [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
09:23:30.0396 0x6b560 DevQueryBroker - ok
09:23:30.0402 0x6b560 [ 7EAFDEF51136E8F2452CEBD8D084F108, 88609DCB578D14BEBF7CF3C4D300FE2440BA0CF95189969247AB516059E9C284 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
09:23:30.0416 0x6b560 Dfsc - ok
09:23:30.0429 0x6b560 [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
09:23:30.0452 0x6b560 Dhcp - ok
09:23:30.0457 0x6b560 [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
09:23:30.0474 0x6b560 diagnosticshub.standardcollector.service - ok
09:23:30.0509 0x6b560 [ 6079A6F6406C4FFB552F66384F25F919, 8B38645F1F4A8F72DF18373EDCD3828DDF8D4E2A406E42E654F21C0C1A5EB661 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
09:23:30.0586 0x6b560 DiagTrack - ok
09:23:30.0598 0x6b560 [ BB5B80616BD01A9C59BF1D52BA238EDA, 8168F38127EC955B25AD4EF61081D86473E4959F797F68055E6210080EFEFF9F ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
09:23:30.0611 0x6b560 DigitalWave.Update.Service - ok
09:23:30.0621 0x6b560 [ 861BF9D0F3B7AD653D514F32A0496DAD, 964C20FEA1619BB73E8D764EE35831B21C5010490F46BA739AB0F9C1ACDADDDC ] Disconnect Desktop Updater C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe
09:23:30.0635 0x6b560 Disconnect Desktop Updater - ok
09:23:30.0644 0x6b560 [ 5044AC5503227F576AA6EFD01BBCBDF8, 56D7ACFB9B2A3DCBE10A94EB10A4D55EBBECA1A5888A0546460AC2F383E20337 ] disconnect-openvpn C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\nssm.exe
09:23:30.0655 0x6b560 disconnect-openvpn - ok
09:23:30.0660 0x6b560 [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk C:\WINDOWS\system32\drivers\disk.sys
09:23:30.0670 0x6b560 disk - ok
09:23:30.0679 0x6b560 [ 53757B27986CDC970725FAE35F45CA11, 3B332C2FBD502BAD959DDD65C86FEAFA78DFDDF6405F130F2F26A8AF9424E21B ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
09:23:30.0709 0x6b560 DmEnrollmentSvc - ok
09:23:30.0714 0x6b560 [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
09:23:30.0724 0x6b560 dmvsc - ok
09:23:30.0729 0x6b560 [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
09:23:30.0748 0x6b560 dmwappushservice - ok
09:23:30.0756 0x6b560 [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:23:30.0781 0x6b560 Dnscache - ok
09:23:30.0790 0x6b560 [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc C:\WINDOWS\System32\dot3svc.dll
09:23:30.0808 0x6b560 dot3svc - ok
09:23:30.0814 0x6b560 [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS C:\WINDOWS\system32\dps.dll
09:23:30.0828 0x6b560 DPS - ok
09:23:30.0832 0x6b560 [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys
09:23:30.0840 0x6b560 drmkaud - ok
09:23:30.0847 0x6b560 [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
09:23:30.0864 0x6b560 DsmSvc - ok
09:23:30.0870 0x6b560 [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc C:\WINDOWS\System32\DsSvc.dll
09:23:30.0889 0x6b560 DsSvc - ok
09:23:30.0893 0x6b560 [ 679FF716052109392D870F6A6C4A3535, BEF1784448CCA4AF1D67ED68BD0C7CFE01A7719E98CACF92C2DCBFAA916DC57E ] dtlitescsibus C:\WINDOWS\System32\drivers\dtlitescsibus.sys
09:23:30.0901 0x6b560 dtlitescsibus - ok
09:23:30.0905 0x6b560 [ E23FDD696839A4790682CA66C48D3F2F, F5F0721BDA751968224E52E75D0C309A3E084C430CD98E85A55AF622D16B9A44 ] dtliteusbbus C:\WINDOWS\System32\drivers\dtliteusbbus.sys
09:23:30.0913 0x6b560 dtliteusbbus - ok
09:23:30.0954 0x6b560 [ A90C76FB62526DEB5A5557A8839841AB, 939BDA8A4F73E834A319D45C97B0892B0A44886A9191BA20D1121622BAE413FA ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
09:23:31.0014 0x6b560 DXGKrnl - ok
09:23:31.0022 0x6b560 [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
09:23:31.0040 0x6b560 EapHost - ok
09:23:31.0096 0x6b560 [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
09:23:31.0187 0x6b560 ebdrv - ok
09:23:31.0194 0x6b560 [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] EFS C:\WINDOWS\System32\lsass.exe
09:23:31.0210 0x6b560 EFS - ok
09:23:31.0215 0x6b560 [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
09:23:31.0224 0x6b560 EhStorClass - ok
09:23:31.0230 0x6b560 [ 4D49B99DCACA1FC782A94DB596246504, 878B27A128093640830AB4C78973E1D896CF3AA918FA24FAB1029F0C9D1CB98B ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
09:23:31.0240 0x6b560 EhStorTcgDrv - ok
09:23:31.0246 0x6b560 [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
09:23:31.0265 0x6b560 embeddedmode - ok
09:23:31.0274 0x6b560 [ B4264DEF962801CDB83C008DE30758D1, 57886688102BE727450BA45932044A5A389B5822A0C1C08C2AFFBA380F70C3F3 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
09:23:31.0301 0x6b560 EntAppSvc - ok
09:23:31.0304 0x6b560 [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
09:23:31.0314 0x6b560 ErrDev - ok
09:23:31.0327 0x6b560 [ D7F2456FD9FD5EE822E14CA7144A3C04, 463720792F1C36762DC083B5E622F5AF55B2ECE684AFC229555D9A55290ACB06 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
09:23:31.0345 0x6b560 ETD - ok
09:23:31.0357 0x6b560 [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem C:\WINDOWS\system32\es.dll
09:23:31.0385 0x6b560 EventSystem - ok
09:23:31.0394 0x6b560 [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat C:\WINDOWS\system32\drivers\exfat.sys
09:23:31.0420 0x6b560 exfat - ok
09:23:31.0429 0x6b560 [ C077AA74EDDAF69985EB27597BCB342A, 8CE48D37E39A6DFA3C8E959CA92A49029100446DC40044EE009D55FB9CDE378A ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
09:23:31.0454 0x6b560 fastfat - ok
09:23:31.0469 0x6b560 [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax C:\WINDOWS\system32\fxssvc.exe
09:23:31.0506 0x6b560 Fax - ok
09:23:31.0510 0x6b560 [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
09:23:31.0521 0x6b560 fdc - ok
09:23:31.0525 0x6b560 [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
09:23:31.0541 0x6b560 fdPHost - ok
09:23:31.0545 0x6b560 [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub C:\WINDOWS\system32\fdrespub.dll
09:23:31.0559 0x6b560 FDResPub - ok
09:23:31.0564 0x6b560 [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
09:23:31.0582 0x6b560 fhsvc - ok
09:23:31.0587 0x6b560 [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
09:23:31.0601 0x6b560 FileCrypt - ok
09:23:31.0605 0x6b560 [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
09:23:31.0615 0x6b560 FileInfo - ok
09:23:31.0619 0x6b560 [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
09:23:31.0633 0x6b560 Filetrace - ok
09:23:31.0642 0x6b560 [ 14096194A0FDD9D4110760C507D37BC3, 2BBB8104E32C38A5EF175267A7BC89A948443D4D1F3F52EEFC7C9ED15727F4CD ] file_tracker C:\WINDOWS\system32\DRIVERS\file_tracker.sys
09:23:31.0655 0x6b560 file_tracker - ok
09:23:31.0658 0x6b560 [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
09:23:31.0671 0x6b560 flpydisk - ok
09:23:31.0680 0x6b560 [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:23:31.0696 0x6b560 FltMgr - ok
09:23:31.0703 0x6b560 [ 66FAC908C2342B1348745DC438A149CE, C66372966EEA40470489DE8995A51F388015007292566DF840B265123F84111C ] fltsrv C:\WINDOWS\system32\DRIVERS\fltsrv.sys
09:23:31.0713 0x6b560 fltsrv - ok
09:23:31.0746 0x6b560 [ 289EFA0470B308F01BAF955DE81E0682, F88081AD427BD90B3085A07439D1BDBB4966A898D49B0ABEFF7829D68BE532A5 ] FontCache C:\WINDOWS\system32\FntCache.dll
09:23:31.0810 0x6b560 FontCache - ok
09:23:31.0816 0x6b560 [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:23:31.0830 0x6b560 FontCache3.0.0.0 - ok
09:23:31.0848 0x6b560 [ B6848AE7BF5BD5182075D948DF7588DC, 0245D35CA48451D0743347338EE2E8E8AB6C6FD8ABE0B91E7FE2830714D30BE0 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
09:23:31.0883 0x6b560 FrameServer - ok
09:23:31.0889 0x6b560 [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
09:23:31.0900 0x6b560 FsDepends - ok
09:23:31.0903 0x6b560 [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:23:31.0915 0x6b560 Fs_Rec - ok
09:23:31.0928 0x6b560 [ B719EAA1EC93586955B013BD7DD61356, 0D0D94CF33322EEC0AD08835D0314E578F9687F361CD436A2073A4D2C0D56C86 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
09:23:31.0952 0x6b560 fvevol - ok
09:23:31.0957 0x6b560 [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
09:23:31.0968 0x6b560 gencounter - ok
09:23:31.0972 0x6b560 [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
09:23:31.0984 0x6b560 genericusbfn - ok
09:23:31.0989 0x6b560 [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
09:23:32.0001 0x6b560 GPIOClx0101 - ok
09:23:32.0027 0x6b560 [ C9316C91895057669386E620C89580E5, 5C7BF2C890E77AE3D401BB1F9F76B42D8A0ECD98118F17929FCD4097C768D90A ] gpsvc C:\WINDOWS\System32\gpsvc.dll
09:23:32.0085 0x6b560 gpsvc - ok
09:23:32.0089 0x6b560 [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
09:23:32.0102 0x6b560 GpuEnergyDrv - ok
09:23:32.0107 0x6b560 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:23:32.0116 0x6b560 gupdate - ok
09:23:32.0121 0x6b560 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:23:32.0129 0x6b560 gupdatem - ok
09:23:32.0134 0x6b560 [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
09:23:32.0147 0x6b560 HDAudBus - ok
09:23:32.0151 0x6b560 [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
09:23:32.0159 0x6b560 HidBatt - ok
09:23:32.0164 0x6b560 [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
09:23:32.0176 0x6b560 HidBth - ok
09:23:32.0180 0x6b560 [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
09:23:32.0192 0x6b560 hidi2c - ok
09:23:32.0196 0x6b560 [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
09:23:32.0207 0x6b560 hidinterrupt - ok
09:23:32.0210 0x6b560 [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
09:23:32.0224 0x6b560 HidIr - ok
09:23:32.0228 0x6b560 [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv C:\WINDOWS\system32\hidserv.dll
09:23:32.0240 0x6b560 hidserv - ok
09:23:32.0243 0x6b560 [ 38DA94B6DD8022DA43810E4328608E54, ACE0A36143FF37BC42F136DB7317028540D1C0F21A5FD13F67E1A3DB2426A5EA ] HIDSwitch C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
09:23:32.0251 0x6b560 HIDSwitch - ok
09:23:32.0255 0x6b560 [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
09:23:32.0267 0x6b560 HidUsb - ok
09:23:32.0274 0x6b560 [ 44D54C8356588525D7AD0FDCFDDA0811, 46963ADBF14FA8A9B0E6564106ADEA49BBD4EBD9E43DF389CCD31F9B9BD080D9 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
09:23:32.0295 0x6b560 HomeGroupListener - ok
09:23:32.0306 0x6b560 [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
09:23:32.0333 0x6b560 HomeGroupProvider - ok
09:23:32.0338 0x6b560 [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
09:23:32.0347 0x6b560 HpSAMD - ok
09:23:32.0350 0x6b560 [ 02F1253476B7F5F818364443DFED3264, 645F51A6781E9DEB381694718EDEF38B02F5345ADCE8860EC2D9483F7C1C7CC2 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
09:23:32.0360 0x6b560 HPSupportSolutionsFrameworkService - ok
09:23:32.0379 0x6b560 [ 65E358D604267CBAACB74A2598BBE22B, A645E48641D638A58789B7948FC3DD5072179C0919B546A6DB08094FA9321A30 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
09:23:32.0412 0x6b560 HTTP - ok
09:23:32.0417 0x6b560 [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
09:23:32.0429 0x6b560 HvHost - ok
09:23:32.0433 0x6b560 [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
09:23:32.0442 0x6b560 hvservice - ok
09:23:32.0446 0x6b560 [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
09:23:32.0456 0x6b560 hwpolicy - ok
09:23:32.0459 0x6b560 [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
09:23:32.0473 0x6b560 hyperkbd - ok
09:23:32.0477 0x6b560 [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
09:23:32.0492 0x6b560 i8042prt - ok
09:23:32.0495 0x6b560 [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
09:23:32.0506 0x6b560 iagpio - ok
09:23:32.0511 0x6b560 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
09:23:32.0524 0x6b560 iai2c - ok
09:23:32.0528 0x6b560 [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
09:23:32.0543 0x6b560 iaLPSS2i_GPIO2 - ok
09:23:32.0550 0x6b560 [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
09:23:32.0561 0x6b560 iaLPSS2i_I2C - ok
09:23:32.0566 0x6b560 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
09:23:32.0574 0x6b560 iaLPSSi_GPIO - ok
09:23:32.0581 0x6b560 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
09:23:32.0599 0x6b560 iaLPSSi_I2C - ok
09:23:32.0629 0x6b560 [ FC44D4507741936BBBF0F8FFD1C8EEA1, 87B34F2E865A89CD455AD055E5C78B2BA332BE9F81336CE9AB08F4DDF5C4C743 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
09:23:32.0669 0x6b560 iaStorA - ok
09:23:32.0686 0x6b560 [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
09:23:32.0712 0x6b560 iaStorAV - ok
09:23:32.0724 0x6b560 [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
09:23:32.0745 0x6b560 iaStorV - ok
09:23:32.0757 0x6b560 [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
09:23:32.0777 0x6b560 ibbus - ok
09:23:32.0781 0x6b560 [ 231ADCE77616144B8E3D29707B282C82, D2429E0CAABE3E3A50D62DEC6C9F8D13AC8786EB57D9075489425E623EC84165 ] ICCWDT C:\WINDOWS\System32\drivers\ICCWDT.sys
09:23:32.0790 0x6b560 ICCWDT - ok
09:23:32.0797 0x6b560 [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc C:\WINDOWS\System32\tetheringservice.dll
09:23:32.0814 0x6b560 icssvc - ok
09:23:32.0833 0x6b560 [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT C:\WINDOWS\System32\ikeext.dll
09:23:32.0872 0x6b560 IKEEXT - ok
09:23:32.0876 0x6b560 [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
09:23:32.0890 0x6b560 IndirectKmd - ok
09:23:32.0988 0x6b560 [ 9FCA186B88991BFD1BBBBC53059DC615, 91A1A13F0D3B64CD1961B558C3C4E6108719CB59ABFB21EBA2C5091C34E01C82 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
09:23:33.0088 0x6b560 IntcAzAudAddService - ok
09:23:33.0098 0x6b560 [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide C:\WINDOWS\system32\drivers\intelide.sys
09:23:33.0108 0x6b560 intelide - ok
09:23:33.0111 0x6b560 [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
09:23:33.0124 0x6b560 intelpep - ok
09:23:33.0129 0x6b560 [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
09:23:33.0144 0x6b560 intelppm - ok
09:23:33.0148 0x6b560 [ 4A922CAB4AB5F29F1BECC9D95B4B7F05, 7C1006799E26A0B4DF49373A4D0509748C602588CFB3C1CBB409E335F5DF9593 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
09:23:33.0157 0x6b560 iorate - ok
09:23:33.0162 0x6b560 [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:23:33.0174 0x6b560 IpFilterDriver - ok
09:23:33.0193 0x6b560 [ 89548E57FD0A7BC703541C69C0286B13, 261698B302DF5B80C57FC4257E0A0AABC8DEFFED16D8CD142AD8E7CB51AF2007 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
09:23:33.0239 0x6b560 iphlpsvc - ok
09:23:33.0244 0x6b560 [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
09:23:33.0254 0x6b560 IPMIDRV - ok
09:23:33.0261 0x6b560 [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
09:23:33.0276 0x6b560 IPNAT - ok
09:23:33.0290 0x6b560 [ EECB45F889E99174DA56FBDF37962D25, 12B407C45C9D0396FF3B5B118A863CBDEE0867034AE365F4CF5A8F66A4DB2003 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:23:33.0306 0x6b560 iPod Service - ok
09:23:33.0312 0x6b560 [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda C:\WINDOWS\system32\drivers\irda.sys
09:23:33.0328 0x6b560 irda - ok
09:23:33.0332 0x6b560 [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
09:23:33.0342 0x6b560 IRENUM - ok
09:23:33.0346 0x6b560 [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon C:\WINDOWS\System32\irmon.dll
09:23:33.0360 0x6b560 irmon - ok
09:23:33.0364 0x6b560 [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
09:23:33.0372 0x6b560 isapnp - ok
09:23:33.0380 0x6b560 [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
09:23:33.0396 0x6b560 iScsiPrt - ok
09:23:33.0400 0x6b560 [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
09:23:33.0409 0x6b560 kbdclass - ok
09:23:33.0414 0x6b560 [ 2D05785B0C58D90A34EA15032EADBBA9, 3E1238FF7F6ECA522761830FE7EA7587B704FCB3ECE8C6BF94CC17A640B678ED ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
09:23:33.0426 0x6b560 kbdhid - ok
09:23:33.0430 0x6b560 [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
09:23:33.0445 0x6b560 kdnic - ok
09:23:33.0449 0x6b560 [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] KeyIso C:\WINDOWS\system32\lsass.exe
09:23:33.0463 0x6b560 KeyIso - ok
09:23:33.0469 0x6b560 [ 9FA1B5D84F596F0664F0465F302044DC, 47B41D3D6119B5B20C83AF84D315C4AB40B5534D687736A8B67BD985A3B232C1 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
09:23:33.0480 0x6b560 KSecDD - ok
09:23:33.0486 0x6b560 [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
09:23:33.0498 0x6b560 KSecPkg - ok
09:23:33.0501 0x6b560 [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
09:23:33.0520 0x6b560 ksthunk - ok
09:23:33.0531 0x6b560 [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
09:23:33.0559 0x6b560 KtmRm - ok
09:23:33.0564 0x6b560 [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C C:\WINDOWS\System32\drivers\L1C63x64.sys
09:23:33.0571 0x6b560 L1C - ok
09:23:33.0580 0x6b560 [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
09:23:33.0603 0x6b560 LanmanServer - ok
09:23:33.0611 0x6b560 [ 752FE77F22592016A5EBBF399EC12E14, 231CF3E069FF64A4E8C81D0799A73924D864585B25382EFF8D1707F87747AC9E ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
09:23:33.0632 0x6b560 LanmanWorkstation - ok
09:23:33.0638 0x6b560 [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc C:\WINDOWS\System32\lfsvc.dll
09:23:33.0649 0x6b560 lfsvc - ok
09:23:33.0653 0x6b560 [ F2E1302599E445F3E1A305123A92A8BC, 162D5C8045463931E8465544144F11567AA0F246AEAC3828A13284C283F01633 ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
09:23:33.0666 0x6b560 LicenseManager - ok
09:23:33.0669 0x6b560 [ 2223D781B2D1E16219C250520CE39C9F, 1EF801C20E52E0687E42BDB3E8822A76720061986C14BFB7C4DB99E522DBF806 ] LiveTuner2PM C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner64.sys
09:23:33.0675 0x6b560 LiveTuner2PM - ok
09:23:33.0680 0x6b560 [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
09:23:33.0691 0x6b560 lltdio - ok
09:23:33.0699 0x6b560 [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
09:23:33.0724 0x6b560 lltdsvc - ok
09:23:33.0729 0x6b560 [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
09:23:33.0742 0x6b560 lmhosts - ok
09:23:33.0748 0x6b560 [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
09:23:33.0759 0x6b560 LSI_SAS - ok
09:23:33.0764 0x6b560 [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
09:23:33.0775 0x6b560 LSI_SAS2i - ok
09:23:33.0780 0x6b560 [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
09:23:33.0791 0x6b560 LSI_SAS3i - ok
09:23:33.0796 0x6b560 [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
09:23:33.0806 0x6b560 LSI_SSS - ok
09:23:33.0820 0x6b560 [ 5570D03E2048AC7961BEF6FFEE3A2CA5, FD0232312D87015FA0B8062FA175A44410F8C1C9778145CCDD57BA1C23929C87 ] LSM C:\WINDOWS\System32\lsm.dll
09:23:33.0849 0x6b560 LSM - ok
09:23:33.0855 0x6b560 [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
09:23:33.0873 0x6b560 luafv - ok
09:23:34.0009 0x6b560 [ 3B08ABBD49CFA32A914F9A45A98CF8DC, 3AE9BC6441C9409A984AFFA36152F31A3608313D5F708106DEA7EEBB5B924679 ] m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe
09:23:34.0185 0x6b560 m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E - ok
09:23:34.0198 0x6b560 [ 60DC593BA44E433DF97EBC8940703D08, 253B6892D7FCBD647D6FA645670871A76A38CD379FCC1F66F1181949740C72EA ] ManyCam C:\WINDOWS\system32\DRIVERS\mcvidrv.sys
09:23:34.0206 0x6b560 ManyCam - ok
09:23:34.0218 0x6b560 [ F0DB70EA6B32DA9E8D3DFE50206CF9C4, F2CE20E7019C029388A24326B149B0FBF17649F2BA805C96E9F6FB27EB4CB3CD ] ManyCam Service C:\ProgramData\ManyCam\Service\ManyCamService.exe
09:23:34.0241 0x6b560 ManyCam Service - ok
09:23:34.0245 0x6b560 [ 6D4111E1852A9F0BFC07BB69F3141841, 9BFF4517F26F1E9DF4DA6633B542EAA20A698B9397D2ED73134E7AEF306FBB15 ] MapsBroker C:\WINDOWS\System32\moshost.dll
09:23:34.0258 0x6b560 MapsBroker - ok
09:23:34.0261 0x6b560 MBAMSwissArmy - ok
09:23:34.0266 0x6b560 [ 7382E4A888A7D4333DFF8A30B6850EE9, 3F63680A96438DF841FD46F99DA9670520ED3295176820DEDC9D5C770CA659D0 ] mcaudrv_simple C:\WINDOWS\system32\drivers\mcaudrv_x64.sys
09:23:34.0271 0x6b560 mcaudrv_simple - ok
09:23:34.0275 0x6b560 [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas C:\WINDOWS\system32\drivers\megasas.sys
09:23:34.0284 0x6b560 megasas - ok
09:23:34.0296 0x6b560 [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr C:\WINDOWS\system32\drivers\megasr.sys
09:23:34.0316 0x6b560 megasr - ok
09:23:34.0323 0x6b560 [ 8EC6459491D8508BBA5E3CEC5C930914, E01AEE2E6F569429BC5582AEB63A2CB288499A878B0806D21CC9D78F00E0B284 ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
09:23:34.0337 0x6b560 MEIx64 - ok
09:23:34.0342 0x6b560 [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
09:23:34.0355 0x6b560 MessagingService - ok
09:23:34.0372 0x6b560 [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
09:23:34.0399 0x6b560 mlx4_bus - ok
09:23:34.0404 0x6b560 [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
09:23:34.0415 0x6b560 MMCSS - ok
09:23:34.0493 0x6b560 [ DA4AFC1A1C967028A58D1F5528B3E50D, 3B688ED26031520CFDE619B17E431112A3B2D7034A5E990A20A9E22356223695 ] mmsminisrv C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
09:23:34.0588 0x6b560 mmsminisrv - ok
09:23:34.0718 0x6b560 [ 759CF9A706BD7E68E4FD0D387535DC5C, A9B5065E33A074C8780CEB1AA5B20F8FC9A2443D38709869995D2F8EBF8549E1 ] mobile_backup_server C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
09:23:34.0874 0x6b560 mobile_backup_server - ok
09:23:34.0911 0x6b560 [ 34579C215DABFDEA96A8C1812D933CDE, CFCE4EED8ED6F4A37346E139986EFB99AF11408256E0BC65C09678A0CD73F021 ] mobile_backup_status_server C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
09:23:34.0944 0x6b560 mobile_backup_status_server - ok
09:23:34.0949 0x6b560 [ D842ADDB5911945D51F61A0B1C8F36E3, 5EB93A1FD2D2D9FAB6121356E1AB18F2ADE9550D3033274AF7CA8F7FD51E59ED ] Modem C:\WINDOWS\system32\drivers\modem.sys
09:23:34.0962 0x6b560 Modem - ok
09:23:34.0965 0x6b560 [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor C:\WINDOWS\System32\drivers\monitor.sys
09:23:34.0975 0x6b560 monitor - ok
09:23:34.0980 0x6b560 [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
09:23:34.0989 0x6b560 mouclass - ok
09:23:34.0993 0x6b560 [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
09:23:35.0004 0x6b560 mouhid - ok
09:23:35.0009 0x6b560 [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
09:23:35.0019 0x6b560 mountmgr - ok
09:23:35.0024 0x6b560 [ A82AA5481A845F4AC0E5EE83904FBFED, 2E1640BCA51B1957815465E4DEE895FCD87C93EA80DDD3A80B5647B23D16FB67 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:23:35.0032 0x6b560 MozillaMaintenance - ok
09:23:35.0037 0x6b560 [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
09:23:35.0052 0x6b560 mpsdrv - ok
09:23:35.0068 0x6b560 [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
09:23:35.0106 0x6b560 MpsSvc - ok
09:23:35.0114 0x6b560 [ 50C2389CD04C5B8632E3DC2D733EF15D, 0F83A8A5F405BC6F401B5A75D45F6D07C61C0CA692D2A77C63E742622F5BF921 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
09:23:35.0133 0x6b560 MRxDAV - ok
09:23:35.0145 0x6b560 [ 4D5F17C23D25B5BDF7EB35A54F483C9B, 1A0AFB4151F8D5CB164A53A7851C618F3E4C1A4FF411BC8B0B6402124C311E03 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:23:35.0164 0x6b560 mrxsmb - ok
09:23:35.0172 0x6b560 [ 8F58AEAE00B39AC9AD93755E777B19D8, 335E4D9E9E81609BEAFA08376EE29C35DA6A1839FAFC37399B9066F03BFFFBC1 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
09:23:35.0191 0x6b560 mrxsmb10 - ok
09:23:35.0198 0x6b560 [ FC501F50E6214AF38D4B22220537187A, DACF1A76F98DDCB7F385BBDE2B522A23C32C9838B9CA5CECC9550BD9443DAEED ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
09:23:35.0213 0x6b560 mrxsmb20 - ok
09:23:35.0218 0x6b560 [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
09:23:35.0232 0x6b560 MsBridge - ok
09:23:35.0238 0x6b560 [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC C:\WINDOWS\System32\msdtc.exe
09:23:35.0262 0x6b560 MSDTC - ok
09:23:35.0269 0x6b560 [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:23:35.0288 0x6b560 Msfs - ok
09:23:35.0292 0x6b560 [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
09:23:35.0305 0x6b560 msgpiowin32 - ok
09:23:35.0308 0x6b560 [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
09:23:35.0320 0x6b560 mshidkmdf - ok
09:23:35.0324 0x6b560 [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
09:23:35.0335 0x6b560 mshidumdf - ok
09:23:35.0339 0x6b560 [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
09:23:35.0348 0x6b560 msisadrv - ok
09:23:35.0354 0x6b560 [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
09:23:35.0376 0x6b560 MSiSCSI - ok
|
|
03.09.2016, 08:39
| #5 |
| | Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus Log File TSKiller 2. Teil Code:
ATTFilter 09:23:35.0379 0x6b560 msiserver - ok
09:23:35.0383 0x6b560 [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
09:23:35.0400 0x6b560 MSKSSRV - ok
09:23:35.0405 0x6b560 [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
09:23:35.0418 0x6b560 MsLldp - ok
09:23:35.0422 0x6b560 [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
09:23:35.0438 0x6b560 MSPCLOCK - ok
09:23:35.0441 0x6b560 [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
09:23:35.0461 0x6b560 MSPQM - ok
09:23:35.0470 0x6b560 [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
09:23:35.0497 0x6b560 MsRPC - ok
09:23:35.0506 0x6b560 [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt C:\WINDOWS\system32\drivers\mssecflt.sys
09:23:35.0519 0x6b560 MsSecFlt - ok
09:23:35.0523 0x6b560 [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
09:23:35.0534 0x6b560 mssmbios - ok
09:23:35.0538 0x6b560 [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
09:23:35.0558 0x6b560 MSTEE - ok
09:23:35.0562 0x6b560 [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
09:23:35.0578 0x6b560 MTConfig - ok
09:23:35.0585 0x6b560 [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
09:23:35.0598 0x6b560 Mup - ok
09:23:35.0603 0x6b560 [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
09:23:35.0614 0x6b560 mvumis - ok
09:23:35.0630 0x6b560 [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
09:23:35.0663 0x6b560 NativeWifiP - ok
09:23:35.0682 0x6b560 [ 4DF6F43F761A600208F90A55D05F9B7E, AC93B4497FB428F7EC42DCF5956A2A61B951394E555BF6C89E55943E0B681586 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
09:23:35.0707 0x6b560 NAUpdate - ok
09:23:35.0715 0x6b560 [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
09:23:35.0735 0x6b560 NcaSvc - ok
09:23:35.0744 0x6b560 [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService C:\WINDOWS\System32\ncbservice.dll
09:23:35.0764 0x6b560 NcbService - ok
09:23:35.0769 0x6b560 [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
09:23:35.0790 0x6b560 NcdAutoSetup - ok
09:23:35.0794 0x6b560 [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
09:23:35.0804 0x6b560 ndfltr - ok
09:23:35.0827 0x6b560 [ 36DD2C614720EC2970CB5E870BA69D8D, 692BDA4201119E0561E17E7E1A72320DBECDE3F8E4E65FBEA1B2C1128E16508B ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
09:23:35.0860 0x6b560 NDIS - ok
09:23:35.0866 0x6b560 [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
09:23:35.0878 0x6b560 NdisCap - ok
09:23:35.0884 0x6b560 [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
09:23:35.0904 0x6b560 NdisImPlatform - ok
09:23:35.0908 0x6b560 [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:23:35.0924 0x6b560 NdisTapi - ok
09:23:35.0929 0x6b560 [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
09:23:35.0941 0x6b560 Ndisuio - ok
09:23:35.0946 0x6b560 [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
09:23:35.0961 0x6b560 NdisVirtualBus - ok
09:23:35.0967 0x6b560 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
09:23:35.0993 0x6b560 NdisWan - ok
09:23:36.0006 0x6b560 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:23:36.0036 0x6b560 ndiswanlegacy - ok
09:23:36.0040 0x6b560 [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
09:23:36.0061 0x6b560 ndproxy - ok
09:23:36.0067 0x6b560 [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
09:23:36.0087 0x6b560 Ndu - ok
09:23:36.0091 0x6b560 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\WINDOWS\System32\drivers\netaapl64.sys
09:23:36.0103 0x6b560 Netaapl - ok
09:23:36.0108 0x6b560 [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
09:23:36.0121 0x6b560 NetAdapterCx - ok
09:23:36.0125 0x6b560 [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
09:23:36.0137 0x6b560 NetBIOS - ok
09:23:36.0145 0x6b560 [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:23:36.0162 0x6b560 NetBT - ok
09:23:36.0166 0x6b560 [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:23:36.0176 0x6b560 Netlogon - ok
09:23:36.0183 0x6b560 [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman C:\WINDOWS\System32\netman.dll
09:23:36.0205 0x6b560 Netman - ok
09:23:36.0219 0x6b560 [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
09:23:36.0245 0x6b560 netprofm - ok
09:23:36.0253 0x6b560 [ 724EA060EF56BAB4DED8F731FA56279B, E07FFE11D7B5C94D6B56940C6423ACB85910F6E8789E788EC91EEEE1C02B247F ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
09:23:36.0273 0x6b560 NetSetupSvc - ok
09:23:36.0279 0x6b560 [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:23:36.0295 0x6b560 NetTcpPortSharing - ok
09:23:36.0306 0x6b560 [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
09:23:36.0327 0x6b560 NgcCtnrSvc - ok
09:23:36.0350 0x6b560 [ 2EC2F2E4C88BA9B72D1F6B92234BCD53, 4DC98EBE5A3B34ED654017F076F457970D3FBF749DC54A6533DAABDE85A7C4FE ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
09:23:36.0394 0x6b560 NgcSvc - ok
09:23:36.0404 0x6b560 [ 0B5083278F195C26FE9E0140AEAEDCBE, B4D505963D5EBA14EC80E6D0BB8B862D96D1D1C3A57F4744AEBA3FF4BFB1997A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
09:23:36.0433 0x6b560 NlaSvc - ok
09:23:36.0436 0x6b560 NPF - ok
09:23:36.0441 0x6b560 [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:23:36.0457 0x6b560 Npfs - ok
09:23:36.0461 0x6b560 [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
09:23:36.0471 0x6b560 npsvctrig - ok
09:23:36.0475 0x6b560 [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi C:\WINDOWS\system32\nsisvc.dll
09:23:36.0486 0x6b560 nsi - ok
09:23:36.0490 0x6b560 [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
09:23:36.0501 0x6b560 nsiproxy - ok
09:23:36.0546 0x6b560 [ D1AF837A1555990602A51A3ED238EC80, 37F25AAC4431C665F014FF7EB2FBB395621581200CB5029D4C3F5040E9181F52 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
09:23:36.0606 0x6b560 NTFS - ok
09:23:36.0612 0x6b560 [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null C:\WINDOWS\system32\drivers\Null.sys
09:23:36.0624 0x6b560 Null - ok
09:23:36.0630 0x6b560 [ 1F99AD85DC4F9E322CDE2363378CD374, 5E80D10FF0BC46ECF6F1F2294F35A0A7FD76E6F0B4534FD45C9AA8C57AE97F68 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
09:23:36.0640 0x6b560 NVHDA - ok
09:23:36.0866 0x6b560 [ 113505A56DAE1354960B7FF9E30E9AEA, 8A172BA5A06BA4949847A8F349128609AB324B3582707BECB9E786222BFE58D3 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
09:23:37.0127 0x6b560 nvlddmkm - ok
09:23:37.0145 0x6b560 [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
09:23:37.0156 0x6b560 nvraid - ok
09:23:37.0163 0x6b560 [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
09:23:37.0178 0x6b560 nvstor - ok
09:23:37.0188 0x6b560 [ 4398DCC9BA21E1BE911A13BD18C63481, 251DF1EF6101AC071100665686811915C3B306055C3901BDA96F99612FD001B2 ] NvStUSB C:\WINDOWS\System32\drivers\nvstusb.sys
09:23:37.0201 0x6b560 NvStUSB - ok
09:23:37.0227 0x6b560 [ 334AD0B00C21E84B4CE3E20682D308BF, D17BC6D1B26AA10A1A4622AB36E3CDCBF35A9B9CA07CEC6FF865951FB45C9D03 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
09:23:37.0257 0x6b560 nvsvc - ok
09:23:37.0269 0x6b560 [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
09:23:37.0292 0x6b560 OneSyncSvc - ok
09:23:37.0301 0x6b560 [ E133C2D85CFF4EDD7FE8E8F0F8BE6CDB, 6C5E7D9C81A409E67C143CD3AED33BDDC3967FA4C9AB3B98560B7D3BF57D093D ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:23:37.0314 0x6b560 ose - ok
09:23:37.0325 0x6b560 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
09:23:37.0346 0x6b560 p2pimsvc - ok
09:23:37.0356 0x6b560 [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc C:\WINDOWS\system32\p2psvc.dll
09:23:37.0378 0x6b560 p2psvc - ok
09:23:37.0383 0x6b560 [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport C:\WINDOWS\System32\drivers\parport.sys
09:23:37.0399 0x6b560 Parport - ok
09:23:37.0404 0x6b560 [ 64E0AA114871B2A37908E44A18F35A73, 2FB434EE48894C9B538349918B9B96FE9C6A76ADAC325EB9DA6E84D0B104D457 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
09:23:37.0417 0x6b560 partmgr - ok
09:23:37.0429 0x6b560 [ CE515B2C6E2EA50053A8862398646B38, C85D370E5250AFCF44796CE274B5A100C6829DC28BF1D4C6991EF61DE46FD10A ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
09:23:37.0449 0x6b560 PcaSvc - ok
09:23:37.0460 0x6b560 [ 55E45E0A89429AE9C62D728B9C4891C0, 729922C3488866C8D67F00E82C082F2E8E6F05180F4767AD30FC7E1FFE4946C5 ] pci C:\WINDOWS\system32\drivers\pci.sys
09:23:37.0479 0x6b560 pci - ok
09:23:37.0483 0x6b560 [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide C:\WINDOWS\system32\drivers\pciide.sys
09:23:37.0491 0x6b560 pciide - ok
09:23:37.0497 0x6b560 [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
09:23:37.0508 0x6b560 pcmcia - ok
09:23:37.0513 0x6b560 [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
09:23:37.0522 0x6b560 pcw - ok
09:23:37.0527 0x6b560 [ 2CCD68D8A6BBFF2DE0EC54F086C5F3BC, D3D5A56F0C1BEBA9A05CE82F4BBD011E40A15358C00A668F9614F7E002A65A08 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
09:23:37.0537 0x6b560 pdc - ok
09:23:37.0552 0x6b560 [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
09:23:37.0584 0x6b560 PEAUTH - ok
09:23:37.0618 0x6b560 [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
09:23:37.0698 0x6b560 PeerDistSvc - ok
09:23:37.0705 0x6b560 [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
09:23:37.0716 0x6b560 percsas2i - ok
09:23:37.0720 0x6b560 [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
09:23:37.0729 0x6b560 percsas3i - ok
09:23:37.0741 0x6b560 [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
09:23:37.0756 0x6b560 PerfHost - ok
09:23:37.0777 0x6b560 [ CFA4868B2932396D47BCC8E7350907C1, C757910212982F54CF9B2CFFCB632D58E3A07E468A2DA42CDF97BFB6A05823DE ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
09:23:37.0833 0x6b560 PhoneSvc - ok
09:23:37.0840 0x6b560 [ 06A31E2C90347128A1A25290568E152C, 7F0BC96C116A5C6B9796233CA975B1F6A73D554A533191F38295D60221E503C4 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
09:23:37.0859 0x6b560 PimIndexMaintenanceSvc - ok
09:23:37.0886 0x6b560 [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla C:\WINDOWS\system32\pla.dll
09:23:37.0941 0x6b560 pla - ok
09:23:37.0947 0x6b560 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
09:23:37.0970 0x6b560 PlugPlay - ok
09:23:37.0974 0x6b560 [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
09:23:37.0986 0x6b560 PNRPAutoReg - ok
09:23:37.0995 0x6b560 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
09:23:38.0016 0x6b560 PNRPsvc - ok
09:23:38.0026 0x6b560 [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
09:23:38.0055 0x6b560 PolicyAgent - ok
09:23:38.0062 0x6b560 [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power C:\WINDOWS\system32\umpo.dll
09:23:38.0080 0x6b560 Power - ok
09:23:38.0085 0x6b560 [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
09:23:38.0104 0x6b560 PptpMiniport - ok
09:23:38.0162 0x6b560 [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
09:23:38.0292 0x6b560 PrintNotify - ok
09:23:38.0298 0x6b560 [ 8AF0B69E2C3BC7996BE98D7C7DD0BA2C, 40C96109783DFB01CE2BA966AA29DE44326342823D83669A5632B7CE1565915B ] prl_virtual_hid C:\WINDOWS\System32\drivers\prl_virtual_hid.sys
09:23:38.0305 0x6b560 prl_virtual_hid - ok
09:23:38.0311 0x6b560 [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor C:\WINDOWS\System32\drivers\processr.sys
09:23:38.0324 0x6b560 Processor - ok
09:23:38.0334 0x6b560 [ B2DC3BA675F95343D55EC989FE303561, C53FCA036358B0B11BBE5348074FA24831CF67C9FEE31A3DC9CF88B6178CFBC8 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
09:23:38.0357 0x6b560 ProfSvc - ok
09:23:38.0364 0x6b560 [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
09:23:38.0379 0x6b560 Psched - ok
09:23:38.0383 0x6b560 [ D8EB393983B644879DE0546122CC16DF, 4A11DDFB016B560E770660183AF1ADA4831D97DAEAF560E60259F81F2727CBFC ] ptun0901 C:\WINDOWS\System32\drivers\ptun0901.sys
09:23:38.0394 0x6b560 ptun0901 - ok
09:23:38.0401 0x6b560 [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE C:\WINDOWS\system32\qwave.dll
09:23:38.0419 0x6b560 QWAVE - ok
09:23:38.0423 0x6b560 [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
09:23:38.0435 0x6b560 QWAVEdrv - ok
09:23:38.0438 0x6b560 [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:23:38.0450 0x6b560 RasAcd - ok
09:23:38.0455 0x6b560 [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
09:23:38.0473 0x6b560 RasAgileVpn - ok
09:23:38.0478 0x6b560 [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:23:38.0492 0x6b560 RasAuto - ok
09:23:38.0496 0x6b560 [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
09:23:38.0517 0x6b560 Rasl2tp - ok
09:23:38.0532 0x6b560 [ DF0702D6A190452E1BFA52F36E58640A, 37B7B8220CDE965F1232D883CEEEDDDB309ABA0ACBE38486E69B9052D39187C4 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:23:38.0579 0x6b560 RasMan - ok
09:23:38.0585 0x6b560 [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:23:38.0602 0x6b560 RasPppoe - ok
09:23:38.0606 0x6b560 [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
09:23:38.0626 0x6b560 RasSstp - ok
09:23:38.0638 0x6b560 [ 392CD98739F4A8F188A3CB34F6AB193E, C36D1CD8EEB57DB37A0A079DFC87120F948A8E3EE09973CCF5D613566B17EA10 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:23:38.0658 0x6b560 rdbss - ok
09:23:38.0664 0x6b560 [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
09:23:38.0678 0x6b560 rdpbus - ok
09:23:38.0684 0x6b560 [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
09:23:38.0703 0x6b560 RDPDR - ok
09:23:38.0710 0x6b560 [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
09:23:38.0720 0x6b560 RdpVideoMiniport - ok
09:23:38.0729 0x6b560 [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
09:23:38.0745 0x6b560 rdyboost - ok
09:23:38.0765 0x6b560 [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
09:23:38.0802 0x6b560 ReFSv1 - ok
09:23:38.0818 0x6b560 [ FD2B3A645798A2EFB7FB61AC42AAA611, 8A121D361A73CA19AA87B1AD33B8020A99444BF4C8904944AD5913C5083859B8 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:23:38.0843 0x6b560 RemoteAccess - ok
09:23:38.0849 0x6b560 [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:23:38.0869 0x6b560 RemoteRegistry - ok
09:23:38.0882 0x6b560 [ 94DCF20DF6170B557AFD386E37C128BC, 70FB7C7A7D2BFA95EACEEE38B39E1DCA93DA63AE1898C4F54956B9413C60EB88 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
09:23:38.0914 0x6b560 RetailDemo - ok
09:23:38.0921 0x6b560 [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
09:23:38.0941 0x6b560 RFCOMM - ok
09:23:38.0947 0x6b560 [ 068220E1B417556F4226E6A3CA0A1C24, 381DD82EF6EAEE83B5B3FA123D04A4D1EEB3407737683C22BBA787C39DCAFFE3 ] RmSvc C:\WINDOWS\System32\RMapi.dll
09:23:38.0968 0x6b560 RmSvc - ok
09:23:38.0972 0x6b560 [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
09:23:38.0986 0x6b560 RpcEptMapper - ok
09:23:38.0989 0x6b560 [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator C:\WINDOWS\system32\locator.exe
09:23:39.0002 0x6b560 RpcLocator - ok
09:23:39.0019 0x6b560 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs C:\WINDOWS\system32\rpcss.dll
09:23:39.0055 0x6b560 RpcSs - ok
09:23:39.0059 0x6b560 [ 2968DDD31BD48AA959FEEDF1AFDF8504, 47CFB7EB43234F4B3227DE9B38126BA584A2080BA504DA859683049C599D505C ] RrNetCapFilterDriver C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys
09:23:39.0066 0x6b560 RrNetCapFilterDriver - ok
09:23:39.0071 0x6b560 [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
09:23:39.0084 0x6b560 rspndr - ok
09:23:39.0087 0x6b560 [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
09:23:39.0098 0x6b560 s3cap - ok
09:23:39.0102 0x6b560 [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] SamSs C:\WINDOWS\system32\lsass.exe
09:23:39.0113 0x6b560 SamSs - ok
09:23:39.0127 0x6b560 [ E5F023E323CB9A7903ABF35C80E7F38B, 3E465E715FF0F27C2A1B4F221B16C8E5347FFB993F56AA2EAAC02A49297253C3 ] Samsung Link Service C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
09:23:39.0145 0x6b560 Samsung Link Service - ok
09:23:39.0151 0x6b560 [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
09:23:39.0163 0x6b560 sbp2port - ok
09:23:39.0172 0x6b560 [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
09:23:39.0194 0x6b560 SCardSvr - ok
09:23:39.0201 0x6b560 [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
09:23:39.0221 0x6b560 ScDeviceEnum - ok
09:23:39.0226 0x6b560 [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
09:23:39.0240 0x6b560 scfilter - ok
09:23:39.0258 0x6b560 [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:23:39.0302 0x6b560 Schedule - ok
09:23:39.0307 0x6b560 [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
09:23:39.0319 0x6b560 scmbus - ok
09:23:39.0324 0x6b560 [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101 C:\WINDOWS\System32\drivers\scmdisk0101.sys
09:23:39.0339 0x6b560 scmdisk0101 - ok
09:23:39.0347 0x6b560 [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
09:23:39.0367 0x6b560 SCPolicySvc - ok
09:23:39.0374 0x6b560 [ FCBB8A17B4437B2CA8CC8DA8CB1D306E, 5FA762B1B6C8A45ED6F304A45B500038537ABD3DF6328F3C8E2BD43CBDEAB835 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
09:23:39.0391 0x6b560 sdbus - ok
09:23:39.0398 0x6b560 [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
09:23:39.0413 0x6b560 SDRSVC - ok
09:23:39.0418 0x6b560 [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
09:23:39.0428 0x6b560 sdstor - ok
09:23:39.0432 0x6b560 [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon C:\WINDOWS\system32\seclogon.dll
09:23:39.0444 0x6b560 seclogon - ok
09:23:39.0449 0x6b560 [ B605A44ACA1FCFF736235A4D7AEDA548, 48D8B5BC027CFE91AF7402C463327572181D4C1B1E2942F4D05792EED070B2DC ] SENS C:\WINDOWS\System32\sens.dll
09:23:39.0467 0x6b560 SENS - ok
09:23:39.0471 0x6b560 Sense - ok
09:23:39.0497 0x6b560 [ 1CC993A041899B48D5DF4D3F4A4425FC, 8D138B3A92C0E181C865A37AD55EE2D55CC352ED9B60BF60BE0AC610F13F8FA1 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
09:23:39.0553 0x6b560 SensorDataService - ok
09:23:39.0565 0x6b560 [ 7BFD114F0F308CE29AEB8F16056D0658, 0CD3B3C69DCB3EAD8F8EF5C633911DD4F2C1167DC6FE28107EE38713A35A1F5C ] SensorService C:\WINDOWS\system32\SensorService.dll
09:23:39.0589 0x6b560 SensorService - ok
09:23:39.0595 0x6b560 [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
09:23:39.0611 0x6b560 SensrSvc - ok
09:23:39.0615 0x6b560 [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
09:23:39.0624 0x6b560 SerCx - ok
09:23:39.0630 0x6b560 [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
09:23:39.0642 0x6b560 SerCx2 - ok
09:23:39.0646 0x6b560 [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
09:23:39.0656 0x6b560 Serenum - ok
09:23:39.0661 0x6b560 [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial C:\WINDOWS\System32\drivers\serial.sys
09:23:39.0675 0x6b560 Serial - ok
09:23:39.0678 0x6b560 [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
09:23:39.0689 0x6b560 sermouse - ok
09:23:39.0703 0x6b560 [ D525D273BE5691BDACE72B07AB0D1E02, 9231BD2137E71B3D555CEBBA8811297F239FDA08BF573CA4741D03D76718B5B1 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
09:23:39.0729 0x6b560 SessionEnv - ok
09:23:39.0732 0x6b560 [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
09:23:39.0742 0x6b560 sfloppy - ok
09:23:39.0756 0x6b560 [ 3D0069B8F0C2FB1B0F13DBDB57593DAD, 4CEC91BC45A51C4E445D2DD8A13AC97719D5AAC1DBA8EA9166D2A354E7857378 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:23:39.0790 0x6b560 SharedAccess - ok
09:23:39.0804 0x6b560 [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:23:39.0841 0x6b560 ShellHWDetection - ok
09:23:39.0848 0x6b560 [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
09:23:39.0864 0x6b560 shpamsvc - ok
09:23:39.0868 0x6b560 [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
09:23:39.0877 0x6b560 SiSRaid2 - ok
09:23:39.0881 0x6b560 [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
09:23:39.0891 0x6b560 SiSRaid4 - ok
09:23:39.0900 0x6b560 [ 6749AD471D1D44CBD1F30257C861F77B, D5A554F35E380948F13BFE0673B49F8FD8AE5A438BF3645857522E2560A58685 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:23:39.0914 0x6b560 SkypeUpdate - ok
09:23:39.0918 0x6b560 [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost C:\WINDOWS\System32\smphost.dll
09:23:39.0929 0x6b560 smphost - ok
09:23:39.0943 0x6b560 [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
09:23:39.0974 0x6b560 SmsRouter - ok
09:23:39.0987 0x6b560 [ 47BBEA2DB493F8E0F3179FE47DA9801B, 29A891540B6E447A09CC52DD6D9A9512644D1D3029C2931121B9F485C8F42BF8 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
09:23:39.0999 0x6b560 snapman - ok
09:23:40.0003 0x6b560 [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
09:23:40.0017 0x6b560 SNMPTRAP - ok
09:23:40.0028 0x6b560 [ 3DB9C2950439B61A038BF83E697C7A14, 6BF5EA5D4A251CB982F336840A60EF4241A3FC7442E7CD4D7C82199F5BF8D4D2 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
09:23:40.0050 0x6b560 spaceport - ok
09:23:40.0056 0x6b560 [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
09:23:40.0066 0x6b560 SpbCx - ok
09:23:40.0070 0x6b560 [ 85E915D043427BA7BCED955716A22ECD, 294A78F2F0DB60B2496D60D1692F3ADD5AFE0B103844BEEAFA6FBEE57EEA2B16 ] SpeedupService C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
09:23:40.0078 0x6b560 SpeedupService - ok
09:23:40.0096 0x6b560 [ DA5A9752A702E86AFC10F06115A8AF4C, 1EBF973AAEE0D851934CFD99BF6FC3B33D6EF5EDE95F81450D2EA18117172FC9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
09:23:40.0138 0x6b560 Spooler - ok
09:23:40.0234 0x6b560 [ DB386D52ABDCF0577B6921D02EEDC8B3, 523247781F230B7273248C2AB8262E63BBE55EFD2DE0DF9A40F5FA0DA7DD2AE6 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
09:23:40.0374 0x6b560 sppsvc - ok
09:23:40.0391 0x6b560 [ EDCDCD95B916DB156A903AC6256F0CCF, 4158EFE298235EDE2C34CE9F3978A4F3690379F14B21F917647EEAA0A8C1DE4A ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:23:40.0414 0x6b560 srv - ok
09:23:40.0428 0x6b560 [ DF7147DE10921DBAAE9F9EEF94590E10, 2222BA441227056DA17194648B3AF49655650F7BBA9E4A9ACEF519E392099C6D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
09:23:40.0460 0x6b560 srv2 - ok
09:23:40.0468 0x6b560 [ 416D224AF7481A4179F018FB1F9A5B6B, 38159D7957A8091DFC5C32DCAC4DB07FDE14BBE4E75B4E61B4FBB332E3F9259D ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
09:23:40.0486 0x6b560 srvnet - ok
09:23:40.0494 0x6b560 [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:23:40.0514 0x6b560 SSDPSRV - ok
09:23:40.0521 0x6b560 [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
09:23:40.0541 0x6b560 SstpSvc - ok
09:23:40.0612 0x6b560 [ DF762D30EF0EE10E569C507BE75EAA6B, C23BA05E778CF1A547E7D3FE2226E0E68917570C56D5E703E599CAF2FD10BD17 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
09:23:40.0753 0x6b560 StateRepository - ok
09:23:40.0761 0x6b560 [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
09:23:40.0771 0x6b560 stexstor - ok
09:23:40.0775 0x6b560 [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
09:23:40.0786 0x6b560 StillCam - ok
09:23:40.0801 0x6b560 [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc C:\WINDOWS\System32\wiaservc.dll
09:23:40.0837 0x6b560 stisvc - ok
09:23:40.0843 0x6b560 [ 0FE3B9A9E40DE1029B0AC2368A3F765D, AB06795E456DB9CE4E5A91DD1C2638B4D474CE1C5DB4819D5EE17A337D74A231 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
09:23:40.0853 0x6b560 storahci - ok
09:23:40.0857 0x6b560 [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
09:23:40.0867 0x6b560 storflt - ok
09:23:40.0871 0x6b560 [ B739FF1C1FAF9D0ADFBFB0FD59A5AB37, F128D872283AD1F91B56667DB885E7404D76B1CC72D6D71382C5DFA19AE433ED ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
09:23:40.0881 0x6b560 stornvme - ok
09:23:40.0886 0x6b560 [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
09:23:40.0900 0x6b560 storqosflt - ok
09:23:40.0911 0x6b560 [ 6C982BC7E4DB161530A0D831718D7113, B0FAEACC91023031E53A161ECEFCF62764C96B8705E9089B4A7B4F7A2F3B6BAA ] StorSvc C:\WINDOWS\system32\storsvc.dll
09:23:40.0938 0x6b560 StorSvc - ok
09:23:40.0942 0x6b560 [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
09:23:40.0953 0x6b560 storufs - ok
09:23:40.0957 0x6b560 [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
09:23:40.0966 0x6b560 storvsc - ok
09:23:40.0970 0x6b560 [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc C:\WINDOWS\system32\svsvc.dll
09:23:40.0985 0x6b560 svsvc - ok
09:23:40.0989 0x6b560 [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum C:\WINDOWS\System32\drivers\swenum.sys
09:23:40.0997 0x6b560 swenum - ok
09:23:41.0008 0x6b560 [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv C:\WINDOWS\System32\swprv.dll
09:23:41.0039 0x6b560 swprv - ok
09:23:41.0199 0x6b560 [ B45170D4F669670FB31A11292AB8E314, E04C10D15D2FC0A4851DCCCC8AB93C64C89F8E2C73530083255854DA6D684229 ] syncagentsrv C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
09:23:41.0397 0x6b560 syncagentsrv - ok
09:23:41.0415 0x6b560 [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
09:23:41.0427 0x6b560 Synth3dVsc - ok
09:23:41.0446 0x6b560 [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain C:\WINDOWS\system32\sysmain.dll
09:23:41.0497 0x6b560 SysMain - ok
09:23:41.0508 0x6b560 [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
09:23:41.0532 0x6b560 SystemEventsBroker - ok
09:23:41.0539 0x6b560 [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
09:23:41.0558 0x6b560 TabletInputService - ok
09:23:41.0562 0x6b560 [ 134B275751051C5D03F9ACCDC4F8CAAB, D50F96485AF6F26EA9A5A3A2ADEACC2DFD3B2ABCDAB88195B75CC72EAC543BE2 ] tap0901 C:\WINDOWS\System32\drivers\tap0901.sys
09:23:41.0573 0x6b560 tap0901 - ok
09:23:41.0578 0x6b560 [ E790E904BB06081F5A3DAFE87F20D06B, F09F574A134E87B9578B914ACD028AF49031CDC788989A073197774A49FFFD17 ] taphss6 C:\WINDOWS\System32\drivers\taphss6.sys
09:23:41.0586 0x6b560 taphss6 - ok
09:23:41.0596 0x6b560 [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:23:41.0621 0x6b560 TapiSrv - ok
09:23:41.0626 0x6b560 [ E432A6F8725F29514144C0CB62CA5A96, 4476E0E26F9ED8E713F85B05B17A21291B8A7F2A91D7DAD17FAA3986CE3F4C22 ] tbhsd C:\WINDOWS\system32\drivers\tbhsd.sys
09:23:41.0636 0x6b560 tbhsd - ok
09:23:41.0683 0x6b560 [ F84655A11FB61D4B0778525575775EA9, 0B7404963187E8CAAC1217C7BF0DAF787A04355CDF71091E1FE055FC46E21564 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
09:23:41.0749 0x6b560 Tcpip - ok
09:23:41.0795 0x6b560 [ F84655A11FB61D4B0778525575775EA9, 0B7404963187E8CAAC1217C7BF0DAF787A04355CDF71091E1FE055FC46E21564 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
09:23:41.0862 0x6b560 Tcpip6 - ok
09:23:41.0871 0x6b560 [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
09:23:41.0882 0x6b560 tcpipreg - ok
09:23:41.0890 0x6b560 [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
09:23:41.0901 0x6b560 tdx - ok
09:23:42.0029 0x6b560 [ D778B8E00A5ABF6C27DDB74F382ACBE9, E874053B0DC603465F08559961E57D9D65AAFA0C8E525B606F91299BC1BE309B ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
09:23:42.0175 0x6b560 TeamViewer - ok
09:23:42.0187 0x6b560 [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
09:23:42.0197 0x6b560 terminpt - ok
09:23:42.0219 0x6b560 [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService C:\WINDOWS\System32\termsrv.dll
09:23:42.0263 0x6b560 TermService - ok
09:23:42.0269 0x6b560 [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes C:\WINDOWS\system32\themeservice.dll
09:23:42.0288 0x6b560 Themes - ok
09:23:42.0315 0x6b560 [ 782F44534AD9DD88B12B6A77E18CE1B7, 700405046AE11C7DD8A89E7C5A8F595C6A7810D5DF521123FF571D40E6D80612 ] tib C:\WINDOWS\system32\DRIVERS\tib.sys
09:23:42.0349 0x6b560 tib - ok
09:23:42.0356 0x6b560 [ A0BC8A10ECF59D52FDA727E7D4B3EC18, ACA640F33E8A889AD098A4308A7E7EBDDEC934EAC627B4AD635F77F9939AAC9A ] tib_mounter C:\WINDOWS\system32\DRIVERS\tib_mounter.sys
09:23:42.0366 0x6b560 tib_mounter - ok
09:23:42.0374 0x6b560 [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
09:23:42.0397 0x6b560 TieringEngineService - ok
09:23:42.0412 0x6b560 [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
09:23:42.0443 0x6b560 tiledatamodelsvc - ok
09:23:42.0451 0x6b560 [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
09:23:42.0470 0x6b560 TimeBrokerSvc - ok
09:23:42.0485 0x6b560 [ 14A19E7121FAFFB54251F5740B28AF16, 2EEDAEDE51CFA8EB5D7D2FBBC2B8B2E70D045AFD3F288221B756D9CF45185DC3 ] tnd C:\WINDOWS\system32\DRIVERS\tnd.sys
09:23:42.0503 0x6b560 tnd - ok
09:23:42.0509 0x6b560 [ 45FFA5ED5E7EBA76EBEBCE08B824EA50, A526DB82A04B4092D22A053466A8D67742521CF68E77539F2567B556D3473E34 ] TotRec8 C:\WINDOWS\system32\drivers\TotRec8.sys
09:23:42.0517 0x6b560 TotRec8 - ok
09:23:42.0524 0x6b560 [ 798C8CB861EB09C5AFB77468E5449BBB, F6631E779159B99B097A59792D11713809CA493618B6A210A4BC905F16782094 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
09:23:42.0538 0x6b560 TPM - ok
09:23:42.0544 0x6b560 [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks C:\WINDOWS\System32\trkwks.dll
09:23:42.0560 0x6b560 TrkWks - ok
09:23:42.0565 0x6b560 [ AF343840E793BE63A9C646760BE8F2CD, 483FE55873A01DB7ACEC99B6823DAACC9EA7C67D36C6F12698113B31A7D5B8BE ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
09:23:42.0579 0x6b560 TrustedInstaller - ok
09:23:42.0585 0x6b560 [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
09:23:42.0598 0x6b560 tsusbflt - ok
09:23:42.0602 0x6b560 [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
09:23:42.0615 0x6b560 TsUsbGD - ok
09:23:42.0621 0x6b560 [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub C:\WINDOWS\system32\drivers\tsusbhub.sys
09:23:42.0634 0x6b560 tsusbhub - ok
09:23:42.0642 0x6b560 [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
09:23:42.0657 0x6b560 tunnel - ok
09:23:42.0662 0x6b560 [ 0F38FCE8C61CC14DE3718FAB5FFC0D3A, 527071956BDC0F2863DCDFEDD314DB5265A6AE525F810186F508E0D58A97D767 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
09:23:42.0678 0x6b560 tzautoupdate - ok
09:23:42.0683 0x6b560 [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
09:23:42.0693 0x6b560 UASPStor - ok
09:23:42.0698 0x6b560 [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
09:23:42.0714 0x6b560 UcmCx0101 - ok
09:23:42.0720 0x6b560 [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
09:23:42.0734 0x6b560 UcmTcpciCx0101 - ok
09:23:42.0738 0x6b560 [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
09:23:42.0751 0x6b560 UcmUcsi - ok
09:23:42.0757 0x6b560 [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
09:23:42.0771 0x6b560 Ucx01000 - ok
09:23:42.0775 0x6b560 [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
09:23:42.0786 0x6b560 UdeCx - ok
09:23:42.0795 0x6b560 [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
09:23:42.0818 0x6b560 udfs - ok
09:23:42.0823 0x6b560 [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
09:23:42.0834 0x6b560 UEFI - ok
09:23:42.0838 0x6b560 [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver C:\WINDOWS\system32\drivers\UevAgentDriver.sys
09:23:42.0849 0x6b560 UevAgentDriver - ok
09:23:42.0872 0x6b560 [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\WINDOWS\system32\AgentService.exe
09:23:42.0924 0x6b560 UevAgentService - ok
09:23:42.0933 0x6b560 [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
09:23:42.0948 0x6b560 Ufx01000 - ok
09:23:42.0954 0x6b560 [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
09:23:42.0966 0x6b560 UfxChipidea - ok
09:23:42.0971 0x6b560 [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
09:23:42.0985 0x6b560 ufxsynopsys - ok
09:23:42.0994 0x6b560 [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
09:23:43.0009 0x6b560 UI0Detect - ok
09:23:43.0014 0x6b560 [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus C:\WINDOWS\System32\drivers\umbus.sys
09:23:43.0025 0x6b560 umbus - ok
09:23:43.0029 0x6b560 [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
09:23:43.0040 0x6b560 UmPass - ok
09:23:43.0049 0x6b560 [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
09:23:43.0071 0x6b560 UmRdpService - ok
09:23:43.0094 0x6b560 [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
09:23:43.0146 0x6b560 UnistoreSvc - ok
09:23:43.0161 0x6b560 [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost C:\WINDOWS\System32\upnphost.dll
09:23:43.0194 0x6b560 upnphost - ok
09:23:43.0198 0x6b560 [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
09:23:43.0209 0x6b560 UrsChipidea - ok
09:23:43.0213 0x6b560 [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
09:23:43.0221 0x6b560 UrsCx01000 - ok
09:23:43.0226 0x6b560 [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
09:23:43.0235 0x6b560 UrsSynopsys - ok
09:23:43.0240 0x6b560 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
09:23:43.0256 0x6b560 USBAAPL64 - ok
09:23:43.0262 0x6b560 [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
09:23:43.0275 0x6b560 usbccgp - ok
09:23:43.0281 0x6b560 [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
09:23:43.0296 0x6b560 usbcir - ok
09:23:43.0303 0x6b560 [ 5F446E44B402B5FD12056EA57F929E42, 1EFE583AFBFD36E1CCD8F933A0476661BD213FA18FD4352066CA2F28C1D63C7E ] UsbClientService C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
09:23:43.0315 0x6b560 UsbClientService - ok
09:23:43.0320 0x6b560 [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
09:23:43.0332 0x6b560 usbehci - ok
09:23:43.0344 0x6b560 [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
09:23:43.0364 0x6b560 usbhub - ok
09:23:43.0377 0x6b560 [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
09:23:43.0398 0x6b560 USBHUB3 - ok
09:23:43.0403 0x6b560 [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
09:23:43.0414 0x6b560 usbohci - ok
09:23:43.0418 0x6b560 [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
09:23:43.0431 0x6b560 usbprint - ok
09:23:43.0436 0x6b560 [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
09:23:43.0448 0x6b560 usbser - ok
09:23:43.0462 0x6b560 [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
09:23:43.0476 0x6b560 USBSTOR - ok
09:23:43.0480 0x6b560 [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
09:23:43.0493 0x6b560 usbuhci - ok
09:23:43.0501 0x6b560 [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
09:23:43.0518 0x6b560 usbvideo - ok
09:23:43.0527 0x6b560 [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
09:23:43.0544 0x6b560 USBXHCI - ok
09:23:43.0573 0x6b560 [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
09:23:43.0634 0x6b560 UserDataSvc - ok
09:23:43.0658 0x6b560 [ 8F6DAAFDDDA27D83ACC8C7FF1536CAF6, 5E1B67A5B388CBB3B193C238546BAD4DC5F5DF54859E16607A60681E6D38FA73 ] UserManager C:\WINDOWS\System32\usermgr.dll
09:23:43.0708 0x6b560 UserManager - ok
09:23:43.0722 0x6b560 [ C7CC4F8EA7FC1DE4221103B39360ABA0, 00B12186D731C3869022DCE763B243123D4E0B9BD0EA52AD9C95F9416F13FFD1 ] UsoSvc C:\WINDOWS\system32\usocore.dll
09:23:43.0763 0x6b560 UsoSvc - ok
09:23:43.0769 0x6b560 [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] VaultSvc C:\WINDOWS\system32\lsass.exe
09:23:43.0779 0x6b560 VaultSvc - ok
09:23:43.0798 0x6b560 [ E0BDAB45FEB6A1931A67252CB1396198, BAB0834B9D4BFC48E64F04826D11786780F00CA5A3EA9B753B10A0373299EDE9 ] VBoxDrv C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
09:23:43.0823 0x6b560 VBoxDrv - ok
09:23:43.0830 0x6b560 [ F429FED78CC80F85BD55CDA8403FD681, 581579E2616D4F69B068BC37C63DD0EC87AE28F1D011B9564EB7756A1FD22A9F ] VBoxNetAdp C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys
09:23:43.0839 0x6b560 VBoxNetAdp - ok
09:23:43.0845 0x6b560 [ 9A0B657A56AFC4F7E9C00E130A45FC08, C7BA38E3EA8CC9B3417791F462A5287ECE07F297A4FAB79FA411C50AF70AF234 ] VBoxNetLwf C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys
09:23:43.0854 0x6b560 VBoxNetLwf - ok
09:23:43.0861 0x6b560 [ A6E84BD62BE092FD417B37C1743026D6, F1DA6AC17B6EA296D64B1D7FF128A6905DC4A4E2EB176F38087A784BB4289ED3 ] VBoxUSB C:\WINDOWS\System32\Drivers\VBoxUSB.sys
09:23:43.0870 0x6b560 VBoxUSB - ok
09:23:43.0876 0x6b560 [ 992352A818AA2E67E3724C056C7385D7, 0A0B4CFCC7AA5AE19B3864E5EC3FE4C1CA7D371BFE5E48047D2893576A601FD9 ] VBoxUSBMon C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
09:23:43.0886 0x6b560 VBoxUSBMon - ok
09:23:43.0891 0x6b560 [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
09:23:43.0901 0x6b560 vdrvroot - ok
09:23:43.0916 0x6b560 [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds C:\WINDOWS\System32\vds.exe
09:23:43.0949 0x6b560 vds - ok
09:23:43.0958 0x6b560 [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
09:23:43.0971 0x6b560 VerifierExt - ok
09:23:43.0986 0x6b560 [ C12B4859FC255AA6B3021CF8BB14A11F, E95922351825D23ABCADD173E9256FC9AFFF28555DD1971CFF5666A2055958C5 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
09:23:44.0012 0x6b560 vhdmp - ok
09:23:44.0017 0x6b560 [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
09:23:44.0030 0x6b560 vhf - ok
09:23:44.0040 0x6b560 [ 3F82D17D3D418CF298110A19F007F7A6, DA9646BBF2A94CB7330E46D9AF123E269CA03D2C733F58F95A3C648829EF3E8B ] virtual_file C:\WINDOWS\system32\DRIVERS\virtual_file.sys
09:23:44.0052 0x6b560 virtual_file - ok
09:23:44.0057 0x6b560 [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
09:23:44.0068 0x6b560 vmbus - ok
09:23:44.0072 0x6b560 [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
09:23:44.0083 0x6b560 VMBusHID - ok
09:23:44.0088 0x6b560 [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
09:23:44.0098 0x6b560 vmgid - ok
09:23:44.0107 0x6b560 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
09:23:44.0126 0x6b560 vmicguestinterface - ok
09:23:44.0134 0x6b560 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
09:23:44.0155 0x6b560 vmicheartbeat - ok
09:23:44.0162 0x6b560 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
09:23:44.0181 0x6b560 vmickvpexchange - ok
09:23:44.0191 0x6b560 [ DC3172A6EB5DDB5EF94CB734CB7D4E63, 812971E0C2C18C876FFC9A46F1563801894C2EE9DD01CE1A641A0C68C0C1C6E2 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
09:23:44.0213 0x6b560 vmicrdv - ok
09:23:44.0222 0x6b560 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
09:23:44.0240 0x6b560 vmicshutdown - ok
09:23:44.0247 0x6b560 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
09:23:44.0266 0x6b560 vmictimesync - ok
09:23:44.0275 0x6b560 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
09:23:44.0295 0x6b560 vmicvmsession - ok
09:23:44.0304 0x6b560 [ DC3172A6EB5DDB5EF94CB734CB7D4E63, 812971E0C2C18C876FFC9A46F1563801894C2EE9DD01CE1A641A0C68C0C1C6E2 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
09:23:44.0327 0x6b560 vmicvss - ok
09:23:44.0332 0x6b560 [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
09:23:44.0344 0x6b560 volmgr - ok
09:23:44.0355 0x6b560 [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
09:23:44.0370 0x6b560 volmgrx - ok
09:23:44.0381 0x6b560 [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
09:23:44.0397 0x6b560 volsnap - ok
09:23:44.0402 0x6b560 [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume C:\WINDOWS\system32\drivers\volume.sys
09:23:44.0414 0x6b560 volume - ok
09:23:44.0419 0x6b560 [ 04BEC879AD7B3FDDD0339B19FECB0160, 8C92755DDB41AD7DDA1643D7F32FAA0FCA7E2C65C69611EB5EC1B3276EA8DBC7 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
09:23:44.0429 0x6b560 vpci - ok
09:23:44.0436 0x6b560 [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
09:23:44.0447 0x6b560 vsmraid - ok
09:23:44.0474 0x6b560 [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS C:\WINDOWS\system32\vssvc.exe
09:23:44.0535 0x6b560 VSS - ok
09:23:44.0548 0x6b560 [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
09:23:44.0567 0x6b560 VSTXRAID - ok
09:23:44.0572 0x6b560 [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
09:23:44.0587 0x6b560 vwifibus - ok
09:23:44.0593 0x6b560 [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
09:23:44.0607 0x6b560 vwififlt - ok
09:23:44.0612 0x6b560 [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
09:23:44.0626 0x6b560 vwifimp - ok
09:23:44.0640 0x6b560 [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time C:\WINDOWS\system32\w32time.dll
09:23:44.0670 0x6b560 W32Time - ok
09:23:44.0675 0x6b560 [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
09:23:44.0687 0x6b560 WacomPen - ok
09:23:44.0700 0x6b560 [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService C:\WINDOWS\system32\WalletService.dll
09:23:44.0729 0x6b560 WalletService - ok
09:23:44.0735 0x6b560 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:23:44.0753 0x6b560 wanarp - ok
09:23:44.0757 0x6b560 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:23:44.0777 0x6b560 wanarpv6 - ok
09:23:44.0809 0x6b560 [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine C:\WINDOWS\system32\wbengine.exe
09:23:44.0872 0x6b560 wbengine - ok
09:23:44.0894 0x6b560 [ 6BE945D6DE02713BAD8627205CDF9F48, F6548EAF5D67DA4682D8B31E5B565606DEAAB9276B44F25F1A4203AB61B9400B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
09:23:44.0932 0x6b560 WbioSrvc - ok
09:23:44.0939 0x6b560 [ CD24DEEA22152524CCFE859591D12A57, C60ACF77647E5D6EDC10BBBCF974DF264145123C8EDB6506AFA9C949EBA53D7F ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
09:23:44.0951 0x6b560 wcifs - ok
09:23:44.0967 0x6b560 [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
09:23:45.0006 0x6b560 Wcmsvc - ok
09:23:45.0018 0x6b560 [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
09:23:45.0044 0x6b560 wcncsvc - ok
09:23:45.0049 0x6b560 [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
09:23:45.0061 0x6b560 wcnfs - ok
09:23:45.0066 0x6b560 [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
09:23:45.0078 0x6b560 WdBoot - ok
09:23:45.0097 0x6b560 [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
09:23:45.0122 0x6b560 Wdf01000 - ok
09:23:45.0131 0x6b560 [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
09:23:45.0149 0x6b560 WdFilter - ok
09:23:45.0154 0x6b560 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
09:23:45.0173 0x6b560 WdiServiceHost - ok
09:23:45.0178 0x6b560 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
09:23:45.0194 0x6b560 WdiSystemHost - ok
09:23:45.0210 0x6b560 [ 373DF27CD5D5E50FFA2A90FEE0C0D994, 09E6C6C690AEE1C1A9A84BBA87A934040B2A20F677E5F5B2D24F8433B61BD81E ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
09:23:45.0244 0x6b560 wdiwifi - ok
09:23:45.0251 0x6b560 [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
09:23:45.0263 0x6b560 WdNisDrv - ok
09:23:45.0266 0x6b560 WdNisSvc - ok
09:23:45.0274 0x6b560 [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:23:45.0296 0x6b560 WebClient - ok
09:23:45.0303 0x6b560 [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
09:23:45.0323 0x6b560 Wecsvc - ok
09:23:45.0328 0x6b560 [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
09:23:45.0343 0x6b560 WEPHOSTSVC - ok
09:23:45.0349 0x6b560 [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
09:23:45.0371 0x6b560 wercplsupport - ok
09:23:45.0378 0x6b560 [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
09:23:45.0398 0x6b560 WerSvc - ok
09:23:45.0405 0x6b560 [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
09:23:45.0417 0x6b560 WFPLWFS - ok
09:23:45.0423 0x6b560 [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
09:23:45.0438 0x6b560 WiaRpc - ok
09:23:45.0442 0x6b560 [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
09:23:45.0453 0x6b560 WIMMount - ok
09:23:45.0456 0x6b560 WinDefend - ok
09:23:45.0467 0x6b560 [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
09:23:45.0481 0x6b560 WindowsTrustedRT - ok
09:23:45.0486 0x6b560 [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
09:23:45.0498 0x6b560 WindowsTrustedRTProxy - ok
09:23:45.0515 0x6b560 [ C9E7D91A044B77CBCB4121C06610A86C, 9FF039D67A5CE4732920EA4F1F5CFD9DE0AAADC34829A007EA697030D42D3623 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
09:23:45.0552 0x6b560 WinHttpAutoProxySvc - ok
09:23:45.0558 0x6b560 [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
09:23:45.0569 0x6b560 WinMad - ok
09:23:45.0578 0x6b560 [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:23:45.0596 0x6b560 Winmgmt - ok
09:23:45.0646 0x6b560 [ F86E9029774478D276E0AAB7D169896D, EDCB96F745E1F16BDFF70B140B38412096FA29A407157183223AE6111CBB4B38 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
09:23:45.0756 0x6b560 WinRM - ok
09:23:45.0770 0x6b560 [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
09:23:45.0782 0x6b560 WINUSB - ok
09:23:45.0787 0x6b560 [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
09:23:45.0798 0x6b560 WinVerbs - ok
09:23:45.0812 0x6b560 [ 4D694EDF85F1BFC463B15846D4E00A9B, 4ED44C0E22D2843121E4C8A58F97B526BB7D85C0D7A0BB4B1158A970258C791E ] wisvc C:\WINDOWS\system32\flightsettings.dll
09:23:45.0843 0x6b560 wisvc - ok
09:23:45.0885 0x6b560 [ 0ECFEB0CABA7FEE6E14FAD5D6BF4777E, 7C8F69E1B04B5F7853D18216C91233B7DD53760281B295DA7D23024C0D4B378A ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
09:23:45.0976 0x6b560 WlanSvc - ok
09:23:46.0016 0x6b560 [ 7A98AF088E0B1A5EB98863B14F493716, 8B2F8D02AC0637C72859AF29C05C01D7D1C81C6A15CBE2D579F27F3254E66076 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
09:23:46.0110 0x6b560 wlidsvc - ok
09:23:46.0117 0x6b560 [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
09:23:46.0129 0x6b560 WmiAcpi - ok
09:23:46.0137 0x6b560 [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
09:23:46.0155 0x6b560 wmiApSrv - ok
09:23:46.0159 0x6b560 WMPNetworkSvc - ok
09:23:46.0168 0x6b560 [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
09:23:46.0190 0x6b560 Wof - ok
09:23:46.0232 0x6b560 [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
09:23:46.0317 0x6b560 workfolderssvc - ok
09:23:46.0327 0x6b560 [ 79BC1B53D405EF546D3B809C6D1699ED, 9D68AC3B0AC24AE87F6152BF4B55E1EC19F2562602C04C3640C380B5B1E8FE76 ] WO_LiveService2 C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe
09:23:46.0341 0x6b560 WO_LiveService2 - ok
09:23:46.0347 0x6b560 [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
09:23:46.0363 0x6b560 WPDBusEnum - ok
09:23:46.0369 0x6b560 [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
09:23:46.0378 0x6b560 WpdUpFltr - ok
09:23:46.0387 0x6b560 [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService C:\WINDOWS\system32\WpnService.dll
09:23:46.0410 0x6b560 WpnService - ok
09:23:46.0415 0x6b560 [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
09:23:46.0432 0x6b560 WpnUserService - ok
09:23:46.0440 0x6b560 [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
09:23:46.0453 0x6b560 ws2ifsl - ok
09:23:46.0461 0x6b560 [ 519806FBCF00A0B17B8E03297DB0F551, 1911EA7168B06DBF3D36833120E4731437BF1ACC294C289B132C50280A40F548 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
09:23:46.0483 0x6b560 wscsvc - ok
09:23:46.0487 0x6b560 [ 696EC2EAA2A42A137CCBB9A84D6917C0, 424089F4F373962AF8357C5D4D43F35948989BE3F58EAD3690F565F4C1BBC66F ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
09:23:46.0503 0x6b560 WSDPrintDevice - ok
09:23:46.0510 0x6b560 [ 3AA0D972025DB9D298D2AB8513F51ABC, 5B610C6AB50517586740E22EDE739CBFF6D7E88E5F6706787FF86730880BACD3 ] WsDrvInst C:\Program Files (x86)\Wondershare\TunesGo Retro\DriverInstall.exe
09:23:46.0521 0x6b560 WsDrvInst - ok
09:23:46.0525 0x6b560 WSearch - ok
09:23:46.0570 0x6b560 [ 3E63CC6D9F6EEACCCCA2837B812A96CD, 3B472BD0DACB07F0AA70373D20B0CF0241EAC48500B3ED6C6C8D13DD5947C43F ] wuauserv C:\WINDOWS\system32\wuaueng.dll
09:23:46.0667 0x6b560 wuauserv - ok
09:23:46.0675 0x6b560 [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
09:23:46.0692 0x6b560 WudfPf - ok
09:23:46.0701 0x6b560 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd C:\WINDOWS\system32\drivers\WudfRd.sys
09:23:46.0721 0x6b560 WUDFRd - ok
09:23:46.0727 0x6b560 [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
09:23:46.0745 0x6b560 wudfsvc - ok
09:23:46.0753 0x6b560 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:23:46.0774 0x6b560 WUDFWpdFs - ok
09:23:46.0780 0x6b560 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:23:46.0798 0x6b560 WUDFWpdMtp - ok
09:23:46.0826 0x6b560 [ 42DF36725C1B28EF40F94363BA9213ED, 87F7355FEF000326BFFC9ED24D6E32D05F36A549779A1D319603F94E6D8223FD ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
09:23:46.0887 0x6b560 WwanSvc - ok
09:23:46.0912 0x6b560 [ 38DDEB2AFE7D72B43DB116DACBFB97CD, 516368980793E22034298CA9C800D1AAD5B89979771182B74EB6E5FBC8BA1016 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
09:23:46.0968 0x6b560 XblAuthManager - ok
09:23:46.0994 0x6b560 [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
09:23:47.0045 0x6b560 XblGameSave - ok
09:23:47.0063 0x6b560 [ 59335CEA021FB89E07AD5DB5D17F09D0, 33FEFD5798BFA306FBEDCC8F2D0D984B6546A61B5026E921A8AC0466ADF2B698 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
09:23:47.0083 0x6b560 xboxgip - ok
09:23:47.0106 0x6b560 [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
09:23:47.0165 0x6b560 XboxNetApiSvc - ok
09:23:47.0172 0x6b560 [ 864F4209B03BE4267DDE09B067A165CA, C6751CB80940F320A742C38295E4FEEC85F99BE7D6C564AC5F5068E85A82421D ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
09:23:47.0186 0x6b560 xinputhid - ok
09:23:47.0199 0x6b560 [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
09:23:47.0215 0x6b560 ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
09:23:47.0255 0x6b560 Detect skipped due to KSN trusted
09:23:47.0255 0x6b560 ZAtheros Bt and Wlan Coex Agent - ok
09:23:47.0266 0x6b560 [ 77640C18D4130E84632A2B7EB3B7EA8E, 8C6133B93080737CAD3036BA0A484D11F997F54A4885261D4649C65A6BB37F19 ] {41E8078B-96D9-42DC-8789-A1CF102CD880} C:\Program Files (x86)\CyberLink\PowerDVD16\Common\NavFilter\000.fcl
09:23:47.0273 0x6b560 {41E8078B-96D9-42DC-8789-A1CF102CD880} - ok
09:23:47.0291 0x6b560 ================ Scan global ===============================
09:23:47.0296 0x6b560 [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
09:23:47.0308 0x6b560 [ 1FEF9536BA2779E2F3CB524E34BAC715, 6387C7E2FD538EFD9AC19B622AEC81F6F924576FDAB6F003AF5B6CBD33F6A379 ] C:\WINDOWS\system32\winsrv.dll
09:23:47.0324 0x6b560 [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
09:23:47.0340 0x6b560 [ 133390D061D94917125DC666DA67ECD0, 69D6FFF3E0A0C4D77A62B4D71E1E3A8D10D93C46782A1B05F0EC4B8919C384B9 ] C:\WINDOWS\system32\services.exe
09:23:47.0347 0x6b560 [ Global ] - ok
09:23:47.0348 0x6b560 ================ Scan MBR ==================================
09:23:47.0353 0x6b560 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:23:47.0376 0x6b560 \Device\Harddisk0\DR0 - ok
09:23:47.0378 0x6b560 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
09:23:47.0397 0x6b560 \Device\Harddisk1\DR1 - ok
09:23:47.0398 0x6b560 ================ Scan VBR ==================================
09:23:47.0400 0x6b560 [ D0210EBD38C9759A5E15873A8F694748 ] \Device\Harddisk0\DR0\Partition1
09:23:47.0400 0x6b560 \Device\Harddisk0\DR0\Partition1 - ok
09:23:47.0403 0x6b560 [ 6D4332CEB8E1E3FB69EFEFA758EBABCF ] \Device\Harddisk0\DR0\Partition2
09:23:47.0404 0x6b560 \Device\Harddisk0\DR0\Partition2 - ok
09:23:47.0407 0x6b560 [ 944A5071DD072FE9EDAA6FDB250DEC14 ] \Device\Harddisk1\DR1\Partition1
09:23:47.0408 0x6b560 \Device\Harddisk1\DR1\Partition1 - ok
09:23:47.0410 0x6b560 [ 01B3906E8E0FD4D7530C34D66E5E738F ] \Device\Harddisk1\DR1\Partition2
09:23:47.0411 0x6b560 \Device\Harddisk1\DR1\Partition2 - ok
09:23:47.0413 0x6b560 [ 8569A34794AB3CE7B60FB357FADFEA60 ] \Device\Harddisk1\DR1\Partition3
09:23:47.0413 0x6b560 \Device\Harddisk1\DR1\Partition3 - ok
09:23:47.0416 0x6b560 [ 71BC3AEA3C967FD4929C75F9AAE59798 ] \Device\Harddisk1\DR1\Partition4
09:23:47.0418 0x6b560 \Device\Harddisk1\DR1\Partition4 - ok
09:23:47.0420 0x6b560 [ 362FE74F7A7321792745D4FDC1F35C27 ] \Device\Harddisk1\DR1\Partition5
09:23:47.0421 0x6b560 \Device\Harddisk1\DR1\Partition5 - ok
09:23:47.0423 0x6b560 [ 11683F347371BB55F13112724A67F589 ] \Device\Harddisk1\DR1\Partition6
09:23:47.0423 0x6b560 \Device\Harddisk1\DR1\Partition6 - ok
09:23:47.0426 0x6b560 [ E536E1FEAB06E2AEE7F51DF6A00051B4 ] \Device\Harddisk1\DR1\Partition7
09:23:47.0426 0x6b560 \Device\Harddisk1\DR1\Partition7 - ok
09:23:47.0427 0x6b560 ================ Scan generic autorun ======================
09:23:47.0428 0x6b560 ETDCtrl - ok
09:23:47.0439 0x6b560 [ D159B3B505CEE62F8D10ECDA579BD606, 8FCC605CF54C2C9E9AE1BE2DDF6AF093D0A5288DE1EEFB9941EA0EC32DBD267F ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
09:23:47.0459 0x6b560 Acronis Scheduler2 Service - ok
09:23:47.0475 0x6b560 [ A7296BC11F8EC947C67951146FC6D5A3, C389A2A163256C0BAF9B061343D4F000313FEB6D1A36F6E4F9771271A9D9F43B ] C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
09:23:47.0496 0x6b560 Samsung Link - ok
09:23:47.0502 0x6b560 [ ADEA393B2B49EB25578702F4F5525E93, 8F0AB94BEA3751C566CBFF2F9A29495CCAC029DE3721107BBA892A418FD70581 ] C:\Program Files\iTunes\iTunesHelper.exe
09:23:47.0514 0x6b560 iTunesHelper - ok
09:23:47.0593 0x6b560 [ C1FD98DEC4C671B515E474D9389327E9, 5AB932EFFE99C000E57543597784BC00292B7B3864DB96D3F785FA2C5B9E4ABA ] C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe
09:23:47.0702 0x6b560 Ashampoo WinOptimizer Live-Tuner2 - ok
09:23:47.0792 0x6b560 [ 9929483D4AC95843BBA8863DDDB3169F, 8781DDEA432949D7BCE509A6FB125D65113E08F3C715CD731659E84230B32A1F ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
09:23:47.0898 0x6b560 TrueImageMonitor.exe - ok
09:23:47.0906 0x6b560 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
09:23:47.0915 0x6b560 HP Software Update - ok
09:23:47.0928 0x6b560 [ 2A26BDCD8313E545D7489BC39DC68988, B11858CE289FF38A58AA43C0128EF304911934E7A1E90C524640B6DB10FE21E8 ] C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe
09:23:47.0944 0x6b560 PowerDVD16Agent - ok
09:23:47.0958 0x6b560 [ 6EACC43D0542EF88226FB34B0B12EDB0, 6345E4B49D7F804F6DE042F981AB172822B6AB74C42209BEFB0582B019430884 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
09:23:47.0976 0x6b560 SunJavaUpdateSched - ok
09:23:47.0981 0x6b560 [ 798C9A56A5232139D8E9C493B5970BED, 985FB428D05EC52BB8C7D28FAD9C9A1DF5FFC10ABF6CB7FAF7545F6E6663F5A6 ] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
09:23:47.0988 0x6b560 ProductUpdater - detected UnsignedFile.Multi.Generic ( 1 )
09:23:48.0021 0x6b560 Detect skipped due to KSN trusted
09:23:48.0021 0x6b560 ProductUpdater - ok
09:23:48.0060 0x6b560 [ 12DDA5DE47461555B28954C6711399B4, 35AD5AD8C6E0479EC2FCEBEFA38E69227E5178B9B9D70E7891F9CEBE7491B80A ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
09:23:48.0109 0x6b560 Wondershare Helper Compact.exe - ok
09:23:48.0120 0x6b560 [ 367C0DDBB49D85EAC7BD70288305C566, D72547B7F7C6BAB702DA51E5257C146EAA01F8AA67DBA6B488E1136FF157A0A2 ] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
09:23:48.0134 0x6b560 AcronisTibMounterMonitor - ok
09:23:48.0135 0x6b560 Malwarebytes Anti-Exploit - ok
09:23:48.0187 0x6b560 [ B023DE11916C2B9048FC01B0AFE0EF66, A6E929CF62D9CE3A7E1909B64829A678C60BC94FAD4FDAA0178D28FC932F722B ] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
09:23:48.0250 0x6b560 KeePass 2 PreLoad - ok
09:23:48.0257 0x6b560 [ E127B5D81CE968CD3858AF6BDCADEC7C, AF426B8259E2801679A8E3FAE42B617D0DA1D4E834DF0F7B1FD93AB5E64CBE34 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
09:23:48.0265 0x6b560 Avira SystrayStartTrigger - ok
09:23:48.0267 0x6b560 [ 256F960FABA68B4F0298B43A680A982F, F8F4C5449B73256D75357CE572726D4D968BAD0FCFFF5576791FFBC07C565528 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe
09:23:48.0275 0x6b560 Avira System Speedup User Starter - ok
09:23:48.0297 0x6b560 [ ABE3CD91271DA8A9AFA62B9AF0E18F85, 59FCDEE6A0ECC300646CED15ECC80CEA0DB105C2C6140D8C9D8FAC9C13D92BEB ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
09:23:48.0317 0x6b560 avgnt - ok
09:23:48.0487 0x6b560 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:23:48.0691 0x6b560 OneDriveSetup - ok
09:23:48.0862 0x6b560 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:23:49.0050 0x6b560 OneDriveSetup - ok
09:23:49.0072 0x6b560 [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\hochs\AppData\Local\Microsoft\OneDrive\OneDrive.exe
09:23:49.0091 0x6b560 OneDrive - ok
09:23:49.0095 0x6b560 [ B8B49465436831BCAB9240153CC7E81E, 201C82AE84D15D39D087D62051E5547E982890ED344E73C77F8AE1302B1A495F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
09:23:49.0102 0x6b560 iCloudServices - ok
09:23:49.0124 0x6b560 [ DE2E1198B4D01AA71F35350BEECFA519, 51806EE62498D989B47781C716BF41797B922B070AE939EDBF971C666C324BB2 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
09:23:49.0153 0x6b560 AppleIEDAV - ok
09:23:49.0159 0x6b560 [ C4DA7E331F756620CD18FF925D2597C1, 0FBEA1A3D688263D7A9DC8E08E91AC8198CF1B37E781DFDE2603ECE3BD768415 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
09:23:49.0167 0x6b560 iCloudDrive - ok
09:23:49.0176 0x6b560 [ E70B52CB164F306F938712D50E6402D1, 51A53C8D4C623118B5189F2EDAC5F27853E1FE74FAA762CFEE2B6A5FD45932DC ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
09:23:49.0190 0x6b560 iCloudPhotos - ok
09:23:49.0191 0x6b560 Adobe Acrobat Synchronizer - ok
09:23:49.0241 0x6b560 [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
09:23:49.0298 0x6b560 HP Officejet 6700 (NET) - ok
09:23:49.0378 0x6b560 [ EE5509111E1E0A2ADDB394D97BDB4F26, 8E4633E819CB202A1882FAD4E977D24678800022BF71DFF6634B47EC60FB7FDC ] C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe
09:23:49.0474 0x6b560 AudialsNotifier - ok
09:23:49.0559 0x6b560 [ A4E63989975DB877275CA3C77A0B301E, 2F0C9F08A2113C7DA2EF4581271BE73ECFA9CBC54F7B181841E7FF765538E011 ] C:\Program Files (x86)\CounterPath\Bria 4\Bria4.exe
09:23:49.0666 0x6b560 Bria 4 - ok
09:23:49.0675 0x6b560 [ 72EC72C46C46D41CFB1C08418CE08725, 40DE136C69D8F3F2762C30F35E0F7B1BB62F099BA4F33401163EE13DE93F9BE5 ] C:\Users\hochs\AppData\Roaming\Yahoo Messenger\YMUpdater\YMUpdater.exe
09:23:49.0690 0x6b560 Yahoo Messenger Updater - ok
09:23:49.0692 0x6b560 Yahoo Messenger - ok
09:23:49.0852 0x6b560 [ 16FC969FA39003941452B3E7C8B35BDF, 875C881C54AB5D75DBBC7B9CA0D5E629417365DF53FDD4498A7DE657762F97F8 ] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
09:23:50.0152 0x6b560 Free Download Manager - detected UnsignedFile.Multi.Generic ( 1 )
09:23:50.0190 0x6b560 Detect skipped due to KSN trusted
09:23:50.0190 0x6b560 Free Download Manager - ok
09:23:50.0210 0x6b560 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
09:23:50.0243 0x6b560 SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
09:23:50.0276 0x6b560 Detect skipped due to KSN trusted
09:23:50.0276 0x6b560 SpybotPostWindows10UpgradeReInstall - ok
09:23:50.0280 0x6b560 [ F50F291B426BC96CBC756E6E3767289D, 66A918A6FB2DBFC8351317C074553B1ABDCA15FF934F91EBED9AB234819C2EA2 ] C:\Program Files (x86)\Sticky Password\stpass.exe
09:23:50.0287 0x6b560 StickyPassword - ok
09:23:50.0290 0x6b560 [ F50F291B426BC96CBC756E6E3767289D, 66A918A6FB2DBFC8351317C074553B1ABDCA15FF934F91EBED9AB234819C2EA2 ] C:\Program Files (x86)\Sticky Password\stpass.exe
09:23:50.0297 0x6b560 StickyPassword - ok
09:23:50.0445 0x6b560 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:23:50.0642 0x6b560 OneDriveSetup - ok
09:23:50.0660 0x6b560 [ 2781E6EF593909A8B73FE1AD397F778A, E892D6C57F8903E20129E75A9B877690229280FD8106B5C7F96173175EA1AC4E ] C:\Program Files (x86)\Windows Mail\wab.exe
09:23:50.0692 0x6b560 WAB Migrate - ok
09:23:50.0693 0x6b560 Waiting for KSN requests completion. In queue: 27
09:23:51.0703 0x6b560 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.19.163 ), 0x41000 ( enabled : updated )
09:23:51.0703 0x6b560 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.0 ), 0x60100 ( disabled : updated )
09:23:51.0706 0x6b560 Win FW state via NFP2: enabled ( trusted )
09:23:51.0776 0x6b560 ============================================================
09:23:51.0776 0x6b560 Scan finished
09:23:51.0776 0x6b560 ============================================================
09:23:51.0781 0x6b738 Detected object count: 1
09:23:51.0781 0x6b738 Actual detected object count: 1
09:24:36.0757 0x6b738 chip1click ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:36.0757 0x6b738 chip1click ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
07.09.2016, 13:15
| #6 |
| /// Malwareteam | Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus Hi, Schritt # 1: MBAM Lade dir, falls nicht schon vorhanden,  Malwarebytes Anti-Malware herunter, installiere und starte es.
Schritt # 2: AdwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt # 3: FRST Und noch ein frisches FRST-Log bitte. Schritt # 4: Bitte Posten
__________________ --> Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus |
|
07.09.2016, 16:30
| #7 |
| | Hier das Log von MBAN Lieber Dennis Danke für deine Hilfe, hier das Log von MBAN : Code:
ATTFilter <?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2016/09/07 16:49:35 +0200</date>
<logfile>mbam-log-2016-09-07 (16-49-14).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.2.1.1043</version>
<malware-database>v2016.09.07.06</malware-database>
<rootkit-database>v2016.08.15.01</rootkit-database>
<license>premium</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<hostname>DESKTOP-GBIJB17</hostname>
<ip>192.168.1.20</ip>
<osversion>Windows 10</osversion>
<arch>x64</arch>
<username>admin</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>428196</objects>
<time>333</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>0</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
</items>
</mbam-log>
Code:
ATTFilter <?xml version="1.0" encoding="UTF-8" ?>
<logs>
<record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:17.162743+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="eba49f95-1fe1-4b0c-b5b8-97b646a9390f" result="Starting" subtype="Malware Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:17.167747+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="85c85f3e-74cc-4b67-9086-15b22c866286" result="Started" subtype="Malware Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:17.182749+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="e02deb65-b4f8-4a65-bb59-c64a441b201a" result="Starting" subtype="Malicious Website Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:18.063509+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="3e74c914-ad71-493f-8ed6-d2f5d755bbf5" result="Started" subtype="Malicious Website Protection"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-09-07T16:49:33.425455+02:00" source="Manual" type="Update" username="SYSTEM" systemname="DESKTOP-GBIJB17" fromVersion="2016.2.12.1" last_modified_tag="f5959d8a-3754-40f5-9f47-0ba3dcc9d19f" name="Remediation Database" toVersion="2016.8.31.1"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-09-07T16:49:33.461983+02:00" source="Manual" type="Update" username="SYSTEM" systemname="DESKTOP-GBIJB17" fromVersion="2016.2.8.1" last_modified_tag="9394d191-8473-4287-94d7-9679fe061489" name="Rootkit Database" toVersion="2016.8.15.1"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-09-07T16:49:33.475657+02:00" source="Manual" type="Update" username="SYSTEM" systemname="DESKTOP-GBIJB17" fromVersion="2016.2.8.1" last_modified_tag="fe3f1cdb-beba-450d-ba81-1bf5e47973b4" name="IP Database" toVersion="2016.9.7.1"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-09-07T16:49:33.631273+02:00" source="Manual" type="Update" username="SYSTEM" systemname="DESKTOP-GBIJB17" fromVersion="2016.2.16.8" last_modified_tag="10fa6932-c2e8-4c54-b9fe-78cc90a6ee3f" name="Domain Database" toVersion="2016.9.7.3"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-09-07T16:49:35.857218+02:00" source="Manual" type="Update" username="SYSTEM" systemname="DESKTOP-GBIJB17" fromVersion="2016.2.16.6" last_modified_tag="d215d326-05f3-4de6-a9f5-84b1448d37bc" name="Malware Database" toVersion="2016.9.7.6"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:35.883253+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="6f5a4e8b-eff7-4343-84f3-f9b50979e8f6" result="Starting" subtype="Refresh"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:35.889244+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="89034231-18b0-4c89-8dcb-9f755ab6a32c" result="Stopping" subtype="Malicious Website Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:36.175099+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="d606d382-2517-47aa-b136-13517df998be" result="Stopped" subtype="Malicious Website Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:40.437247+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="df4dde4f-f08a-4edf-b1bb-d8ca1f5af30e" result="Success" subtype="Refresh"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:40.448243+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="bd4ce68e-70d6-4a8e-adee-07b8b2036355" result="Starting" subtype="Malicious Website Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:41.933872+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="6a741642-f842-4485-8cc0-4484f4e1a671" result="Started" subtype="Malicious Website Protection"></record>
<record severity="debug" scantype="threat" LoggingEventType="6" starttime="2016-09-07T16:49:35+02:00" datetime="2016-09-07T16:55:09.372561+02:00" source="Context" type="Scan" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="71da74eb-3a63-4e33-bfce-e4f0e9b43dc2" duration="333" malwaredetections="0" nonmalwaredetections="0" scanresult="completed"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:57:48.303397+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="ba6251ed-5892-483d-ba1e-a8d59b4b2ce0" result="Starting" subtype="Malware Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:57:48.309414+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="c8acf483-bd69-4ce9-b322-d66bf3de45ba" result="Started" subtype="Malware Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:57:48.326412+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="5a6e221b-62a3-48fe-8ad3-8010023a98ee" result="Starting" subtype="Malicious Website Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:57:49.783248+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="3a457452-0e04-48c2-a92f-71e078bf3907" result="Started" subtype="Malicious Website Protection"></record>
</logs>
Code:
ATTFilter # AdwCleaner v6.010 - Bericht erstellt am 07/09/2016 um 17:06:12
# Aktualisiert am 12/08/2016 von ToolsLib
# Datenbank : 2016-09-06.1 [Server]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : admin - DESKTOP-GBIJB17
# Gestartet von : C:\Users\hochs\Downloads\AdwCleaner_6.010.exe
# Modus: Suchlauf
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
Keine schädlichen Dienste gefunden.
***** [ Ordner ] *****
Ordner Gefunden: C:\Program Files (x86)\Common Files\freemake shared
***** [ Dateien ] *****
Keine schädlichen Dateien gefunden.
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Keine schädlichen Aufgaben gefunden.
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden: HKU\.DEFAULT\Software\OCS
Schlüssel Gefunden: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\Software\OCS
Schlüssel Gefunden: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\Software\INSTALLPATH\STATUS
Schlüssel Gefunden: HKU\S-1-5-21-2615813048-3284018108-3599952075-1004\Software\OCS
Schlüssel Gefunden: HKU\S-1-5-18\Software\OCS
Schlüssel Gefunden: HKCU\Software\OCS
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
*************************
\AdwCleaner\AdwCleaner[C1].txt - [13018 Bytes] - [08/08/2016 17:17:07]
\AdwCleaner\AdwCleaner[C2].txt - [2328 Bytes] - [16/08/2016 23:35:07]
\AdwCleaner\AdwCleaner[C3].txt - [1921 Bytes] - [28/08/2016 11:22:54]
\AdwCleaner\AdwCleaner[S1].txt - [12596 Bytes] - [08/08/2016 17:15:53]
\AdwCleaner\AdwCleaner[S2].txt - [2288 Bytes] - [16/08/2016 23:32:17]
\AdwCleaner\AdwCleaner[S3].txt - [2361 Bytes] - [16/08/2016 23:34:29]
\AdwCleaner\AdwCleaner[S4].txt - [1876 Bytes] - [28/08/2016 11:17:50]
\AdwCleaner\AdwCleaner[S5].txt - [1949 Bytes] - [28/08/2016 11:22:02]
\AdwCleaner\AdwCleaner[S6].txt - [2123 Bytes] - [07/09/2016 17:06:12]
########## EOF - \AdwCleaner\AdwCleaner[S6].txt - [2194 Bytes] ##########
[CODE]Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016 durchgeführt von hochs (ACHTUNG: der Benutzer ist kein Administrator) auf DESKTOP-GBIJB17 (07-09-2016 17:14:12) Gestartet von C:\Users\hochs\Downloads Geladene Profile: hochs (Verfügbare Profile: hochs & admin & Administrator) Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) konnte nicht auf den Prozess zugreifen -> smss.exe konnte nicht auf den Prozess zugreifen -> csrss.exe konnte nicht auf den Prozess zugreifen -> wininit.exe konnte nicht auf den Prozess zugreifen -> csrss.exe konnte nicht auf den Prozess zugreifen -> services.exe konnte nicht auf den Prozess zugreifen -> lsass.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> winlogon.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> dwm.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> dasHost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> nvvsvc.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> nvxdsync.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> spoolsv.exe konnte nicht auf den Prozess zugreifen -> sched.exe konnte nicht auf den Prozess zugreifen -> schedul2.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> AdminService.exe konnte nicht auf den Prozess zugreifen -> Avira.VpnService.exe konnte nicht auf den Prozess zugreifen -> Avira.SoftwareUpdater.ServiceHost.exe konnte nicht auf den Prozess zugreifen -> avguard.exe konnte nicht auf den Prozess zugreifen -> mDNSResponder.exe konnte nicht auf den Prozess zugreifen -> Avira.ServiceHost.exe konnte nicht auf den Prozess zugreifen -> chip 1-click installer.exe konnte nicht auf den Prozess zugreifen -> BitBoxService.exe konnte nicht auf den Prozess zugreifen -> vss-service-x64.exe konnte nicht auf den Prozess zugreifen -> AGSService.exe konnte nicht auf den Prozess zugreifen -> TeamViewer_Service.exe konnte nicht auf den Prozess zugreifen -> app_updater.exe konnte nicht auf den Prozess zugreifen -> Avira.SystemSpeedup.SpeedupService.exe konnte nicht auf den Prozess zugreifen -> armsvc.exe konnte nicht auf den Prozess zugreifen -> mbamscheduler.exe konnte nicht auf den Prozess zugreifen -> afcdpsrv.exe konnte nicht auf den Prozess zugreifen -> ManyCamService.exe konnte nicht auf den Prozess zugreifen -> AllShareFrameworkManagerDMS.exe konnte nicht auf den Prozess zugreifen -> Samsung Link.exe konnte nicht auf den Prozess zugreifen -> Ath_CoexAgent.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> UsbClientService.exe konnte nicht auf den Prozess zugreifen -> AppleMobileDeviceService.exe konnte nicht auf den Prozess zugreifen -> Samsung Link.exe konnte nicht auf den Prozess zugreifen -> vss-service-x64.exe konnte nicht auf den Prozess zugreifen -> mms_mini.exe konnte nicht auf den Prozess zugreifen -> AllShareFrameworkDMS.exe konnte nicht auf den Prozess zugreifen -> conhost.exe konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> avshadow.exe konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe konnte nicht auf den Prozess zugreifen -> avmailc7.exe konnte nicht auf den Prozess zugreifen -> avwebg7.exe konnte nicht auf den Prozess zugreifen -> GoogleUpdate.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (EJIE Technology) C:\Program Files (x86)\Clover\clover.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe konnte nicht auf den Prozess zugreifen -> iPodService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe () C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe (CounterPath) C:\Program Files (x86)\CounterPath\Bria 4\Bria4.exe (Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe (Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe (Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe (The CefSharp Authors) C:\Program Files (x86)\CounterPath\Bria 4\CefSharp.BrowserSubprocess.exe (Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe (Alexander Miehlke Softwareentwicklung) C:\Program Files (x86)\TraXEx\TraXEx.exe () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe (AVM Software Inc.) C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe konnte nicht auf den Prozess zugreifen -> fontdrvhost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe konnte nicht auf den Prozess zugreifen -> HPSupportSolutionsFrameworkService.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> mobile_backup_server.exe konnte nicht auf den Prozess zugreifen -> mobile_backup_status_server.exe konnte nicht auf den Prozess zugreifen -> syncagentsrv.exe konnte nicht auf den Prozess zugreifen -> LiveTunerService.exe konnte nicht auf den Prozess zugreifen -> NASvc.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe konnte nicht auf den Prozess zugreifen -> SearchProtocolHost.exe konnte nicht auf den Prozess zugreifen -> SearchFilterHost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350232 2016-06-16] (ELAN Microelectronics Corp.) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [586352 2016-08-21] () HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [615144 2016-03-09] (Samsung Electronics Co.,Ltd) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.) HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe [4164944 2016-07-01] (Ashampoo Development GmbH & Co. KG) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4657312 2016-08-21] () HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [PowerDVD16Agent] => C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe [525352 2016-05-13] (CyberLink Corp.) HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425352 2016-06-03] (Acronis International GmbH) HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2779136 2016-06-11] (Dominik Reichl) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [18520 2016-08-18] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [830064 2016-09-06] (Avira Operations GmbH & Co. KG) HKLM-x32\...\RunOnce: [DeleteOnReboot] => C:\Users\admin\AppData\Local\Temp\DeleteOnReboot.bat [100 2016-09-07] () <===== ACHTUNG HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Atheros Communications) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-07-08] (Apple Inc.) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1084688 2016-04-21] (Apple Inc.) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-07-08] (Apple Inc.) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-07-08] (Apple Inc.) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe [4535192 2016-06-09] () HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Bria 4] => C:\Program Files (x86)\CounterPath\Bria 4\Bria4.exe [4734344 2016-07-11] (CounterPath) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Yahoo Messenger Updater] => C:\Users\hochs\AppData\Roaming\Yahoo Messenger\YMUpdater\YMUpdater.exe [115144 2016-08-18] (Yahoo!, Inc.) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Yahoo Messenger] => C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe [61315088 2016-08-18] (Yahoo! Inc) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Free Download Manager] => "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [64000 2016-08-10] (Lamantine Software a.s.) HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\MountPoints2: {3aefeae5-1f0f-11e6-9b9c-806e6f6e6963} - "E:\pcwstart.exe" ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>) ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>) ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>) ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>) ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google) ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis) ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis) ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis) Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2016-09-04] ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TraXEx 7.0.lnk [2016-09-01] ShortcutTarget: TraXEx 7.0.lnk -> C:\Program Files (x86)\TraXEx\TraXEx.exe (Alexander Miehlke Softwareentwicklung) Startup: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2016-08-14] () Startup: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2016-08-30] ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{312630d7-a3ea-4a35-adc2-e36214d724f3}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{81c71945-0989-48f6-948e-0f58b3f79291}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{9758ba7f-718c-4803-9b3d-86710972f7a9}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{fd990bb7-d9d2-4a29-aa70-f3b31832c661}: [DhcpNameServer] 10.143.14.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000 BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-06] (Oracle Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-06] (Oracle Corporation) BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll [2014-01-23] (EJIE Technology) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2016-05-27] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-06] (Oracle Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-06] (Oracle Corporation) BHO-x32: Kein Name -> {FFFFFEF0-5B30-21D4-945D-000000000000} -> C:\Program Files (x86)\Star Downloader\SDIEInt.dll [2006-02-26] () Toolbar: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation) Edge: ====== Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.0.5.0_neutral__c1wakc4j0nefm [] FireFox: ======== FF ProfilePath: C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default FF Homepage: hxxps://www.startpage.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] () FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-06] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-06] (Oracle Corporation) FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-08-26] (LastPass) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] () FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-06] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-06] (Oracle Corporation) FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-08-26] (LastPass) FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-05-27] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-08-28] (Nero AG) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-05-27] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.) FF Extension: (LastPass) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\extensions\support@lastpass.com [2016-08-26] FF Extension: (SetupVPN) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\@setupvpncom.xpi [2016-09-02] FF Extension: (Avira Browser Safety) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\abs@avira.com [2016-09-01] FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2016-08-26] FF Extension: (Avira SafeSearch Plus) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\safesearchplus2@avira.com [2016-09-01] FF Extension: (Adblock Plus) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-26] FF HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Firefox\Extensions: [{76dccd48-a276-11e5-8934-cd441d5d46b0}] - C:\Users\hochs\AppData\Roaming\Lamantine\Sticky Password\spAutofillMoz FF Extension: (Sticky Password Autofill Engine) - C:\Users\hochs\AppData\Roaming\Lamantine\Sticky Password\spAutofillMoz [2016-09-02] FF HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => nicht gefunden Chrome: ======= CHR HomePage: Default -> hxxps://startseite.com/ CHR DefaultSearchURL: Default -> hxxps://www.startpage.com/do/dsearch?query={searchTerms}&cat=web&pl=opensearch&language=deutsch CHR DefaultSearchKeyword: Default -> https://startpage.com CHR Profile: C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-15] CHR Extension: (Google Drive) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-15] CHR Extension: (WhatsChrome) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan [2016-08-07] CHR Extension: (YouTube) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-15] CHR Extension: (Porno-Blocker und Kindersicherung) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\cenggogncmgefhljmbhbjgfbfjbmpkml [2016-08-15] CHR Extension: (Avira Browserschutz) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-02] CHR Extension: (Google Docs Offline) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-15] CHR Extension: (AdBlock) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-26] CHR Extension: (LastPass: Free Password Manager) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-08-27] CHR Extension: (Disconnect Search) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmobfennjmjnkdbklhcnnfbhfibedgkk [2016-09-02] CHR Extension: (Avira SafeSearch Plus) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2016-09-02] CHR Extension: (Disconnect) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2016-09-02] CHR Extension: (Sticky Password Autofill Engine) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaafoaobjaplofpihlhbcbcjhmgnjplf [2016-09-02] CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2016-06-23] CHR Extension: (Chrono Download Manager) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2016-08-28] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-15] CHR Extension: (Google Mail) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-15] CHR Extension: (Chrome Media Router) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-03] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [hmobfennjmjnkdbklhcnnfbhfibedgkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [jeoacafpbcihiomhlakheieifhpjdfeo] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1277688 2016-08-21] () R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6086744 2016-08-25] () R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated) R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert] R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [989696 2016-09-06] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1454720 2016-09-06] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert] R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG) R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [253392 2016-08-26] (Avira Operations GmbH & Co. KG) R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [26760 2016-08-23] (Avira Operations GmbH & Co. KG) R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2016-06-20] (Sirrix AG) [Datei ist nicht signiert] R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-08-29] (Chip Digital GmbH) [Datei ist nicht signiert] R2 Cloud Station Backup VSS Service x64; C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [287256 2016-07-04] () R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287256 2016-07-04] () R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [391656 2016-07-22] (Digital Wave Ltd.) S3 Disconnect Desktop Updater; C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe [358400 2015-09-23] (Disconnect) S3 disconnect-openvpn; C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\nssm.exe [338944 2014-08-31] () R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.) R3 lmhosts; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) R3 lmhosts; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) S3 m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E; C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe [8331360 2015-11-26] (Swisscom (Schweiz) AG) R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4692840 2016-08-15] (Acronis International GmbH) R2 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [7717528 2016-07-18] (Acronis International GmbH) R2 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1516920 2016-08-21] () R2 NlaSvc; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) R2 NlaSvc; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) R2 nsi; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) R2 nsi; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [623848 2016-03-09] (Samsung Electronics Co.,Ltd) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-17] (Microsoft Corporation) R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [27632 2016-08-18] (Avira Operations GmbH & Co. KG) R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9729272 2016-08-11] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH) R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248840 2016-03-18] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) R2 WO_LiveService2; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe [257872 2016-07-01] () S3 WsDrvInst; C:\Program Files (x86)\Wondershare\TunesGo Retro\DriverInstall.exe [116368 2016-04-16] (Wondershare) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [Datei ist nicht signiert] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare) S3 athr; C:\Windows\System32\drivers\athw10x.sys [4316456 2016-06-16] (Qualcomm Atheros Communications, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-08-18] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-08-18] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-08-18] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-08-18] (Avira Operations GmbH & Co. KG) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros) S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-09] (Disc Soft Ltd) S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-09] (Disc Soft Ltd) R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [375136 2016-08-25] (Acronis International GmbH) R2 LiveTuner2PM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner64.sys [14320 2014-03-20] () R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-07] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () S3 prl_virtual_hid; C:\Windows\System32\drivers\prl_virtual_hid.sys [19688 2015-09-18] () S3 ptun0901; C:\Windows\System32\drivers\ptun0901.sys [27136 2014-08-08] (The OpenVPN Project) R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [34608 2016-06-09] (Audials AG) S3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42064 2016-08-15] (Anchorfree Inc.) R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1267544 2016-08-25] (Acronis International GmbH) R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [212320 2016-08-25] (Acronis International GmbH) S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [687968 2016-08-25] (Acronis International GmbH) R3 TotRec8; C:\WINDOWS\system32\drivers\TotRec8.sys [125568 2015-10-20] (High Criteria inc.) S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [182480 2016-04-29] (Oracle Corporation) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135768 2016-04-28] (Oracle Corporation) R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [331104 2016-08-25] (Acronis International GmbH) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; C:\Program Files (x86)\CyberLink\PowerDVD16\Common\NavFilter\000.fcl [29624 2016-03-28] (CyberLink Corp.) U3 DfSdkS; kein ImagePath S3 NPF; system32\drivers\NPF.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-09-07 17:14 - 2016-09-07 17:14 - 00039554 _____ C:\Users\hochs\Downloads\FRST.txt 2016-09-07 17:12 - 2016-09-07 17:12 - 02397696 _____ (Farbar) C:\Users\hochs\Downloads\FRST64.exe 2016-09-07 17:03 - 2016-09-07 17:03 - 03826240 _____ C:\Users\hochs\Downloads\AdwCleaner_6.010.exe 2016-09-07 16:49 - 2016-09-07 16:57 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-09-07 16:49 - 2016-09-07 16:49 - 00001186 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-09-07 16:49 - 2016-09-07 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-09-07 16:49 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-09-07 16:49 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-09-07 16:49 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-09-07 16:47 - 2016-09-07 16:48 - 22851472 _____ (Malwarebytes ) C:\Users\hochs\Downloads\mbam-setup-2.2.1.1043.exe 2016-09-05 20:21 - 2016-09-05 20:30 - 00000000 ____D C:\Users\hochs\Downloads\okindoft.mkv - hd-area.org 2016-09-05 18:43 - 2016-09-06 18:45 - 00000000 ____D C:\Users\hochs\Downloads\Overkill.Durch.die.Hoelle.zur.Ewigkeit.1980.German.720p.BluRay.x264-GMA - filecrypt.cc 2016-09-04 17:18 - 2016-09-04 17:20 - 00000000 ____D C:\Users\hochs\Downloads\Rampage.President.Down.German.2016.AC3.BDRip.x264-COiNCiDENCE - filecrypt.cc 2016-09-04 14:39 - 2016-09-04 14:44 - 00000000 ____D C:\Users\hochs\Downloads\Star.Trek.Beyond.2016.German.TS.V2.MD.XViD-MULTiPLEX - filecrypt.cc 2016-09-04 14:23 - 2015-12-18 19:48 - 00000000 ____D C:\Users\hochs\Downloads\SolveigMM Video Splitter 5.2.1512.16 Business Edition & Portable 2016-09-04 14:22 - 2016-09-04 14:23 - 67134548 _____ C:\Users\hochs\Downloads\SolveigMM_Video_Splitter_5.2.1512.16_Business_Edition_&_Portable.rar 2016-09-04 14:06 - 2016-09-04 14:29 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Solveig Multimedia 2016-09-04 14:06 - 2016-09-04 14:06 - 00000000 ____D C:\Users\hochs\Documents\Solveig Multimedia 2016-09-04 14:05 - 2016-09-04 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solveig Multimedia 2016-09-04 14:05 - 2016-09-04 14:24 - 00000000 ____D C:\Program Files (x86)\Solveig Multimedia 2016-09-04 14:05 - 2016-09-04 14:05 - 35725504 _____ (Solveig Multimedia ) C:\Users\hochs\Downloads\SolveigMM_AVI_Trimmer_5_0_1603_23.exe 2016-09-04 14:05 - 2016-09-04 14:05 - 00001417 _____ C:\Users\Public\Desktop\SolveigMM AVI Trimmer+.lnk 2016-09-04 13:57 - 2016-09-04 13:57 - 00000000 ____D C:\Users\hochs\AppData\Local\IsolatedStorage 2016-09-04 13:56 - 2016-09-04 13:56 - 00000000 ____D C:\Users\hochs\Documents\Haenlein-Software 2016-09-04 13:56 - 2016-09-04 13:56 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Haenlein-Software 2016-09-04 13:55 - 2016-09-04 13:55 - 29430176 _____ C:\Users\hochs\Downloads\Setup_DVR-Studio HD 3_3.21 (1).exe 2016-09-04 13:55 - 2016-09-04 13:55 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVR-Studio HD 3 2016-09-04 13:54 - 2016-09-04 13:55 - 00001180 _____ C:\Users\admin\Desktop\DVR-Studio HD 3.lnk 2016-09-04 13:54 - 2016-09-04 13:55 - 00000000 ____D C:\Program Files (x86)\DVR-Studio HD 3 2016-09-04 13:53 - 2016-09-04 13:53 - 29430176 _____ C:\Users\hochs\Downloads\Setup_DVR-Studio HD 3_3.21.exe 2016-09-04 13:15 - 2016-09-04 13:24 - 1430589050 _____ C:\Users\hochs\Downloads\Die_Mothman_Prophezeiungen_16.09.03_20-15_zdfneo_115_TVOON_DE.mpg.HD.avi 2016-09-04 13:10 - 2016-09-04 13:24 - 45314000 _____ C:\Users\hochs\Downloads\2016-09-03_20-15_Die-Mothman-Prophezeiungen_zdf-neo_hd.mp4 2016-09-04 13:09 - 2016-09-04 13:09 - 00002387 _____ C:\Users\admin\Desktop\MediathekView - CHIP Installer.lnk 2016-09-04 12:33 - 2016-09-04 12:33 - 00000000 ____D C:\Users\admin\AppData\Local\Free Download Manager 2016-09-04 12:31 - 2016-09-04 12:33 - 07070852 _____ C:\Users\hochs\Downloads\2016-09-03_20-15_Die-Mothman-Prophezeiungen_zdf-neo_hd.mp4.crdownload 2016-09-04 12:19 - 2016-09-04 12:32 - 3008565993 _____ C:\Users\hochs\Downloads\2016-09-03_20-15_Die-Mothman-Prophezeiungen_zdf-neo_hd.mp4.fdmdownload 2016-09-04 12:07 - 2016-09-04 12:08 - 00000000 ____D C:\Users\hochs\MediathekView 2016-09-04 11:58 - 2016-08-08 15:51 - 03065285 _____ C:\Users\admin\Downloads\MediathekView.jar 2016-09-04 11:58 - 2016-08-08 15:51 - 00057344 _____ C:\Users\admin\Downloads\MediathekView__Start.exe 2016-09-04 11:58 - 2016-08-08 15:51 - 00001470 _____ C:\Users\admin\Downloads\Hilfe___bitte_lesen.txt 2016-09-04 11:58 - 2016-08-08 15:51 - 00000364 _____ C:\Users\admin\Downloads\MediathekView__Mac_Start.command 2016-09-04 11:58 - 2016-08-08 15:51 - 00000325 _____ C:\Users\admin\Downloads\MediathekView__Linux.sh 2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Windows 2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Portable 2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\lib 2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Info 2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Icons 2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Copyright 2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\bin 2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Anleitung 2016-09-04 11:56 - 2016-09-04 11:56 - 01474568 _____ C:\Users\hochs\Downloads\MediathekView - CHIP-Installer.exe 2016-09-04 11:54 - 2016-09-04 11:54 - 39389109 _____ C:\Users\admin\Downloads\MediathekView_12.zip 2016-09-04 11:26 - 2016-09-04 11:26 - 00001124 _____ C:\Users\Public\Desktop\BeeThink SpyDetector 2.0.lnk 2016-09-04 11:26 - 2016-09-04 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeeThink SpyDetector 2.0 2016-09-04 11:26 - 2016-09-04 11:26 - 00000000 ____D C:\Program Files (x86)\BeeThink SpyDetector_2.0 2016-09-04 11:25 - 2016-09-04 11:25 - 01678787 _____ (BeeThink SoftWare, Inc. ) C:\Users\hochs\Downloads\BeeThink_SpyDetector2.0_setup.exe 2016-09-04 10:11 - 2016-09-04 10:11 - 00000000 ____D C:\Users\hochs\AppData\Roaming\DVDVideoSoft 2016-09-04 06:12 - 2016-09-04 06:12 - 01222600 _____ (AVM Software Inc.) C:\Users\hochs\Downloads\pal_install_r132144.exe 2016-09-04 06:12 - 2016-09-04 06:12 - 00002065 _____ C:\Users\admin\Desktop\Paltalk Messenger.lnk 2016-09-04 06:12 - 2016-09-04 06:12 - 00001186 _____ C:\Users\admin\Desktop\Upgrade to Paltalk Extreme.lnk 2016-09-04 06:12 - 2016-09-04 06:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\Paltalk 2016-09-04 06:12 - 2016-09-04 06:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger 2016-09-04 06:12 - 2016-09-04 06:12 - 00000000 ____D C:\Program Files (x86)\Paltalk Messenger 2016-09-03 11:03 - 2016-09-03 11:31 - 00000000 ____D C:\Users\hochs\AppData\Roaming\WhatsApp 2016-09-03 11:00 - 2016-09-04 14:26 - 00372872 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-09-03 09:22 - 2016-09-03 09:24 - 00312694 _____ C:\TDSSKiller.3.1.0.11_03.09.2016_09.22.54_log.txt 2016-09-03 09:21 - 2016-09-03 09:22 - 04747704 _____ (AO Kaspersky Lab) C:\Users\hochs\Downloads\tdsskiller.exe 2016-09-03 08:37 - 2016-09-03 08:37 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Yahoo! 2016-09-02 23:24 - 2016-09-02 23:24 - 00000000 ____D C:\Users\hochs\AppData\Roaming\HpUpdate 2016-09-02 18:50 - 2016-09-02 18:50 - 00000921 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk 2016-09-02 18:50 - 2016-09-02 18:50 - 00000873 _____ C:\Users\admin\Desktop\Start Tor Browser.lnk 2016-09-02 18:50 - 2016-09-02 18:50 - 00000000 ____D C:\Users\admin\Desktop\Tor Browser 2016-09-02 18:11 - 2016-09-02 18:37 - 00000000 ____D C:\Users\admin\AppData\Local\DisconnectDesktop 2016-09-02 18:11 - 2016-09-02 18:11 - 00001258 _____ C:\Users\admin\Desktop\Disconnect Desktop.lnk 2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Mozilla 2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disconnect Desktop 2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Disconnect 2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Local\Caphyon 2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows 2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Program Files\TAP-Windows 2016-09-02 18:08 - 2016-09-02 18:10 - 71515456 _____ (Disconnect) C:\Users\hochs\Downloads\Disconnect+Desktop.exe 2016-09-02 13:58 - 2016-09-02 14:02 - 00000000 ____D C:\Users\hochs\Downloads\tpdhso 2016-09-02 12:12 - 2016-09-02 13:00 - 00000000 ___RD C:\Users\hochs\Downloads\Schrei.wenn.der.Tingler.kommt.1959.German.720p.BluRay.x264-iFPD 2016-09-02 12:12 - 2016-09-02 12:12 - 68821442 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part23.rar 2016-09-02 12:12 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part22.rar 2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part21.rar 2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part20.rar 2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part19.rar 2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part18.rar 2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part17.rar 2016-09-02 12:11 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part16.rar 2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part15.rar 2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part14.rar 2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part13.rar 2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part12.rar 2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part11.rar 2016-09-02 12:10 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part10.rar 2016-09-02 12:10 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part09.rar 2016-09-02 12:10 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part08.rar 2016-09-02 12:09 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part07.rar 2016-09-02 12:09 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part06.rar 2016-09-02 12:09 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part05.rar 2016-09-02 12:09 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part03.rar 2016-09-02 12:09 - 2016-09-02 12:09 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part04.rar 2016-09-02 12:09 - 2016-09-02 12:09 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part02.rar 2016-09-02 12:08 - 2016-09-02 12:09 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part01.rar 2016-09-02 12:05 - 2016-09-02 12:05 - 00006896 _____ C:\Users\hochs\Downloads\29e105b4b84827c1a7694d1a138117dd9c84549f.dlc 2016-09-02 10:30 - 2016-09-02 10:31 - 91468472 _____ (Adobe Systems Incorporated) C:\Users\hochs\Downloads\AcroRdrDC1501720050_de_DE.exe 2016-09-02 10:29 - 2016-09-02 10:29 - 00134646 _____ C:\Users\hochs\Downloads\Offerte P-2017 Urs Hochstrasser neu.pdf 2016-09-02 09:16 - 2016-09-02 09:16 - 00000000 ____D C:\Users\admin\AppData\Local\Avira 2016-09-02 09:15 - 2016-09-02 09:15 - 00002398 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ___RD C:\Users\admin\OneDrive 2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\Documents\Bluetooth Folder 2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Roaming\SAMSUNG 2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Roaming\Atheros 2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Roaming\Apple Computer 2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\Wondershare 2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\CyberLink 2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\Clover 2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\BMExplorer 2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\.swt 2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2016-09-02 09:14 - 2016-09-02 09:16 - 00000000 ____D C:\Users\admin\AppData\Local\Packages 2016-09-02 09:14 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\ConnectedDevicesPlatform 2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Roaming\Adobe 2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\VirtualStore 2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\TileDataLayer 2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\Publishers 2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\Google 2016-09-02 03:32 - 2016-09-02 03:32 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Lamantine 2016-09-02 03:30 - 2016-09-07 02:50 - 00000000 ___SD C:\Users\hochs\Documents\Sticky Passwords 2016-09-02 03:29 - 2016-09-02 03:29 - 00001176 _____ C:\Users\Public\Desktop\Sticky Password.lnk 2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ___SD C:\Users\admin\Documents\Sticky Passwords 2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ____D C:\Users\admin\AppData\Local\PeerDistRepub 2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Password 2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ____D C:\Program Files (x86)\Sticky Password 2016-09-02 03:28 - 2016-09-02 03:29 - 30170336 _____ (Lamantine Software ) C:\Users\hochs\Downloads\StickyPassword_rev808116.exe 2016-09-02 03:25 - 2016-09-02 09:19 - 00000000 ____D C:\Users\admin 2016-09-02 03:25 - 2016-09-02 03:25 - 00000020 ___SH C:\Users\admin\ntuser.ini 2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Vorlagen 2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Startmenü 2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Netzwerkumgebung 2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Lokale Einstellungen 2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Eigene Dateien 2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Druckumgebung 2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Documents\Eigene Videos 2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Documents\Eigene Musik 2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Documents\Eigene Bilder 2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\AppData\Local\Verlauf 2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\AppData\Local\Anwendungsdaten 2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Anwendungsdaten 2016-09-01 18:18 - 2016-09-01 18:18 - 00000000 ____D C:\Users\hochs\AppData\Local\AviraSpeedup 2016-09-01 18:16 - 2014-05-25 02:36 - 00015360 _____ C:\WINDOWS\system32\SppExtComObjHook.dll 2016-09-01 18:14 - 2014-08-08 18:31 - 00027136 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\ptun0901.sys 2016-09-01 16:24 - 2016-09-01 16:24 - 00002741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2016-09-01 16:24 - 2016-09-01 16:24 - 00002674 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2016-09-01 16:24 - 2016-09-01 16:24 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2016-09-01 16:24 - 2016-09-01 16:24 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk 2016-09-01 16:24 - 2016-09-01 16:24 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2016-09-01 16:24 - 2016-09-01 16:24 - 00002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2016-09-01 16:24 - 2016-09-01 16:24 - 00002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2016-09-01 16:24 - 2016-09-01 16:24 - 00002654 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2016-09-01 16:24 - 2016-09-01 16:24 - 00002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2016-09-01 16:24 - 2016-09-01 16:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools 2016-09-01 16:24 - 2016-09-01 16:24 - 00000000 ____D C:\WINDOWS\PCHEALTH 2016-09-01 16:24 - 2016-09-01 16:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Users\hochs\AppData\Local\Microsoft Help 2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Program Files\Microsoft Office 2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2016-09-01 16:20 - 2016-09-01 16:20 - 00000000 __RHD C:\MSOCache 2016-09-01 16:16 - 2016-09-01 16:19 - 00000000 ____D C:\Users\hochs\Downloads\86updajulfg3s5d4f 2016-09-01 16:11 - 2016-09-01 16:11 - 00002429 _____ C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira Scout.lnk 2016-09-01 16:11 - 2016-09-01 16:11 - 00002421 _____ C:\Users\hochs\Desktop\Avira Scout.lnk 2016-09-01 16:11 - 2016-09-01 16:11 - 00000000 ____D C:\Users\hochs\AppData\Local\Package Cache 2016-09-01 16:09 - 2016-09-01 17:09 - 00000000 ____D C:\Program Files (x86)\KMSPico 2016-09-01 16:04 - 2016-09-01 17:37 - 00000000 ___HD C:\Users\hochs\Downloads\.ptmp121163 2016-09-01 15:42 - 2016-09-01 15:48 - 00000000 ____D C:\Users\hochs\Downloads\Der.Gendarm.vom.Broadway.1965.GERMAN.DL.720p.HDTV.x264-CDD - filecrypt.cc 2016-09-01 15:23 - 2016-09-01 16:11 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Avira 2016-09-01 15:23 - 2016-09-01 15:23 - 00000085 _____ C:\WINDOWS\wininit.ini 2016-09-01 15:21 - 2016-08-18 15:52 - 00154392 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2016-09-01 15:21 - 2016-08-18 15:52 - 00144664 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2016-09-01 15:21 - 2016-08-18 15:52 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2016-09-01 15:21 - 2016-08-18 15:52 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2016-09-01 15:10 - 2016-09-01 15:11 - 225639816 _____ C:\Users\hochs\Downloads\avira_antivirus_de-de.exe 2016-09-01 14:44 - 2016-09-01 14:44 - 224665032 _____ C:\Users\hochs\Downloads\avira_internet_security_de(1).exe 2016-09-01 14:43 - 2016-09-01 14:43 - 224665032 _____ C:\Users\hochs\Downloads\avira_internet_security_de.exe 2016-09-01 14:38 - 2016-09-01 14:38 - 00002162 _____ C:\Users\Public\Desktop\Avira Software Updater.lnk 2016-09-01 14:30 - 2016-09-01 14:30 - 04439864 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_de_av_57c81f542973f__ws.exe 2016-09-01 14:28 - 2016-09-01 14:28 - 02983904 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_registry_cleaner_de(1).exe 2016-09-01 14:19 - 2016-09-01 14:20 - 00001370 _____ C:\Users\hochs\Desktop\shutdown.bat.lnk 2016-09-01 14:17 - 2016-09-01 14:17 - 02983904 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_registry_cleaner_de.exe 2016-09-01 14:17 - 2016-09-01 14:17 - 00000289 _____ C:\Users\hochs\Desktop\Wie installiere ich erneut mein Avira Antivirus Produkt - Avira Answers.URL 2016-09-01 14:12 - 2016-09-01 14:13 - 04439864 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_de_av_3021944647_ciukpe49j82kusl080x2_wd.exe 2016-09-01 14:09 - 2016-09-01 14:09 - 04439864 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_de_issudl_3010720132__ws.exe 2016-09-01 14:03 - 2016-09-01 16:11 - 00000000 ____D C:\Users\hochs\AppData\Local\Avira 2016-09-01 13:53 - 2016-09-01 13:53 - 00001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira Phantom VPN.lnk 2016-09-01 13:53 - 2016-09-01 13:53 - 00001124 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk 2016-09-01 13:51 - 2016-09-07 17:08 - 00000000 ____D C:\Users\Public\Speedup Sessions 2016-09-01 13:51 - 2016-09-06 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-09-01 13:51 - 2016-09-01 15:21 - 00000000 ____D C:\ProgramData\Avira 2016-09-01 13:51 - 2016-09-01 15:21 - 00000000 ____D C:\Program Files (x86)\Avira 2016-09-01 13:51 - 2016-09-01 13:51 - 04439864 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_de_atss0_3021944647_tuea2maioyrais5w1baz_wd.exe 2016-09-01 13:51 - 2016-09-01 13:51 - 00001298 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2016-09-01 13:51 - 2016-09-01 13:51 - 00001227 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk 2016-09-01 13:40 - 2016-09-01 13:40 - 00028335 _____ C:\ProgramData\1472729999.bdinstall.bin 2016-09-01 13:14 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\Kirschblueten.und.rote.Bohnen.2015.German.1080p.BluRay.x264-CONTRiBUTiON - filecrypt.cc 2016-09-01 13:12 - 2016-09-01 13:12 - 00238909 _____ C:\ProgramData\1472728277.bdinstall.bin 2016-09-01 12:45 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\Schweinskopf.Al.Dente.2016.TS.MD.German.XViD-SLiMER - filecrypt.cc 2016-09-01 11:22 - 2016-09-01 11:22 - 00000000 ____D C:\Users\hochs\AppData\Roaming\QuickScan 2016-09-01 11:15 - 2016-09-01 11:16 - 80334050 _____ C:\Users\hochs\Downloads\openatv-5.3-vusolose-20160901_usb.zip 2016-09-01 08:39 - 2016-09-01 08:39 - 01065376 _____ (Google Inc.) C:\Users\hochs\Downloads\ChromeSetup.exe 2016-09-01 08:39 - 2016-09-01 08:39 - 00002351 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-09-01 08:39 - 2016-09-01 08:39 - 00002339 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-09-01 08:37 - 2016-09-01 08:37 - 00000826 _____ C:\Users\hochs\Downloads\Preferences.xml 2016-09-01 08:35 - 2016-09-02 10:31 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-09-01 08:35 - 2016-09-01 08:35 - 00002135 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2016-09-01 08:35 - 2016-09-01 08:35 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-09-01 08:32 - 2016-09-01 08:32 - 00071464 _____ C:\Users\hochs\Downloads\2016_08_31-1-Kontoauszug.pdf 2016-09-01 07:19 - 2016-09-01 07:19 - 00004944 _____ C:\Users\hochs\Downloads\DISKSTATION216_20160901.dss 2016-09-01 02:29 - 2016-08-27 14:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll 2016-09-01 02:29 - 2016-08-27 11:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll 2016-09-01 02:29 - 2016-08-27 07:12 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-09-01 02:29 - 2016-08-27 07:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-09-01 02:29 - 2016-08-27 06:58 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-09-01 02:29 - 2016-08-27 06:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2016-09-01 02:29 - 2016-08-27 06:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll 2016-09-01 02:29 - 2016-08-27 06:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll 2016-09-01 02:29 - 2016-08-27 06:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll 2016-09-01 02:29 - 2016-08-27 06:38 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2016-09-01 02:29 - 2016-08-27 06:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll 2016-09-01 02:29 - 2016-08-27 06:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll 2016-09-01 02:29 - 2016-08-27 06:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2016-09-01 02:29 - 2016-08-20 08:26 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-09-01 02:29 - 2016-08-20 08:13 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-09-01 02:29 - 2016-08-20 08:06 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-09-01 02:29 - 2016-08-20 08:06 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-09-01 02:29 - 2016-08-20 08:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2016-09-01 02:29 - 2016-08-20 08:05 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2016-09-01 02:29 - 2016-08-20 08:04 - 07814488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-09-01 02:29 - 2016-08-20 08:04 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-09-01 02:29 - 2016-08-20 08:04 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-09-01 02:29 - 2016-08-20 08:03 - 02257248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2016-09-01 02:29 - 2016-08-20 08:03 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-09-01 02:29 - 2016-08-20 07:52 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-09-01 02:29 - 2016-08-20 07:52 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-09-01 02:29 - 2016-08-20 07:52 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-09-01 02:29 - 2016-08-20 07:52 - 01279328 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-09-01 02:29 - 2016-08-20 07:52 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-09-01 02:29 - 2016-08-20 07:52 - 00658776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-09-01 02:29 - 2016-08-20 07:52 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys |
|
07.09.2016, 16:31
| #8 |
| | Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus FRST Log Teil 2 Code:
ATTFilter 2016-09-01 02:29 - 2016-08-20 07:52 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll 2016-09-01 02:29 - 2016-08-20 07:51 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys 2016-09-01 02:29 - 2016-08-20 07:50 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-09-01 02:29 - 2016-08-20 07:50 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-09-01 02:29 - 2016-08-20 07:50 - 01099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2016-09-01 02:29 - 2016-08-20 07:50 - 00987992 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2016-09-01 02:29 - 2016-08-20 07:50 - 00942424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2016-09-01 02:29 - 2016-08-20 07:50 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2016-09-01 02:29 - 2016-08-20 07:50 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2016-09-01 02:29 - 2016-08-20 07:50 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-09-01 02:29 - 2016-08-20 07:50 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll 2016-09-01 02:29 - 2016-08-20 07:47 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-09-01 02:29 - 2016-08-20 07:47 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2016-09-01 02:29 - 2016-08-20 07:47 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-09-01 02:29 - 2016-08-20 07:46 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-09-01 02:29 - 2016-08-20 07:43 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-09-01 02:29 - 2016-08-20 07:42 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2016-09-01 02:29 - 2016-08-20 07:34 - 01430200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-09-01 02:29 - 2016-08-20 07:34 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-09-01 02:29 - 2016-08-20 07:34 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll 2016-09-01 02:29 - 2016-08-20 07:33 - 05722312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-09-01 02:29 - 2016-08-20 07:33 - 00852824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-09-01 02:29 - 2016-08-20 07:32 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-09-01 02:29 - 2016-08-20 07:32 - 00846552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-09-01 02:29 - 2016-08-20 07:29 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-09-01 02:29 - 2016-08-20 07:29 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-09-01 02:29 - 2016-08-20 07:29 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-09-01 02:29 - 2016-08-20 07:25 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-09-01 02:29 - 2016-08-20 07:22 - 22571008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-09-01 02:29 - 2016-08-20 07:22 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2016-09-01 02:29 - 2016-08-20 07:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2016-09-01 02:29 - 2016-08-20 07:21 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll 2016-09-01 02:29 - 2016-08-20 07:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL 2016-09-01 02:29 - 2016-08-20 07:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2016-09-01 02:29 - 2016-08-20 07:21 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll 2016-09-01 02:29 - 2016-08-20 07:21 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2016-09-01 02:29 - 2016-08-20 07:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL 2016-09-01 02:29 - 2016-08-20 07:20 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2016-09-01 02:29 - 2016-08-20 07:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll 2016-09-01 02:29 - 2016-08-20 07:20 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2016-09-01 02:29 - 2016-08-20 07:20 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys 2016-09-01 02:29 - 2016-08-20 07:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL 2016-09-01 02:29 - 2016-08-20 07:19 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll 2016-09-01 02:29 - 2016-08-20 07:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2016-09-01 02:29 - 2016-08-20 07:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2016-09-01 02:29 - 2016-08-20 07:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-09-01 02:29 - 2016-08-20 07:18 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys 2016-09-01 02:29 - 2016-08-20 07:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2016-09-01 02:29 - 2016-08-20 07:17 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys 2016-09-01 02:29 - 2016-08-20 07:17 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2016-09-01 02:29 - 2016-08-20 07:17 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-09-01 02:29 - 2016-08-20 07:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll 2016-09-01 02:29 - 2016-08-20 07:16 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2016-09-01 02:29 - 2016-08-20 07:16 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2016-09-01 02:29 - 2016-08-20 07:16 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll 2016-09-01 02:29 - 2016-08-20 07:15 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2016-09-01 02:29 - 2016-08-20 07:15 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2016-09-01 02:29 - 2016-08-20 07:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2016-09-01 02:29 - 2016-08-20 07:15 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-09-01 02:29 - 2016-08-20 07:15 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2016-09-01 02:29 - 2016-08-20 07:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL 2016-09-01 02:29 - 2016-08-20 07:14 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2016-09-01 02:29 - 2016-08-20 07:14 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2016-09-01 02:29 - 2016-08-20 07:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2016-09-01 02:29 - 2016-08-20 07:14 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll 2016-09-01 02:29 - 2016-08-20 07:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL 2016-09-01 02:29 - 2016-08-20 07:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL 2016-09-01 02:29 - 2016-08-20 07:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-09-01 02:29 - 2016-08-20 07:13 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-09-01 02:29 - 2016-08-20 07:13 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll 2016-09-01 02:29 - 2016-08-20 07:13 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2016-09-01 02:29 - 2016-08-20 07:12 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2016-09-01 02:29 - 2016-08-20 07:12 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-09-01 02:29 - 2016-08-20 07:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-09-01 02:29 - 2016-08-20 07:12 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-09-01 02:29 - 2016-08-20 07:12 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-09-01 02:29 - 2016-08-20 07:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-09-01 02:29 - 2016-08-20 07:12 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2016-09-01 02:29 - 2016-08-20 07:11 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2016-09-01 02:29 - 2016-08-20 07:11 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-09-01 02:29 - 2016-08-20 07:11 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-09-01 02:29 - 2016-08-20 07:11 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll 2016-09-01 02:29 - 2016-08-20 07:11 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2016-09-01 02:29 - 2016-08-20 07:10 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2016-09-01 02:29 - 2016-08-20 07:10 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2016-09-01 02:29 - 2016-08-20 07:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-09-01 02:29 - 2016-08-20 07:09 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-09-01 02:29 - 2016-08-20 07:09 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-09-01 02:29 - 2016-08-20 07:09 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll 2016-09-01 02:29 - 2016-08-20 07:09 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2016-09-01 02:29 - 2016-08-20 07:08 - 01906176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2016-09-01 02:29 - 2016-08-20 07:08 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2016-09-01 02:29 - 2016-08-20 07:08 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll 2016-09-01 02:29 - 2016-08-20 07:08 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll 2016-09-01 02:29 - 2016-08-20 07:08 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-09-01 02:29 - 2016-08-20 07:08 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll 2016-09-01 02:29 - 2016-08-20 07:07 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2016-09-01 02:29 - 2016-08-20 07:07 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-09-01 02:29 - 2016-08-20 07:07 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-09-01 02:29 - 2016-08-20 07:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2016-09-01 02:29 - 2016-08-20 07:07 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2016-09-01 02:29 - 2016-08-20 07:07 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll 2016-09-01 02:29 - 2016-08-20 07:07 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll 2016-09-01 02:29 - 2016-08-20 07:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-09-01 02:29 - 2016-08-20 07:06 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2016-09-01 02:29 - 2016-08-20 07:06 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll 2016-09-01 02:29 - 2016-08-20 07:05 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2016-09-01 02:29 - 2016-08-20 07:05 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-09-01 02:29 - 2016-08-20 07:04 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-09-01 02:29 - 2016-08-20 07:04 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2016-09-01 02:29 - 2016-08-20 07:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2016-09-01 02:29 - 2016-08-20 07:04 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-09-01 02:29 - 2016-08-20 07:04 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-09-01 02:29 - 2016-08-20 07:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2016-09-01 02:29 - 2016-08-20 07:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll 2016-09-01 02:29 - 2016-08-20 07:03 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2016-09-01 02:29 - 2016-08-20 07:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-09-01 02:29 - 2016-08-20 07:03 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2016-09-01 02:29 - 2016-08-20 07:03 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-09-01 02:29 - 2016-08-20 07:02 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2016-09-01 02:29 - 2016-08-20 07:01 - 04612096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-09-01 02:29 - 2016-08-20 07:01 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2016-09-01 02:29 - 2016-08-20 07:01 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll 2016-09-01 02:29 - 2016-08-20 07:00 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-09-01 02:29 - 2016-08-20 07:00 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-09-01 02:29 - 2016-08-20 07:00 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2016-09-01 02:29 - 2016-08-20 07:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll 2016-09-01 02:29 - 2016-08-20 06:59 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-09-01 02:29 - 2016-08-20 06:59 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2016-09-01 02:29 - 2016-08-20 06:59 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-09-01 02:29 - 2016-08-20 06:59 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2016-09-01 02:29 - 2016-08-20 06:59 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2016-09-01 02:29 - 2016-08-20 06:59 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2016-09-01 02:29 - 2016-08-20 06:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll 2016-09-01 02:29 - 2016-08-20 06:58 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2016-09-01 02:29 - 2016-08-20 06:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll 2016-09-01 02:29 - 2016-08-20 06:57 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-09-01 02:29 - 2016-08-20 06:57 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-09-01 02:29 - 2016-08-20 06:57 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-09-01 02:29 - 2016-08-20 06:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll 2016-09-01 02:29 - 2016-08-20 06:56 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2016-09-01 02:29 - 2016-08-20 06:56 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-09-01 02:29 - 2016-08-20 06:56 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-09-01 02:29 - 2016-08-20 06:56 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2016-09-01 02:29 - 2016-08-20 06:56 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2016-09-01 02:29 - 2016-08-20 06:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2016-09-01 02:29 - 2016-08-20 06:56 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-09-01 02:29 - 2016-08-20 06:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll 2016-09-01 02:29 - 2016-08-20 06:55 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-09-01 02:29 - 2016-08-20 06:55 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-09-01 02:29 - 2016-08-20 06:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2016-09-01 02:29 - 2016-08-20 06:53 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-09-01 02:29 - 2016-08-20 06:53 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2016-09-01 02:29 - 2016-08-20 06:53 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2016-09-01 02:29 - 2016-08-20 06:52 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2016-09-01 02:29 - 2016-08-20 06:51 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-09-01 02:29 - 2016-08-20 06:51 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-09-01 02:29 - 2016-08-20 06:51 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2016-09-01 02:29 - 2016-08-20 06:50 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-09-01 02:29 - 2016-08-20 06:49 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2016-09-01 02:29 - 2016-08-20 06:46 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2016-09-01 02:29 - 2016-08-19 03:33 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS 2016-09-01 02:09 - 2016-09-01 02:08 - 00000390 _____ C:\Users\hochs\Desktop\product-file-76929a54-3505-4045-9b2f-a770f169c5dc-20160901-0208.bin 2016-09-01 02:08 - 2016-09-01 02:08 - 00000390 _____ C:\Users\hochs\Downloads\product-file-76929a54-3505-4045-9b2f-a770f169c5dc-20160901-0208.bin 2016-09-01 01:36 - 2016-09-01 01:37 - 08780008 _____ C:\Users\hochs\Downloads\TVCSUTSetup_V1.0.0.2.exe 2016-09-01 01:03 - 2016-09-01 01:03 - 00001154 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-09-01 01:03 - 2016-09-01 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2016-09-01 01:02 - 2016-09-01 01:02 - 30533688 _____ C:\Users\hochs\Downloads\vlc-2.2.4-win32.exe 2016-09-01 01:02 - 2016-09-01 01:02 - 30533688 _____ C:\Users\hochs\Downloads\vlc-2.2.4-win32(1).exe 2016-09-01 01:01 - 2016-09-01 01:17 - 00000000 ____D C:\Users\hochs\AppData\Roaming\dvblinkplayer 2016-09-01 01:00 - 2016-09-01 01:01 - 00001401 _____ C:\Users\Public\Desktop\DVBLink Viewer.lnk 2016-09-01 01:00 - 2016-09-01 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVBLink 2016-09-01 01:00 - 2016-09-01 01:00 - 00000000 ____D C:\Program Files (x86)\DVBLogic 2016-09-01 00:26 - 2016-09-01 00:26 - 00002081 _____ C:\Users\Public\Desktop\TraXEx-Schredder.lnk 2016-09-01 00:26 - 2016-09-01 00:26 - 00002059 _____ C:\Users\Public\Desktop\TraXEx-Löschautomat.lnk 2016-09-01 00:26 - 2016-09-01 00:26 - 00002051 _____ C:\Users\Public\Desktop\TraXEx 7.0.lnk 2016-09-01 00:26 - 2016-09-01 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TraXEx 7.0 2016-09-01 00:24 - 2016-09-01 00:24 - 05425856 _____ (Alexander Miehlke Softwareentwicklung ) C:\Users\hochs\Downloads\traxex70.exe 2016-08-31 14:48 - 2016-08-31 14:52 - 1301259155 _____ C:\Users\hochs\Downloads\Mama Macht S Moeglich.mp4 2016-08-31 14:46 - 2016-08-31 14:46 - 00000000 ____D C:\Users\hochs\Downloads\Ein Fall für zwei - Tod eines Leibwächters 2016-08-31 14:41 - 2016-08-31 14:46 - 2414733861 _____ C:\Users\hochs\Downloads\2016-08-26_14.40_ZDFneo_Ein-Fall-fuer-zwei_Schlechte-Karten.mp4 2016-08-31 14:41 - 2016-08-31 14:46 - 2414650592 _____ C:\Users\hochs\Downloads\Ein-Fall-fuer-zwei_Tod-eines-Leibwaechters.mp4 2016-08-31 14:25 - 2016-08-31 14:34 - 2557520455 _____ C:\Users\hochs\Downloads\Besondere Schwere Der Schuld.mp4 2016-08-31 14:25 - 2016-08-31 14:30 - 1626838601 _____ C:\Users\hochs\Downloads\Female Body Inspectors.mp4 2016-08-31 11:44 - 2016-08-31 11:44 - 00241560 _____ C:\Users\hochs\Downloads\160831_WS_P+PRIO+5_SI_1__25172425.pdf 2016-08-31 08:32 - 2016-09-01 10:06 - 00000402 _____ C:\Users\hochs\Downloads\mailpv.cfg 2016-08-31 07:48 - 2016-06-26 12:52 - 00015574 _____ C:\Users\hochs\Downloads\mailpv.chm 2016-08-31 07:48 - 2016-06-26 12:52 - 00010952 _____ C:\Users\hochs\Downloads\readme.txt 2016-08-31 06:32 - 2016-08-31 07:22 - 00000600 _____ C:\Users\hochs\AppData\Roaming\winscp.rnd 2016-08-31 06:10 - 2016-08-31 06:11 - 93009920 _____ C:\Users\hochs\Desktop\PlexMediaServer-1.0.3.2461-35f0caa-x86.spk 2016-08-31 05:48 - 2016-08-31 05:48 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH 2016-08-30 20:54 - 2016-08-30 20:54 - 00000270 _____ C:\Users\hochs\Downloads\blank.tif 2016-08-30 19:22 - 2016-08-30 19:22 - 00000151 _____ C:\Users\hochs\Downloads\stream (2).m3u 2016-08-30 19:21 - 2016-08-30 19:21 - 00000151 _____ C:\Users\hochs\Downloads\stream.m3u 2016-08-30 19:21 - 2016-08-30 19:21 - 00000151 _____ C:\Users\hochs\Downloads\stream (1).m3u 2016-08-30 18:28 - 2016-08-30 18:29 - 00000000 ____D C:\Users\hochs\AppData\Local\CloudStation 2016-08-30 18:28 - 2016-08-30 18:28 - 00001368 _____ C:\Users\Public\Desktop\Synology Cloud Station Drive.lnk 2016-08-30 18:25 - 2016-08-30 18:27 - 00000000 ____D C:\Users\hochs\AppData\Local\CloudStationBackup 2016-08-30 18:25 - 2016-08-30 18:25 - 00001410 _____ C:\Users\Public\Desktop\Synology Cloud Station Backup.lnk 2016-08-30 18:25 - 2016-08-30 18:25 - 00000042 ____H C:\Users\hochs\.uuid 2016-08-30 14:17 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\Open.Road.Wohin.wird.der.Weg.sie.fuehren.2013.German.DL.1080p.BluRay.x264-CONTRiBUTiON - hd-area.org 2016-08-30 13:53 - 2016-08-30 13:54 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Paltalk 2016-08-30 13:53 - 2016-08-30 13:53 - 00002065 _____ C:\Users\hochs\Desktop\Paltalk Messenger.lnk 2016-08-30 13:53 - 2016-08-30 13:53 - 00001186 _____ C:\Users\hochs\Desktop\Upgrade to Paltalk Extreme.lnk 2016-08-30 13:53 - 2016-08-30 13:53 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger 2016-08-30 09:18 - 2016-08-30 09:19 - 00313742 _____ C:\TDSSKiller.3.1.0.11_30.08.2016_09.18.51_log.txt 2016-08-30 09:18 - 2016-08-30 09:18 - 04747704 _____ (AO Kaspersky Lab) C:\Users\hochs\Desktop\tdsskiller.exe 2016-08-30 02:57 - 2016-08-30 18:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology 2016-08-30 02:57 - 2016-08-30 18:28 - 00000000 ____D C:\Program Files (x86)\Synology 2016-08-30 02:57 - 2016-08-30 02:57 - 00001248 _____ C:\Users\Public\Desktop\Synology Assistant.lnk 2016-08-30 02:57 - 2016-08-30 02:57 - 00000000 ____D C:\ProgramData\Synology 2016-08-30 02:22 - 2016-09-01 16:49 - 00000000 ____D C:\Users\hochs\Downloads\AdobeAcrobatXIPro11 0 17ISOPentiumXForce 2016-08-30 02:17 - 2016-08-30 02:22 - 00000000 ____D C:\Users\hochs\Downloads\share-online.biz 2016-08-30 01:23 - 2016-08-30 01:23 - 00531368 _____ (Simon Tatham) C:\Users\hochs\Downloads\putty.exe 2016-08-30 01:23 - 2016-08-30 01:23 - 00334760 _____ (Simon Tatham) C:\Users\hochs\Downloads\puttytel.exe 2016-08-29 18:31 - 2016-08-29 18:32 - 00000000 ___RD C:\Users\hochs\Downloads\Guernica.German.2016.AC3.DVDRiP.x264-SAViOUR 2016-08-29 17:14 - 2016-08-29 17:14 - 00000000 ____D C:\Users\hochs\Desktop\Unpacked 2016-08-29 16:39 - 2016-08-29 18:33 - 00003637 _____ C:\Users\hochs\Downloads\Load.ini 2016-08-29 16:39 - 2016-08-29 16:41 - 00000000 ____D C:\Users\hochs\Downloads\Data 2016-08-29 16:36 - 2016-08-29 18:30 - 00000000 ____D C:\Users\hochs\AppData\Roaming\PeaZip 2016-08-29 16:35 - 2016-08-29 16:36 - 04806656 _____ (CandiSoft) C:\Users\hochs\Downloads\Load.exe 2016-08-29 16:35 - 2016-08-29 16:36 - 00221176 _____ (Alexander Roshal) C:\Users\hochs\Downloads\unrar.dll 2016-08-29 16:35 - 2016-08-29 16:36 - 00128000 _____ C:\Users\hochs\Downloads\reconnect.s3db 2016-08-29 16:35 - 2016-08-29 16:35 - 17498429 _____ C:\Users\hochs\Downloads\CandiSoft_Load_0.7.5.zip 2016-08-29 16:35 - 2015-06-05 22:39 - 02732032 _____ (CandiSoft) C:\Users\hochs\Downloads\Update.exe 2016-08-29 16:35 - 2015-06-05 22:39 - 01359872 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\hochs\Downloads\libeay32.dll 2016-08-29 16:35 - 2015-06-05 22:39 - 00355328 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\hochs\Downloads\ssleay32.dll 2016-08-29 16:35 - 2015-01-14 01:54 - 00344064 _____ C:\Users\hochs\Downloads\sqlite3.dll 2016-08-29 16:01 - 2016-09-06 18:29 - 00000000 ____D C:\Users\hochs\AppData\Roaming\KeePass 2016-08-29 16:00 - 2016-08-29 16:00 - 00000000 ____D C:\Users\hochs\AppData\Roaming\WinRAR 2016-08-29 15:58 - 2016-08-29 16:06 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2 2016-08-29 15:58 - 2016-08-29 15:58 - 00001201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk 2016-08-29 15:58 - 2016-08-29 15:58 - 00001189 _____ C:\Users\hochs\Desktop\KeePass 2.lnk 2016-08-29 10:28 - 2016-09-07 16:57 - 00000000 ____D C:\Users\hochs\Downloads\www.m-kraehenmann.ch 2016-08-29 10:09 - 2016-09-02 04:01 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Kodi 2016-08-29 09:57 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\Jason.Bourne.TS.LD.German.x264-PsO - filecrypt.cc 2016-08-28 19:46 - 2016-08-28 19:46 - 00000000 ____D C:\Users\hochs\AppData\Roaming\PDAppFlex 2016-08-28 19:03 - 2016-08-28 19:03 - 00000000 ____D C:\Users\hochs\AppData\Local\enchant 2016-08-28 18:15 - 2016-08-28 18:15 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Hewlett-Packard 2016-08-28 18:11 - 2016-09-04 13:55 - 00000000 ____D C:\Users\hochs\AppData\Roaming\HexChat 2016-08-28 18:11 - 2016-08-28 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HexChat 2016-08-28 18:11 - 2016-08-28 18:11 - 00000000 ____D C:\Program Files\HexChat 2016-08-28 16:49 - 2016-08-28 16:49 - 00000000 ____D C:\Users\hochs\AppData\Roaming\TeamViewer 2016-08-28 14:02 - 2016-08-31 07:27 - 00519917 _____ C:\WINDOWS\system32\Drivers\etc\hosts.hitmanpro 2016-08-28 13:48 - 2016-08-28 13:48 - 00490651 _____ C:\Users\hochs\AppData\Local\census.cache 2016-08-28 13:48 - 2016-08-28 13:48 - 00187693 _____ C:\Users\hochs\AppData\Local\ars.cache 2016-08-28 13:46 - 2016-09-06 18:47 - 00000000 ____D C:\Users\hochs\AppData\Roaming\vlc 2016-08-28 13:41 - 2016-08-28 13:41 - 00000000 ____D C:\Users\hochs\AppData\Local\Macromedia 2016-08-28 13:29 - 2016-08-28 13:29 - 00000036 _____ C:\Users\hochs\AppData\Local\housecall.guid.cache 2016-08-28 13:29 - 2016-08-28 13:29 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Macromedia 2016-08-28 13:22 - 2016-08-31 11:42 - 00000000 ____D C:\Users\hochs\AppData\Roaming\DMCache 2016-08-28 12:08 - 2016-08-28 12:08 - 00000000 ____D C:\Program Files (x86)\ESET 2016-08-28 11:25 - 2016-09-01 08:40 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Adobe 2016-08-28 11:19 - 2016-08-28 11:19 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Atheros 2016-08-28 11:05 - 2016-09-01 13:36 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit 2016-08-28 10:48 - 2016-09-07 17:14 - 00000000 ____D C:\FRST 2016-08-28 10:13 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part6.rar 2016-08-28 10:13 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part5.rar 2016-08-28 10:13 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part4.rar 2016-08-28 10:13 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part3.rar 2016-08-28 10:13 - 2016-08-28 10:13 - 54107190 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part7.rar 2016-08-28 10:12 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part1.rar 2016-08-28 10:12 - 2016-08-28 10:13 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part2.rar 2016-08-28 10:07 - 2016-08-28 10:07 - 00002756 _____ C:\Users\hochs\Downloads\333179792d081560db7da4895d27228227acbdda.dlc 2016-08-28 09:58 - 2016-08-28 09:58 - 00001347 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box.lnk 2016-08-28 09:58 - 2016-08-28 09:58 - 00001335 _____ C:\Users\Public\Desktop\Browser in the Box.lnk 2016-08-28 09:58 - 2016-08-28 09:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box 2016-08-28 09:57 - 2016-08-28 09:57 - 00000000 ____D C:\ProgramData\Sirrix AG 2016-08-28 09:57 - 2016-08-28 09:57 - 00000000 ____D C:\Program Files (x86)\Sirrix AG 2016-08-28 09:55 - 2016-08-28 09:55 - 00000000 ____D C:\Program Files\Oracle 2016-08-28 09:41 - 2016-08-28 09:41 - 00000000 ____D C:\Program Files\Common Files\AV 2016-08-28 09:41 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe 2016-08-28 09:39 - 2016-09-01 16:10 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2016-08-28 09:39 - 2016-09-01 15:23 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2016-08-28 03:09 - 2016-08-06 06:17 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2016-08-28 03:09 - 2016-08-06 06:08 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-08-28 03:09 - 2016-08-06 06:08 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-08-28 03:09 - 2016-08-06 06:08 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2016-08-28 03:09 - 2016-08-06 06:04 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2016-08-28 03:09 - 2016-08-06 06:03 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2016-08-28 03:09 - 2016-08-06 06:03 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2016-08-28 03:09 - 2016-08-06 06:03 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-08-28 03:09 - 2016-08-06 06:03 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2016-08-28 03:09 - 2016-08-06 06:03 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe 2016-08-28 03:09 - 2016-08-06 06:02 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-08-28 03:09 - 2016-08-06 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2016-08-28 03:09 - 2016-08-06 05:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll 2016-08-28 03:09 - 2016-08-06 05:48 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll 2016-08-28 03:09 - 2016-08-06 05:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx 2016-08-28 03:09 - 2016-08-06 05:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll 2016-08-28 03:09 - 2016-08-06 05:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL 2016-08-28 03:09 - 2016-08-06 05:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll 2016-08-28 03:09 - 2016-08-06 05:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll 2016-08-28 03:09 - 2016-08-06 05:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2016-08-28 03:09 - 2016-08-06 05:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe 2016-08-28 03:09 - 2016-08-06 05:44 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2016-08-28 03:09 - 2016-08-06 05:44 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll 2016-08-28 03:09 - 2016-08-06 05:41 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-08-28 03:09 - 2016-08-06 05:41 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll 2016-08-28 03:09 - 2016-08-06 05:41 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll 2016-08-28 03:09 - 2016-08-06 05:40 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2016-08-28 03:09 - 2016-08-06 05:39 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll 2016-08-28 03:09 - 2016-08-06 05:37 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-08-28 03:09 - 2016-08-06 05:31 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-08-28 03:09 - 2016-08-06 05:30 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-08-28 03:09 - 2016-08-06 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2016-08-28 03:09 - 2016-08-06 05:28 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2016-08-28 03:09 - 2016-08-06 05:28 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll 2016-08-28 03:09 - 2016-08-06 05:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2016-08-28 03:09 - 2016-08-06 05:26 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll 2016-08-28 03:09 - 2016-08-06 05:26 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-08-28 03:09 - 2016-08-06 05:25 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-08-28 03:09 - 2016-08-06 05:24 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-08-28 03:09 - 2016-08-06 05:23 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-08-28 03:09 - 2016-08-06 05:21 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll 2016-08-28 03:09 - 2016-08-05 11:10 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll 2016-08-28 03:09 - 2016-08-05 10:29 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll 2016-08-28 03:09 - 2016-08-05 10:23 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll 2016-08-28 03:09 - 2016-08-05 10:20 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll 2016-08-28 03:09 - 2016-08-05 10:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll 2016-08-28 03:08 - 2016-08-06 06:33 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-08-28 03:08 - 2016-08-06 06:31 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2016-08-28 03:08 - 2016-08-06 06:31 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe 2016-08-28 03:08 - 2016-08-06 06:29 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys 2016-08-28 03:08 - 2016-08-06 06:29 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2016-08-28 03:08 - 2016-08-06 06:26 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2016-08-28 03:08 - 2016-08-06 06:23 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-08-28 03:08 - 2016-08-06 06:18 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-08-28 03:08 - 2016-08-06 06:18 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-08-28 03:08 - 2016-08-06 06:18 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2016-08-28 03:08 - 2016-08-06 06:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-08-28 03:08 - 2016-08-06 06:17 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-08-28 03:08 - 2016-08-06 06:17 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-08-28 03:08 - 2016-08-06 06:16 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2016-08-28 03:08 - 2016-08-06 06:15 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2016-08-28 03:08 - 2016-08-06 06:13 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2016-08-28 03:08 - 2016-08-06 06:13 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2016-08-28 03:08 - 2016-08-06 06:13 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-08-28 03:08 - 2016-08-06 06:13 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2016-08-28 03:08 - 2016-08-06 06:13 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-08-28 03:08 - 2016-08-06 06:13 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe 2016-08-28 03:08 - 2016-08-06 06:09 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-08-28 03:08 - 2016-08-06 06:08 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-08-28 03:08 - 2016-08-06 06:08 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-08-28 03:08 - 2016-08-06 06:08 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-08-28 03:08 - 2016-08-06 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2016-08-28 03:08 - 2016-08-06 05:48 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll 2016-08-28 03:08 - 2016-08-06 05:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe 2016-08-28 03:08 - 2016-08-06 05:48 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll 2016-08-28 03:08 - 2016-08-06 05:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys 2016-08-28 03:08 - 2016-08-06 05:47 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2016-08-28 03:08 - 2016-08-06 05:47 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll 2016-08-28 03:08 - 2016-08-06 05:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx 2016-08-28 03:08 - 2016-08-06 05:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll 2016-08-28 03:08 - 2016-08-06 05:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL 2016-08-28 03:08 - 2016-08-06 05:46 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe 2016-08-28 03:08 - 2016-08-06 05:46 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe 2016-08-28 03:08 - 2016-08-06 05:46 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2016-08-28 03:08 - 2016-08-06 05:46 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys 2016-08-28 03:08 - 2016-08-06 05:45 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll 2016-08-28 03:08 - 2016-08-06 05:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2016-08-28 03:08 - 2016-08-06 05:45 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll 2016-08-28 03:08 - 2016-08-06 05:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe 2016-08-28 03:08 - 2016-08-06 05:44 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys 2016-08-28 03:08 - 2016-08-06 05:44 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll 2016-08-28 03:08 - 2016-08-06 05:43 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll 2016-08-28 03:08 - 2016-08-06 05:43 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-08-28 03:08 - 2016-08-06 05:43 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2016-08-28 03:08 - 2016-08-06 05:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2016-08-28 03:08 - 2016-08-06 05:42 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-08-28 03:08 - 2016-08-06 05:41 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2016-08-28 03:08 - 2016-08-06 05:41 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2016-08-28 03:08 - 2016-08-06 05:41 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2016-08-28 03:08 - 2016-08-06 05:41 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll 2016-08-28 03:08 - 2016-08-06 05:41 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll 2016-08-28 03:08 - 2016-08-06 05:40 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-08-28 03:08 - 2016-08-06 05:40 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll 2016-08-28 03:08 - 2016-08-06 05:40 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll 2016-08-28 03:08 - 2016-08-06 05:40 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll 2016-08-28 03:08 - 2016-08-06 05:39 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2016-08-28 03:08 - 2016-08-06 05:39 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll 2016-08-28 03:08 - 2016-08-06 05:39 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll 2016-08-28 03:08 - 2016-08-06 05:38 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-08-28 03:08 - 2016-08-06 05:38 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2016-08-28 03:08 - 2016-08-06 05:36 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll 2016-08-28 03:08 - 2016-08-06 05:33 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-08-28 03:08 - 2016-08-06 05:33 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-08-28 03:08 - 2016-08-06 05:31 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2016-08-28 03:08 - 2016-08-06 05:31 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll 2016-08-28 03:08 - 2016-08-06 05:31 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2016-08-28 03:08 - 2016-08-06 05:31 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2016-08-28 03:08 - 2016-08-06 05:30 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-08-28 03:08 - 2016-08-06 05:29 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-08-28 03:08 - 2016-08-06 05:29 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2016-08-28 03:08 - 2016-08-06 05:29 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2016-08-28 03:08 - 2016-08-06 05:29 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2016-08-28 03:08 - 2016-08-06 05:26 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-08-28 03:08 - 2016-08-06 05:25 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll 2016-08-28 03:08 - 2016-08-06 05:24 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-08-28 03:08 - 2016-08-06 05:23 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2016-08-28 03:08 - 2016-08-06 05:23 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-08-28 03:08 - 2016-08-06 05:23 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-08-28 03:08 - 2016-08-06 05:23 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-08-28 03:08 - 2016-08-06 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2016-08-28 03:08 - 2016-08-06 05:23 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-08-28 03:08 - 2016-08-06 05:23 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll 2016-08-28 03:08 - 2016-08-06 05:19 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2016-08-28 03:08 - 2016-08-06 05:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll 2016-08-28 03:08 - 2016-08-05 11:14 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll 2016-08-28 03:08 - 2016-08-05 11:12 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2016-08-28 03:08 - 2016-08-05 11:05 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe 2016-08-28 03:08 - 2016-08-05 10:28 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll 2016-08-28 03:08 - 2016-08-05 10:22 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll 2016-08-28 03:08 - 2016-08-05 10:20 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2016-08-28 03:08 - 2016-08-05 10:08 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll 2016-08-28 02:26 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\home_made_pro_am_pussy_4_720p.mp4 - hd-area.org 2016-08-28 02:23 - 2016-08-28 02:23 - 00002992 _____ C:\Users\hochs\Downloads\dad82ff837cf7d22a95974c8353b6eeba7879229.dlc 2016-08-28 02:23 - 2016-08-28 02:23 - 00002992 _____ C:\Users\hochs\Downloads\dad82ff837cf7d22a95974c8353b6eeba7879229 (3).dlc 2016-08-28 02:23 - 2016-08-28 02:23 - 00002992 _____ C:\Users\hochs\Downloads\dad82ff837cf7d22a95974c8353b6eeba7879229 (2).dlc 2016-08-28 02:23 - 2016-08-28 02:23 - 00002992 _____ C:\Users\hochs\Downloads\dad82ff837cf7d22a95974c8353b6eeba7879229 (1).dlc 2016-08-28 02:22 - 2016-08-28 02:22 - 00013755 _____ C:\Users\hochs\Downloads\helper.html 2016-08-28 01:41 - 2016-09-01 00:22 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager 2016-08-28 01:41 - 2016-08-31 11:44 - 00000000 ____D C:\Users\hochs\AppData\Roaming\IDM 2016-08-28 01:41 - 2016-08-31 07:05 - 00000000 ____D C:\Users\hochs\Downloads\Video 2016-08-28 01:41 - 2016-08-29 16:00 - 00000000 ____D C:\Users\hochs\Downloads\Compressed 2016-08-28 01:41 - 2016-08-28 01:44 - 00001093 _____ C:\Users\hochs\Desktop\Internet Download Manager.lnk 2016-08-28 01:41 - 2016-08-28 01:41 - 00000000 ____D C:\ProgramData\IDM 2016-08-28 01:41 - 2016-08-28 01:41 - 00000000 _____ C:\Users\hochs\Downloads\Download.htm 2016-08-28 01:39 - 2016-08-28 01:41 - 06895345 _____ (Tonec Inc.) C:\Users\hochs\Downloads\IDM_Pre.exe 2016-08-28 01:39 - 2016-08-28 01:39 - 06895345 _____ (Tonec Inc.) C:\Users\hochs\Downloads\IDM_Pre (1).exe 2016-08-28 01:38 - 2016-08-28 01:38 - 00000000 _____ C:\Users\hochs\Downloads\da9e.tmp 2016-08-28 01:35 - 2016-08-28 01:35 - 00000000 ____D C:\Users\hochs\Downloads\Internet Download Manager 6 25 Build 25 Pre-Activated 2016-08-28 01:29 - 2016-08-28 01:29 - 00000196 _____ C:\Users\hochs\Downloads\a6dbb02e-c968-40a7-899f-d43a357ae8b4.htm 2016-08-28 01:26 - 2016-08-28 01:26 - 03875576 _____ C:\Users\hochs\Downloads\Nicht bestätigt 790328.crdownload 2016-08-28 01:26 - 2016-08-28 01:26 - 03875576 _____ C:\Users\hochs\Downloads\Nicht bestätigt 72968.crdownload 2016-08-28 01:25 - 2016-08-28 01:25 - 03875576 _____ C:\Users\hochs\Downloads\Nicht bestätigt 426776.crdownload 2016-08-28 01:20 - 2016-08-28 01:20 - 00004440 _____ C:\Users\hochs\Downloads\e7b3c70dacfd72a5689c890d8fbb75d688f8b75d.dlc 2016-08-28 01:20 - 2016-08-28 01:20 - 00004440 _____ C:\Users\hochs\Downloads\e7b3c70dacfd72a5689c890d8fbb75d688f8b75d (3).dlc 2016-08-28 01:20 - 2016-08-28 01:20 - 00004440 _____ C:\Users\hochs\Downloads\e7b3c70dacfd72a5689c890d8fbb75d688f8b75d (2).dlc 2016-08-28 01:20 - 2016-08-28 01:20 - 00004440 _____ C:\Users\hochs\Downloads\e7b3c70dacfd72a5689c890d8fbb75d688f8b75d (1).dlc 2016-08-28 01:15 - 2016-09-04 12:32 - 00000000 ____D C:\Users\hochs\AppData\Local\Free Download Manager 2016-08-27 20:41 - 2016-08-27 20:42 - 00000000 ____D C:\Users\hochs\Downloads\Cuban.Fury.Echte.Maenner.tanzen.German.2014.AC3.BDRip.x264-FRACTAL 2016-08-27 20:39 - 2016-08-27 20:39 - 00003480 _____ C:\Users\hochs\Downloads\5b1f9ae276247c172704601f80fd4f7e6cdb3388 (1).dlc 2016-08-27 20:38 - 2016-08-27 20:38 - 00003480 _____ C:\Users\hochs\Downloads\5b1f9ae276247c172704601f80fd4f7e6cdb3388.dlc 2016-08-27 20:37 - 2016-08-27 20:37 - 00001918 _____ C:\Users\Public\Desktop\Star Downloader.lnk 2016-08-27 20:37 - 2016-08-27 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Downloader 2016-08-27 20:37 - 2016-08-27 20:37 - 00000000 ____D C:\Program Files (x86)\Star Downloader 2016-08-27 20:36 - 2016-08-27 20:37 - 02452082 _____ (Star Downloader) C:\Users\hochs\Downloads\sdfree.exe 2016-08-27 20:32 - 2016-09-04 14:46 - 00000000 ____D C:\Users\hochs\Downloads\Star Trek Beyond (2016) 2016-08-27 20:11 - 2016-08-27 20:11 - 00001348 _____ C:\Users\hochs\Desktop\4K Video Downloader.lnk 2016-08-27 20:11 - 2016-08-27 20:11 - 00000000 ____D C:\Users\hochs\AppData\Local\4kdownload.com 2016-08-27 20:11 - 2016-08-27 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download 2016-08-27 20:11 - 2016-08-27 20:11 - 00000000 ____D C:\Program Files (x86)\4KDownload 2016-08-27 20:10 - 2016-08-27 20:11 - 31335352 _____ (Open Media LLC ) C:\Users\hochs\Downloads\4kvideodownloader_4.1.exe 2016-08-27 20:04 - 2016-08-27 20:04 - 00003113 _____ C:\Users\hochs\Downloads\ardmediathek.host 2016-08-27 19:52 - 2016-08-27 19:52 - 00003149 _____ C:\Users\hochs\Downloads\zdfmediathek.host 2016-08-27 11:56 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\The.Mechanic.2.Resurrection.2016.TS.MD.German.x264-PS - filecrypt.cc 2016-08-27 09:14 - 2016-08-27 09:14 - 00000838 _____ C:\Users\hochs\Documents\psr7.lic 2016-08-27 09:13 - 2016-08-27 09:55 - 00548864 _____ C:\Users\hochs\Documents\Passwort.ps7 2016-08-27 09:07 - 2016-08-27 09:07 - 00001214 _____ C:\Users\Public\Desktop\Password Safe 7.lnk 2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\Users\hochs\Downloads\Bitdefender Safepay 2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Password Safe and Repository 7 2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\ProgramData\InstallMate 2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\Program Files (x86)\Password Safe and Repository 7 2016-08-27 08:47 - 2016-08-27 08:47 - 00418464 _____ C:\Users\hochs\Downloads\SecureSafe-Recovery-Code.pdf 2016-08-27 08:08 - 2016-08-27 08:08 - 00001542 _____ C:\Users\Public\Desktop\Ein-Klick-Optimierung (WO14).lnk 2016-08-27 08:08 - 2016-08-27 08:08 - 00001314 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 14.lnk 2016-08-27 08:08 - 2016-08-27 08:08 - 00000214 _____ C:\Users\Public\Desktop\My Software Deals.url 2016-08-27 08:08 - 2016-08-27 08:08 - 00000000 ____D C:\ProgramData\Ashampoo 2016-08-27 08:07 - 2016-08-27 08:08 - 28473112 _____ (Ashampoo GmbH & Co. KG ) C:\Users\hochs\Downloads\ashampoo_winoptimizer_14_e14.00.02_sm.exe 2016-08-27 05:34 - 2015-11-11 13:56 - 00043618 ____N C:\Users\hochs\Downloads\qualcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_630.dll 2016-08-27 05:34 - 2015-11-11 13:56 - 00029361 ____N C:\Users\hochs\Downloads\manual_installation_guidequalcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_630.pdf 2016-08-27 05:34 - 2015-11-11 13:56 - 00005159 ____N C:\Users\hochs\Downloads\qualcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_6301.sys 2016-08-27 05:34 - 2015-11-11 13:56 - 00003638 ____N C:\Users\hochs\Downloads\READ-ME.txt 2016-08-27 05:34 - 2015-11-11 13:56 - 00001474 ____N C:\Users\hochs\Downloads\qualcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_630.cat 2016-08-27 05:33 - 2016-08-27 05:33 - 00031404 _____ C:\Users\hochs\Downloads\qualcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_630_driver.zip 2016-08-27 04:55 - 2016-08-27 04:55 - 00981592 _____ (SlimWare Utilities, Inc.) C:\Users\hochs\Downloads\SlimDrivers-setup.exe 2016-08-27 04:40 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\lhd-hwahrheit-1080p.mkv - hd-area.org 2016-08-27 04:21 - 2016-08-27 04:49 - 00000000 ____D C:\Users\hochs\Downloads\Nichts.mehr.wie.vorher.German.2013.AC3.DVDRip.x264-iMPERiUM - filecrypt.cc 2016-08-26 18:00 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\Wie.Klaut.Man.Eine.Million.German.DL.1966.HDTV.720p.x264.AC3-msd - hd-area.org 2016-08-26 17:50 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\Dafranosuri 2016-08-26 16:31 - 2016-08-26 16:31 - 00001158 _____ C:\Users\Public\Desktop\My LastPass Vault.lnk 2016-08-26 16:31 - 2016-08-26 16:31 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass 2016-08-26 16:31 - 2016-08-26 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass 2016-08-26 16:30 - 2016-08-26 16:31 - 00000000 ____D C:\Program Files (x86)\LastPass 2016-08-26 16:03 - 2016-09-04 14:28 - 00000000 ____D C:\Users\hochs\AppData\LocalLow\LastPass 2016-08-26 15:57 - 2016-08-26 15:57 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Mozilla 2016-08-26 11:43 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\Crouching.Tiger.Hidden.Dragon.Sword.of.Destiny.2016.German.Dubbed.DL.2160p.WEB-DL.x264-NIMA4K 2016-08-25 19:45 - 2016-08-26 11:41 - 00000000 ____D C:\Users\hochs\Downloads\Made.in.France.2015.German.1080p.BluRay.x264-ROOR - filecrypt.cc 2016-08-25 18:26 - 2016-08-25 18:26 - 00331104 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file2355.sys 2016-08-25 18:26 - 2016-08-25 18:26 - 00181088 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2263.sys 2016-08-25 18:26 - 2016-08-25 18:26 - 00000000 ____D C:\ProgramData\Acronis Mobile Backup Data 2016-08-24 04:24 - 2016-08-24 04:24 - 00142170 _____ C:\Users\hochs\Documents\Invoice_9636875_3300331493042016.pdf 2016-08-24 04:23 - 2016-08-24 04:23 - 00071918 _____ C:\Users\hochs\Documents\Details_9636875_3300765375082016_10000149531615.pdf 2016-08-24 04:17 - 2016-08-24 04:27 - 204759040 _____ C:\Users\hochs\Documents\DSM_DS214+_8451.pat 2016-08-23 19:03 - 2016-08-24 20:04 - 00000000 ____D C:\Users\hochs\Downloads\xan-The.Ardennes-avc.mkv - hd-area.org 2016-08-23 18:53 - 2016-08-24 20:03 - 00000000 ____D C:\Users\hochs\Downloads\kilotwobravo180.mkv - hd-area.org 2016-08-23 18:47 - 2016-08-23 18:51 - 00000000 ____D C:\Users\hochs\Downloads\The.Confirmation.2016.German.AC3.DVDRip.x264-MULTiPLEX - filecrypt.cc 2016-08-23 18:31 - 2016-08-23 18:31 - 00000000 ____D C:\Users\hochs\AppData\Local\Deployment 2016-08-22 20:18 - 2016-08-22 20:32 - 00000000 ____D C:\Users\hochs\Downloads\Riff.Piraten.1939.German.DL.1080p.BluRay.x264-CONTRiBUTiON - filecrypt.cc 2016-08-22 19:57 - 2016-08-22 19:57 - 00002126 _____ C:\Users\Public\Desktop\Google Slides.lnk 2016-08-22 19:57 - 2016-08-22 19:57 - 00002124 _____ C:\Users\Public\Desktop\Google Sheets.lnk 2016-08-22 19:57 - 2016-08-22 19:57 - 00002114 _____ C:\Users\Public\Desktop\Google Docs.lnk 2016-08-22 19:57 - 2016-08-22 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-08-22 19:32 - 2016-08-22 19:32 - 00000000 ____D C:\Snort 2016-08-22 19:30 - 2016-08-22 19:30 - 00000000 ____D C:\ProgramData\AVAST Software 2016-08-21 16:07 - 2016-08-22 20:17 - 00000000 ____D C:\Users\hochs\Downloads\Der.Wert.des.Menschen.German.2015.DL.PAL.DVDR-SAViOUR - filecrypt.cc 2016-08-21 15:59 - 2016-08-22 20:17 - 00000000 ____D C:\Users\hochs\Downloads\Nick.Knattertons.Abenteuer.Der.Raub.der.Gloria.Nylon.1959.German.BDRip.x264-MONOBiLD - filecrypt.cc 2016-08-21 13:45 - 2016-08-21 13:45 - 00000000 ____D C:\Users\hochs\Downloads\Unterschrift 2016-08-21 04:04 - 2016-08-21 04:04 - 00000000 ____D C:\ProgramData\Wondershare 2016-08-21 04:03 - 2016-08-21 04:03 - 00000000 ____D C:\Users\hochs\AppData\Local\CrashRpt 2016-08-21 04:03 - 2016-08-21 04:03 - 00000000 ____D C:\Users\hochs\AppData\Local\BMExplorer 2016-08-20 19:13 - 2016-08-22 20:17 - 00000000 ____D C:\Users\hochs\Downloads\Suicide.Squad.TS.MD.GERMAN.x264-KarlsKrone - filecrypt.cc 2016-08-20 15:12 - 2016-08-20 15:12 - 00000000 ____D C:\Users\hochs\AppData\Local\PeerDistRepub 2016-08-20 14:01 - 2016-08-30 02:39 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iStripper 2016-08-20 10:41 - 2016-08-20 10:41 - 00000000 ____D C:\Users\hochs\AppData\Local\Remove_Empty_Directories 2016-08-20 10:36 - 2016-08-20 10:36 - 00001179 _____ C:\Users\Public\Desktop\Remove Empty Directories.lnk 2016-08-20 10:36 - 2016-08-20 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remove Empty Directories 2016-08-20 10:36 - 2016-08-20 10:36 - 00000000 ____D C:\Program Files (x86)\Remove Empty Directories 2016-08-19 22:36 - 2016-08-20 07:39 - 00001150 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-08-19 22:36 - 2016-08-20 07:39 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-08-18 18:24 - 2016-09-07 17:07 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Yahoo Messenger 2016-08-18 18:24 - 2016-08-18 18:24 - 00002381 _____ C:\Users\hochs\Desktop\Yahoo Messenger.lnk 2016-08-18 18:24 - 2016-08-18 18:24 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yahoo! Inc 2016-08-18 18:24 - 2016-08-18 18:24 - 00000000 ____D C:\Users\hochs\AppData\Local\yahoomessenger 2016-08-18 00:10 - 2016-08-18 00:10 - 00002449 ____R C:\WINDOWS\RouterControl_Uninstall.in 2016-08-18 00:10 - 2009-05-19 13:49 - 00330344 _____ (Mirko Böer) C:\WINDOWS\RCoUn.EXE 2016-08-17 18:30 - 2016-09-01 00:26 - 00000000 ____D C:\Program Files (x86)\TraXEx 2016-08-17 00:17 - 2016-08-17 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-08-17 00:17 - 2016-08-17 00:17 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-08-17 00:17 - 2016-08-17 00:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-08-15 11:40 - 2016-08-15 11:40 - 00042064 _____ (Anchorfree Inc.) C:\WINDOWS\system32\Drivers\taphss6.sys 2016-08-15 03:42 - 2016-08-15 03:43 - 00000000 ____D C:\ProgramData\F-Secure 2016-08-15 03:42 - 2016-08-15 03:42 - 00000000 ____D C:\Users\hochs\AppData\Local\F-Secure 2016-08-14 16:05 - 2016-08-14 16:05 - 08981510 _____ C:\Users\hochs\Documents\DESKTOP-GBIJB17.arn 2016-08-14 15:56 - 2016-08-14 15:56 - 00000022 ___SH C:\Users\hochs\AppData\Roaming\App1755 Conf_DB.ind 2016-08-14 15:56 - 2016-08-14 15:56 - 00000022 ___SH C:\Users\hochs\AppData\Roaming\0BF913075E33065.xrd 2016-08-14 15:37 - 2016-08-30 02:39 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center 2016-08-14 15:37 - 2016-08-14 15:49 - 00000000 ____D C:\ProgramData\WindSolutions 2016-08-14 15:18 - 2016-08-14 15:18 - 00001428 _____ C:\Users\Public\Desktop\Wondershare TunesGo Retro.lnk 2016-08-14 15:18 - 2016-08-14 15:18 - 00000000 ____D C:\Users\hochs\AppData\Local\Wondershare 2016-08-14 15:18 - 2016-08-14 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2016-08-14 15:17 - 2016-08-14 15:17 - 00000000 ____D C:\Program Files (x86)\Wondershare 2016-08-14 14:29 - 2016-08-14 14:29 - 00002266 _____ C:\Users\Public\Desktop\Xilisoft Video Converter Ultimate.lnk 2016-08-14 14:29 - 2016-08-14 14:29 - 00000000 ____D C:\ProgramData\Xilisoft 2016-08-14 14:29 - 2016-08-14 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft 2016-08-14 14:29 - 2016-08-14 14:29 - 00000000 ____D C:\Program Files (x86)\Xilisoft 2016-08-14 14:22 - 2016-08-14 14:23 - 00000000 ____D C:\ProgramData\Freemake 2016-08-14 14:22 - 2016-08-14 14:22 - 00001408 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk 2016-08-14 14:22 - 2016-08-14 14:22 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake 2016-08-14 14:22 - 2016-08-14 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake 2016-08-14 14:22 - 2016-08-14 14:22 - 00000000 ____D C:\Program Files (x86)\Freemake 2016-08-14 13:35 - 2016-08-14 13:35 - 00000000 ____D C:\Users\hochs\Documents\Benutzerdefinierte Office-Vorlagen 2016-08-14 12:55 - 2016-08-14 12:55 - 00000000 ____D C:\Users\hochs\AppData\Local\CrashReportClient 2016-08-14 12:21 - 2016-08-14 12:21 - 00000000 ____D C:\Program Files\Epic Games 2016-08-14 12:19 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll 2016-08-14 12:19 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll 2016-08-14 12:19 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll 2016-08-14 12:19 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll 2016-08-14 12:19 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll 2016-08-14 12:19 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll 2016-08-14 12:19 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll 2016-08-14 12:18 - 2016-08-14 12:20 - 00002617 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk 2016-08-14 12:18 - 2016-08-14 12:20 - 00002605 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk 2016-08-14 12:18 - 2016-08-14 12:19 - 00000000 ____D C:\ProgramData\Epic 2016-08-14 12:18 - 2016-08-14 12:18 - 00000000 ____D C:\Users\hochs\AppData\Local\UnrealEngine 2016-08-14 12:18 - 2016-08-14 12:18 - 00000000 ____D C:\Users\hochs\AppData\Local\EpicGamesLauncher 2016-08-14 12:18 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll 2016-08-13 23:41 - 2016-08-13 23:41 - 00000000 ____D C:\Program Files\CMAK 2016-08-13 23:41 - 2016-08-13 23:41 - 00000000 ____D C:\Program Files (x86)\CMAK 2016-08-13 10:03 - 2016-08-13 10:03 - 00000000 ___HD C:\$Windows.~WS 2016-08-12 22:02 - 2016-08-12 22:02 - 00001961 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk 2016-08-12 22:02 - 2016-08-12 22:02 - 00001949 _____ C:\Users\Public\Desktop\ImgBurn.lnk 2016-08-12 22:02 - 2016-08-12 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn 2016-08-12 22:02 - 2016-08-12 22:02 - 00000000 ____D C:\Program Files (x86)\ImgBurn 2016-08-12 21:20 - 2016-08-12 21:20 - 00000000 ____D C:\Users\hochs\AppData\Local\Disc_Soft_Ltd 2016-08-10 05:51 - 2016-08-02 10:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll 2016-08-10 05:51 - 2016-08-02 10:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll 2016-08-10 05:51 - 2016-08-02 09:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-08-10 05:51 - 2016-08-02 06:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-08-10 05:51 - 2016-07-22 03:32 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2016-08-10 05:51 - 2016-07-22 03:25 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2016-08-10 05:51 - 2016-07-22 03:18 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-08-10 05:51 - 2016-07-22 03:18 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2016-08-10 05:51 - 2016-07-22 03:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-08-10 05:51 - 2016-07-22 02:32 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2016-08-10 05:51 - 2016-07-22 02:31 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-08-09 20:38 - 2016-08-09 20:38 - 00047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys 2016-08-09 20:38 - 2016-08-09 20:38 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys 2016-08-09 20:38 - 2016-08-09 20:38 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images 2016-08-09 20:09 - 2016-08-09 20:09 - 00002315 _____ C:\Users\hochs\Desktop\RT 7 Lite (64-Bit).lnk 2016-08-09 20:09 - 2016-08-09 20:09 - 00000000 ____D C:\WINDOWS\system32\RT 7 Lite 2016-08-09 20:09 - 2016-08-09 20:09 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockers Team 2016-08-09 20:09 - 2016-08-09 20:09 - 00000000 ____D C:\Program Files\Rockers Team 2016-08-08 17:27 - 2016-08-08 17:27 - 00000000 ____D C:\WINDOWS\system32\EventProviders 2016-08-08 17:15 - 2016-09-07 17:06 - 00000000 ____D C:\AdwCleaner ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-09-07 17:13 - 2016-07-17 00:51 - 02126288 _____ C:\WINDOWS\system32\perfh007.dat 2016-09-07 17:13 - 2016-07-17 00:51 - 00543366 _____ C:\WINDOWS\system32\perfc007.dat 2016-09-07 17:13 - 2016-05-20 20:58 - 04458916 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-09-07 17:07 - 2016-08-07 14:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-09-07 17:07 - 2016-05-20 21:29 - 00000000 ___RD C:\Users\hochs\iCloudDrive 2016-09-07 17:06 - 2016-06-03 03:46 - 00000008 __RSH C:\ProgramData\ntuser.pol 2016-09-07 16:55 - 2016-06-23 07:03 - 00000000 ____D C:\Users\hochs\Documents\Outlook-Dateien 2016-09-07 16:49 - 2016-06-11 01:57 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-09-07 07:27 - 2016-08-07 14:17 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-09-07 01:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-09-06 19:39 - 2016-05-20 21:32 - 00000000 ____D C:\Users\hochs\AppData\Local\JDownloader 2.0 2016-09-05 18:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache 2016-09-04 14:26 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF 2016-09-04 14:26 - 2016-05-20 20:53 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-09-04 14:25 - 2016-07-17 00:56 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc 2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV 2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT 2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE 2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX 2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB 2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning 2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2016-09-04 13:54 - 2016-05-21 09:20 - 00000000 ____D C:\ProgramData\Package Cache 2016-09-04 13:27 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-09-04 12:07 - 2016-08-07 14:19 - 00000000 ____D C:\Users\hochs 2016-09-04 11:59 - 2016-07-24 16:54 - 00000000 ____D C:\Users\hochs\.mediathek3 2016-09-04 11:38 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps 2016-09-04 11:38 - 2016-05-20 20:53 - 00000000 ____D C:\Users\hochs\AppData\Local\Packages 2016-09-04 05:15 - 2016-07-24 21:14 - 00000000 ____D C:\Users\hochs\AppData\Local\Glance 2016-09-02 13:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-09-02 09:15 - 2016-05-31 18:39 - 00000000 ____D C:\ProgramData\Atheros 2016-09-02 03:24 - 2016-05-22 18:12 - 00000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForhochs.job 2016-09-01 16:26 - 2016-07-30 11:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-09-01 16:24 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-09-01 16:24 - 2016-05-20 21:41 - 00000000 ____D C:\WINDOWS\ShellNew 2016-09-01 16:24 - 2016-05-20 21:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-09-01 16:23 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-09-01 16:23 - 2016-05-20 21:41 - 00000167 _____ C:\WINDOWS\win.ini 2016-09-01 14:28 - 2016-06-11 05:17 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2016-09-01 13:39 - 2016-06-22 12:03 - 00000000 ____D C:\Program Files\PeerBlock 2016-09-01 13:35 - 2016-08-07 09:03 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-09-01 13:11 - 2016-05-20 21:27 - 00075803 _____ C:\bdlog.txt 2016-09-01 10:18 - 2016-08-07 09:09 - 00001051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-09-01 10:18 - 2016-08-07 09:09 - 00001039 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2016-09-01 08:40 - 2016-05-21 05:50 - 00000000 ____D C:\Users\hochs\AppData\LocalLow\Adobe 2016-09-01 08:40 - 2016-05-21 05:48 - 00000000 ____D C:\Users\hochs\AppData\Local\Adobe 2016-09-01 08:39 - 2016-05-20 20:55 - 00000000 ____D C:\Program Files (x86)\Google 2016-09-01 02:26 - 2016-07-16 13:43 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2016-09-01 02:26 - 2016-07-16 13:43 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll 2016-09-01 02:26 - 2016-07-16 13:43 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2016-09-01 02:26 - 2016-07-16 13:43 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-09-01 02:26 - 2016-07-16 13:42 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2016-09-01 02:26 - 2016-07-16 13:42 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2016-09-01 02:26 - 2016-07-16 13:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2016-09-01 02:26 - 2016-07-16 13:42 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-09-01 02:26 - 2016-07-16 13:42 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2016-09-01 02:26 - 2016-07-16 13:42 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2016-09-01 02:26 - 2016-07-16 13:42 - 00079544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2016-09-01 02:26 - 2016-07-16 13:42 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll 2016-09-01 02:26 - 2016-07-16 13:42 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll 2016-09-01 02:26 - 2016-07-16 13:42 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2016-09-01 01:03 - 2016-05-21 06:57 - 00000000 ____D C:\Program Files (x86)\VideoLAN 2016-08-31 17:43 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-08-31 06:34 - 2016-05-29 18:43 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk 2016-08-31 06:34 - 2016-05-29 18:43 - 00001161 _____ C:\Users\Public\Desktop\WinSCP.lnk 2016-08-31 06:34 - 2016-05-29 18:43 - 00000000 ____D C:\Program Files (x86)\WinSCP 2016-08-30 02:29 - 2016-05-21 05:47 - 00000000 ____D C:\ProgramData\Adobe 2016-08-29 16:36 - 2015-01-14 01:54 - 00000000 ____D C:\Users\hochs\Downloads\Plugins 2016-08-28 14:02 - 2016-05-21 05:48 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2016-08-27 08:08 - 2016-05-29 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo 2016-08-27 08:08 - 2016-05-29 19:27 - 00000000 ____D C:\Program Files (x86)\Ashampoo 2016-08-27 04:28 - 2016-07-30 11:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-08-26 16:05 - 2016-07-30 11:57 - 00000000 ____D C:\Users\hochs\AppData\Local\Mozilla 2016-08-26 15:57 - 2016-07-30 11:57 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-08-26 15:57 - 2016-07-30 11:57 - 00001231 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-08-26 07:43 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-08-26 07:43 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-08-25 18:39 - 2016-05-20 21:00 - 00000000 ____D C:\ProgramData\Acronis 2016-08-25 18:26 - 2016-05-20 21:01 - 01267544 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys 2016-08-25 18:26 - 2016-05-20 21:01 - 00687968 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys 2016-08-25 18:26 - 2016-05-20 21:01 - 00375136 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys 2016-08-25 18:26 - 2016-05-20 21:01 - 00368480 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys 2016-08-25 18:26 - 2016-05-20 21:01 - 00331104 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys 2016-08-25 18:26 - 2016-05-20 21:01 - 00212320 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys 2016-08-25 18:26 - 2016-05-20 21:01 - 00181088 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys 2016-08-25 18:26 - 2016-05-20 21:01 - 00001297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk 2016-08-25 18:26 - 2016-05-20 21:01 - 00001285 _____ C:\Users\Public\Desktop\Acronis True Image.lnk 2016-08-25 18:22 - 2016-05-20 21:26 - 00000000 ____D C:\Users\hochs\AppData\Local\Apple 2016-08-24 03:38 - 2016-07-16 13:43 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-08-23 18:31 - 2016-05-28 10:47 - 00000000 ____D C:\Users\hochs\AppData\Local\Apps\2.0 2016-08-22 19:57 - 2016-05-20 20:55 - 00000000 ____D C:\Users\hochs\AppData\Local\Google 2016-08-21 16:04 - 2016-05-20 21:27 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Apple Computer 2016-08-21 04:03 - 2016-05-20 21:27 - 00000000 ____D C:\Users\hochs\AppData\Local\Apple Computer 2016-08-20 18:43 - 2016-05-27 07:02 - 00001390 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk 2016-08-20 18:43 - 2016-05-27 07:02 - 00001329 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2016-08-20 18:43 - 2016-05-27 07:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2016-08-20 18:43 - 2016-05-27 07:02 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2016-08-20 16:20 - 2016-05-20 20:55 - 00000000 ____D C:\Users\hochs\AppData\Local\MicrosoftEdge 2016-08-20 10:41 - 2016-08-06 09:27 - 00000000 ____D C:\xampp2 2016-08-20 10:41 - 2016-08-06 09:16 - 00000000 ____D C:\xampp 2016-08-20 10:40 - 2016-07-15 20:16 - 00000000 ____D C:\Users\hochs\AppData\Local\PrivaZer 2016-08-20 10:37 - 2016-08-06 08:57 - 00000000 ____D C:\Users\hochs\.mythtv 2016-08-20 10:37 - 2016-05-20 20:53 - 00000000 ____D C:\Users\hochs\AppData\Local\Comms 2016-08-20 07:37 - 2016-08-06 09:19 - 00000000 ____D C:\WINDOWS\system32\appmgmt 2016-08-18 18:26 - 2016-08-06 11:42 - 00000000 ____D C:\Users\hochs\AppData\Local\SquirrelTemp 2016-08-17 01:11 - 2016-08-07 15:17 - 00000000 ___DC C:\WINDOWS\Panther 2016-08-15 04:20 - 2016-07-09 04:00 - 00002126 _____ C:\Users\hochs\Desktop\cnlabSpeedTest.lnk 2016-08-15 04:20 - 2016-07-09 04:00 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\cnlab AG 2016-08-15 04:20 - 2016-07-09 04:00 - 00000000 ____D C:\Users\hochs\AppData\Local\cnlabSpeedTest 2016-08-14 12:18 - 2016-07-31 00:49 - 00000000 ____D C:\Program Files (x86)\Epic Games 2016-08-12 23:17 - 2016-05-21 10:19 - 00000000 ____D C:\Users\hochs\.VirtualBox 2016-08-12 23:00 - 2016-05-21 10:19 - 00000000 ____D C:\Users\hochs\VirtualBox VMs 2016-08-09 20:48 - 2016-08-07 14:26 - 00002563 _____ C:\WINDOWS\diagwrn.xml 2016-08-09 20:48 - 2016-08-07 14:26 - 00001908 _____ C:\WINDOWS\diagerr.xml 2016-08-08 20:28 - 2016-08-07 13:51 - 00000000 ____D C:\Windows10Upgrade 2016-08-08 17:17 - 2016-07-05 19:50 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2016-08-08 17:17 - 2016-06-22 12:27 - 00000000 ____D C:\ProgramData\Lavasoft 2016-08-08 17:17 - 2016-06-22 12:27 - 00000000 ____D C:\Program Files (x86)\Lavasoft 2016-08-08 16:59 - 2016-08-07 14:29 - 00000000 ____D C:\Users\hochs\AppData\Local\ConnectedDevicesPlatform 2016-08-08 04:48 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-03-26 13:48 - 2015-03-26 13:48 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll 2016-08-14 15:56 - 2016-08-14 15:56 - 0000022 ___SH () C:\Users\hochs\AppData\Roaming\0BF913075E33065.xrd 2016-08-14 15:56 - 2016-08-14 15:56 - 0000022 ___SH () C:\Users\hochs\AppData\Roaming\App1755 Conf_DB.ind 2016-08-31 06:32 - 2016-08-31 07:22 - 0000600 _____ () C:\Users\hochs\AppData\Roaming\winscp.rnd 2016-08-28 13:48 - 2016-08-28 13:48 - 0187693 _____ () C:\Users\hochs\AppData\Local\ars.cache 2016-08-28 13:48 - 2016-08-28 13:48 - 0490651 _____ () C:\Users\hochs\AppData\Local\census.cache 2016-08-28 13:29 - 2016-08-28 13:29 - 0000036 _____ () C:\Users\hochs\AppData\Local\housecall.guid.cache 2016-09-01 13:12 - 2016-09-01 13:12 - 0238909 _____ () C:\ProgramData\1472728277.bdinstall.bin 2016-09-01 13:40 - 2016-09-01 13:40 - 0028335 _____ () C:\ProgramData\1472729999.bdinstall.bin 2016-05-21 06:09 - 2016-05-21 06:09 - 0000057 _____ () C:\ProgramData\Ament.ini 2016-01-26 00:34 - 2016-01-26 00:34 - 0003439 _____ () C:\ProgramData\cfGH0330.ini 2016-01-26 00:34 - 2016-01-26 00:34 - 0002297 _____ () C:\ProgramData\cfSB1580.ini 2016-01-26 00:34 - 2016-01-26 00:34 - 0002244 _____ () C:\ProgramData\cfSB1590.ini 2016-01-26 00:34 - 2016-01-26 00:34 - 0002595 _____ () C:\ProgramData\cfSB1600.ini 2016-01-26 00:34 - 2016-01-26 00:34 - 0002595 _____ () C:\ProgramData\cfSB1610.ini 2016-01-26 00:34 - 2016-01-26 00:34 - 0002244 _____ () C:\ProgramData\cfSB1700.ini 2016-01-26 00:34 - 2016-01-26 00:34 - 0003582 _____ () C:\ProgramData\cfSB1710.ini 2016-08-07 14:18 - 2016-08-07 14:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2016-01-26 00:34 - 2016-01-26 00:34 - 0057587 _____ () C:\ProgramData\SBXH7.cfg Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\admin\AppData\Local\Temp\DeleteOnReboot.bat Einige Dateien in TEMP: ==================== C:\Users\admin\AppData\Local\Temp\avgnt.exe C:\Users\admin\AppData\Local\Temp\gi34UBJM.exe C:\Users\admin\AppData\Local\Temp\libeay32.dll C:\Users\admin\AppData\Local\Temp\msvcr120.dll C:\Users\admin\AppData\Local\Temp\sqlite3.dll C:\Users\hochs\AppData\Local\Temp\avgnt.exe C:\Users\hochs\AppData\Local\Temp\kernel32.dll C:\Users\hochs\AppData\Local\Temp\proxy_vole1797863368897694260.dll C:\Users\hochs\AppData\Local\Temp\proxy_vole2240034186095844922.dll C:\Users\hochs\AppData\Local\Temp\proxy_vole7998053034528165035.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. der Benutzer ist kein Administrator ==================== Ende von FRST.txt ============================ |
|
07.09.2016, 16:45
| #9 |
| | Log von FRST 1. Teil Log von FRST 1. Teil Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von hochs (ACHTUNG: der Benutzer ist kein Administrator) auf DESKTOP-GBIJB17 (07-09-2016 17:14:12)
Gestartet von C:\Users\hochs\Downloads
Geladene Profile: hochs (Verfügbare Profile: hochs & admin & Administrator)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
konnte nicht auf den Prozess zugreifen -> smss.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> wininit.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> services.exe
konnte nicht auf den Prozess zugreifen -> lsass.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> winlogon.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> dwm.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> dasHost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> nvvsvc.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> nvxdsync.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> spoolsv.exe
konnte nicht auf den Prozess zugreifen -> sched.exe
konnte nicht auf den Prozess zugreifen -> schedul2.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> AdminService.exe
konnte nicht auf den Prozess zugreifen -> Avira.VpnService.exe
konnte nicht auf den Prozess zugreifen -> Avira.SoftwareUpdater.ServiceHost.exe
konnte nicht auf den Prozess zugreifen -> avguard.exe
konnte nicht auf den Prozess zugreifen -> mDNSResponder.exe
konnte nicht auf den Prozess zugreifen -> Avira.ServiceHost.exe
konnte nicht auf den Prozess zugreifen -> chip 1-click installer.exe
konnte nicht auf den Prozess zugreifen -> BitBoxService.exe
konnte nicht auf den Prozess zugreifen -> vss-service-x64.exe
konnte nicht auf den Prozess zugreifen -> AGSService.exe
konnte nicht auf den Prozess zugreifen -> TeamViewer_Service.exe
konnte nicht auf den Prozess zugreifen -> app_updater.exe
konnte nicht auf den Prozess zugreifen -> Avira.SystemSpeedup.SpeedupService.exe
konnte nicht auf den Prozess zugreifen -> armsvc.exe
konnte nicht auf den Prozess zugreifen -> mbamscheduler.exe
konnte nicht auf den Prozess zugreifen -> afcdpsrv.exe
konnte nicht auf den Prozess zugreifen -> ManyCamService.exe
konnte nicht auf den Prozess zugreifen -> AllShareFrameworkManagerDMS.exe
konnte nicht auf den Prozess zugreifen -> Samsung Link.exe
konnte nicht auf den Prozess zugreifen -> Ath_CoexAgent.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> UsbClientService.exe
konnte nicht auf den Prozess zugreifen -> AppleMobileDeviceService.exe
konnte nicht auf den Prozess zugreifen -> Samsung Link.exe
konnte nicht auf den Prozess zugreifen -> vss-service-x64.exe
konnte nicht auf den Prozess zugreifen -> mms_mini.exe
konnte nicht auf den Prozess zugreifen -> AllShareFrameworkDMS.exe
konnte nicht auf den Prozess zugreifen -> conhost.exe
konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> avshadow.exe
konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe
konnte nicht auf den Prozess zugreifen -> avmailc7.exe
konnte nicht auf den Prozess zugreifen -> avwebg7.exe
konnte nicht auf den Prozess zugreifen -> GoogleUpdate.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(EJIE Technology) C:\Program Files (x86)\Clover\clover.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
konnte nicht auf den Prozess zugreifen -> iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
() C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe
(CounterPath) C:\Program Files (x86)\CounterPath\Bria 4\Bria4.exe
(Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe
(Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe
(Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe
(The CefSharp Authors) C:\Program Files (x86)\CounterPath\Bria 4\CefSharp.BrowserSubprocess.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(Alexander Miehlke Softwareentwicklung) C:\Program Files (x86)\TraXEx\TraXEx.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(AVM Software Inc.) C:\Program Files (x86)\Paltalk Messenger\paltalk.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
konnte nicht auf den Prozess zugreifen -> fontdrvhost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
konnte nicht auf den Prozess zugreifen -> HPSupportSolutionsFrameworkService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> mobile_backup_server.exe
konnte nicht auf den Prozess zugreifen -> mobile_backup_status_server.exe
konnte nicht auf den Prozess zugreifen -> syncagentsrv.exe
konnte nicht auf den Prozess zugreifen -> LiveTunerService.exe
konnte nicht auf den Prozess zugreifen -> NASvc.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
konnte nicht auf den Prozess zugreifen -> SearchProtocolHost.exe
konnte nicht auf den Prozess zugreifen -> SearchFilterHost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350232 2016-06-16] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [586352 2016-08-21] ()
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [615144 2016-03-09] (Samsung Electronics Co.,Ltd)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe [4164944 2016-07-01] (Ashampoo Development GmbH & Co. KG)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4657312 2016-08-21] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [PowerDVD16Agent] => C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe [525352 2016-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425352 2016-06-03] (Acronis International GmbH)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2779136 2016-06-11] (Dominik Reichl)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [18520 2016-08-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [830064 2016-09-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [DeleteOnReboot] => C:\Users\admin\AppData\Local\Temp\DeleteOnReboot.bat [100 2016-09-07] () <===== ACHTUNG
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Atheros Communications)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1084688 2016-04-21] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe [4535192 2016-06-09] ()
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Bria 4] => C:\Program Files (x86)\CounterPath\Bria 4\Bria4.exe [4734344 2016-07-11] (CounterPath)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Yahoo Messenger Updater] => C:\Users\hochs\AppData\Roaming\Yahoo Messenger\YMUpdater\YMUpdater.exe [115144 2016-08-18] (Yahoo!, Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Yahoo Messenger] => C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe [61315088 2016-08-18] (Yahoo! Inc)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Free Download Manager] => "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [64000 2016-08-10] (Lamantine Software a.s.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\MountPoints2: {3aefeae5-1f0f-11e6-9b9c-806e6f6e6963} - "E:\pcwstart.exe"
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2016-09-04]
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TraXEx 7.0.lnk [2016-09-01]
ShortcutTarget: TraXEx 7.0.lnk -> C:\Program Files (x86)\TraXEx\TraXEx.exe (Alexander Miehlke Softwareentwicklung)
Startup: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2016-08-14] ()
Startup: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2016-08-30]
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{312630d7-a3ea-4a35-adc2-e36214d724f3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{81c71945-0989-48f6-948e-0f58b3f79291}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9758ba7f-718c-4803-9b3d-86710972f7a9}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{fd990bb7-d9d2-4a29-aa70-f3b31832c661}: [DhcpNameServer] 10.143.14.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-06] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-06] (Oracle Corporation)
BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll [2014-01-23] (EJIE Technology)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-06] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-06] (Oracle Corporation)
BHO-x32: Kein Name -> {FFFFFEF0-5B30-21D4-945D-000000000000} -> C:\Program Files (x86)\Star Downloader\SDIEInt.dll [2006-02-26] ()
Toolbar: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
Edge:
======
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.0.5.0_neutral__c1wakc4j0nefm []
FireFox:
========
FF ProfilePath: C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default
FF Homepage: hxxps://www.startpage.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-06] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-08-26] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-06] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-08-26] (LastPass)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-05-27] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-08-28] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-05-27] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Extension: (LastPass) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\extensions\support@lastpass.com [2016-08-26]
FF Extension: (SetupVPN) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\@setupvpncom.xpi [2016-09-02]
FF Extension: (Avira Browser Safety) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\abs@avira.com [2016-09-01]
FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2016-08-26]
FF Extension: (Avira SafeSearch Plus) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\safesearchplus2@avira.com [2016-09-01]
FF Extension: (Adblock Plus) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-26]
FF HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Firefox\Extensions: [{76dccd48-a276-11e5-8934-cd441d5d46b0}] - C:\Users\hochs\AppData\Roaming\Lamantine\Sticky Password\spAutofillMoz
FF Extension: (Sticky Password Autofill Engine) - C:\Users\hochs\AppData\Roaming\Lamantine\Sticky Password\spAutofillMoz [2016-09-02]
FF HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => nicht gefunden
Chrome:
=======
CHR HomePage: Default -> hxxps://startseite.com/
CHR DefaultSearchURL: Default -> hxxps://www.startpage.com/do/dsearch?query={searchTerms}&cat=web&pl=opensearch&language=deutsch
CHR DefaultSearchKeyword: Default -> https://startpage.com
CHR Profile: C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-15]
CHR Extension: (Google Drive) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-15]
CHR Extension: (WhatsChrome) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan [2016-08-07]
CHR Extension: (YouTube) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-15]
CHR Extension: (Porno-Blocker und Kindersicherung) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\cenggogncmgefhljmbhbjgfbfjbmpkml [2016-08-15]
CHR Extension: (Avira Browserschutz) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-02]
CHR Extension: (Google Docs Offline) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-15]
CHR Extension: (AdBlock) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-26]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-08-27]
CHR Extension: (Disconnect Search) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmobfennjmjnkdbklhcnnfbhfibedgkk [2016-09-02]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2016-09-02]
CHR Extension: (Disconnect) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2016-09-02]
CHR Extension: (Sticky Password Autofill Engine) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaafoaobjaplofpihlhbcbcjhmgnjplf [2016-09-02]
CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2016-06-23]
CHR Extension: (Chrono Download Manager) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2016-08-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-15]
CHR Extension: (Google Mail) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-15]
CHR Extension: (Chrome Media Router) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-03]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hmobfennjmjnkdbklhcnnfbhfibedgkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jeoacafpbcihiomhlakheieifhpjdfeo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1277688 2016-08-21] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6086744 2016-08-25] ()
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert]
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [989696 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1454720 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [253392 2016-08-26] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [26760 2016-08-23] (Avira Operations GmbH & Co. KG)
R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2016-06-20] (Sirrix AG) [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-08-29] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 Cloud Station Backup VSS Service x64; C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [287256 2016-07-04] ()
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287256 2016-07-04] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [391656 2016-07-22] (Digital Wave Ltd.)
S3 Disconnect Desktop Updater; C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe [358400 2015-09-23] (Disconnect)
S3 disconnect-openvpn; C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\nssm.exe [338944 2014-08-31] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R3 lmhosts; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 lmhosts; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E; C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe [8331360 2015-11-26] (Swisscom (Schweiz) AG)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4692840 2016-08-15] (Acronis International GmbH)
R2 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [7717528 2016-07-18] (Acronis International GmbH)
R2 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1516920 2016-08-21] ()
R2 NlaSvc; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 NlaSvc; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [623848 2016-03-09] (Samsung Electronics Co.,Ltd)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-17] (Microsoft Corporation)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [27632 2016-08-18] (Avira Operations GmbH & Co. KG)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9729272 2016-08-11] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248840 2016-03-18] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WO_LiveService2; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe [257872 2016-07-01] ()
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\TunesGo Retro\DriverInstall.exe [116368 2016-04-16] (Wondershare)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
S3 athr; C:\Windows\System32\drivers\athw10x.sys [4316456 2016-06-16] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-08-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-08-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-08-18] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-08-18] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-09] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-09] (Disc Soft Ltd)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [375136 2016-08-25] (Acronis International GmbH)
R2 LiveTuner2PM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner64.sys [14320 2014-03-20] ()
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-07] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 prl_virtual_hid; C:\Windows\System32\drivers\prl_virtual_hid.sys [19688 2015-09-18] ()
S3 ptun0901; C:\Windows\System32\drivers\ptun0901.sys [27136 2014-08-08] (The OpenVPN Project)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [34608 2016-06-09] (Audials AG)
S3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42064 2016-08-15] (Anchorfree Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1267544 2016-08-25] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [212320 2016-08-25] (Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [687968 2016-08-25] (Acronis International GmbH)
R3 TotRec8; C:\WINDOWS\system32\drivers\TotRec8.sys [125568 2015-10-20] (High Criteria inc.)
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [182480 2016-04-29] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135768 2016-04-28] (Oracle Corporation)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [331104 2016-08-25] (Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; C:\Program Files (x86)\CyberLink\PowerDVD16\Common\NavFilter\000.fcl [29624 2016-03-28] (CyberLink Corp.)
U3 DfSdkS; kein ImagePath
S3 NPF; system32\drivers\NPF.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-07 17:14 - 2016-09-07 17:14 - 00039554 _____ C:\Users\hochs\Downloads\FRST.txt
2016-09-07 17:12 - 2016-09-07 17:12 - 02397696 _____ (Farbar) C:\Users\hochs\Downloads\FRST64.exe
2016-09-07 17:03 - 2016-09-07 17:03 - 03826240 _____ C:\Users\hochs\Downloads\AdwCleaner_6.010.exe
2016-09-07 16:49 - 2016-09-07 16:57 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-07 16:49 - 2016-09-07 16:49 - 00001186 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-09-07 16:49 - 2016-09-07 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-09-07 16:49 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-07 16:49 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-07 16:49 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-07 16:47 - 2016-09-07 16:48 - 22851472 _____ (Malwarebytes ) C:\Users\hochs\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-05 20:21 - 2016-09-05 20:30 - 00000000 ____D C:\Users\hochs\Downloads\okindoft.mkv - hd-area.org
2016-09-05 18:43 - 2016-09-06 18:45 - 00000000 ____D C:\Users\hochs\Downloads\Overkill.Durch.die.Hoelle.zur.Ewigkeit.1980.German.720p.BluRay.x264-GMA - filecrypt.cc
2016-09-04 17:18 - 2016-09-04 17:20 - 00000000 ____D C:\Users\hochs\Downloads\Rampage.President.Down.German.2016.AC3.BDRip.x264-COiNCiDENCE - filecrypt.cc
2016-09-04 14:39 - 2016-09-04 14:44 - 00000000 ____D C:\Users\hochs\Downloads\Star.Trek.Beyond.2016.German.TS.V2.MD.XViD-MULTiPLEX - filecrypt.cc
2016-09-04 14:23 - 2015-12-18 19:48 - 00000000 ____D C:\Users\hochs\Downloads\SolveigMM Video Splitter 5.2.1512.16 Business Edition & Portable
2016-09-04 14:22 - 2016-09-04 14:23 - 67134548 _____ C:\Users\hochs\Downloads\SolveigMM_Video_Splitter_5.2.1512.16_Business_Edition_&_Portable.rar
2016-09-04 14:06 - 2016-09-04 14:29 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Solveig Multimedia
2016-09-04 14:06 - 2016-09-04 14:06 - 00000000 ____D C:\Users\hochs\Documents\Solveig Multimedia
2016-09-04 14:05 - 2016-09-04 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solveig Multimedia
2016-09-04 14:05 - 2016-09-04 14:24 - 00000000 ____D C:\Program Files (x86)\Solveig Multimedia
2016-09-04 14:05 - 2016-09-04 14:05 - 35725504 _____ (Solveig Multimedia ) C:\Users\hochs\Downloads\SolveigMM_AVI_Trimmer_5_0_1603_23.exe
2016-09-04 14:05 - 2016-09-04 14:05 - 00001417 _____ C:\Users\Public\Desktop\SolveigMM AVI Trimmer+.lnk
2016-09-04 13:57 - 2016-09-04 13:57 - 00000000 ____D C:\Users\hochs\AppData\Local\IsolatedStorage
2016-09-04 13:56 - 2016-09-04 13:56 - 00000000 ____D C:\Users\hochs\Documents\Haenlein-Software
2016-09-04 13:56 - 2016-09-04 13:56 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Haenlein-Software
2016-09-04 13:55 - 2016-09-04 13:55 - 29430176 _____ C:\Users\hochs\Downloads\Setup_DVR-Studio HD 3_3.21 (1).exe
2016-09-04 13:55 - 2016-09-04 13:55 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVR-Studio HD 3
2016-09-04 13:54 - 2016-09-04 13:55 - 00001180 _____ C:\Users\admin\Desktop\DVR-Studio HD 3.lnk
2016-09-04 13:54 - 2016-09-04 13:55 - 00000000 ____D C:\Program Files (x86)\DVR-Studio HD 3
2016-09-04 13:53 - 2016-09-04 13:53 - 29430176 _____ C:\Users\hochs\Downloads\Setup_DVR-Studio HD 3_3.21.exe
2016-09-04 13:15 - 2016-09-04 13:24 - 1430589050 _____ C:\Users\hochs\Downloads\Die_Mothman_Prophezeiungen_16.09.03_20-15_zdfneo_115_TVOON_DE.mpg.HD.avi
2016-09-04 13:10 - 2016-09-04 13:24 - 45314000 _____ C:\Users\hochs\Downloads\2016-09-03_20-15_Die-Mothman-Prophezeiungen_zdf-neo_hd.mp4
2016-09-04 13:09 - 2016-09-04 13:09 - 00002387 _____ C:\Users\admin\Desktop\MediathekView - CHIP Installer.lnk
2016-09-04 12:33 - 2016-09-04 12:33 - 00000000 ____D C:\Users\admin\AppData\Local\Free Download Manager
2016-09-04 12:31 - 2016-09-04 12:33 - 07070852 _____ C:\Users\hochs\Downloads\2016-09-03_20-15_Die-Mothman-Prophezeiungen_zdf-neo_hd.mp4.crdownload
2016-09-04 12:19 - 2016-09-04 12:32 - 3008565993 _____ C:\Users\hochs\Downloads\2016-09-03_20-15_Die-Mothman-Prophezeiungen_zdf-neo_hd.mp4.fdmdownload
2016-09-04 12:07 - 2016-09-04 12:08 - 00000000 ____D C:\Users\hochs\MediathekView
2016-09-04 11:58 - 2016-08-08 15:51 - 03065285 _____ C:\Users\admin\Downloads\MediathekView.jar
2016-09-04 11:58 - 2016-08-08 15:51 - 00057344 _____ C:\Users\admin\Downloads\MediathekView__Start.exe
2016-09-04 11:58 - 2016-08-08 15:51 - 00001470 _____ C:\Users\admin\Downloads\Hilfe___bitte_lesen.txt
2016-09-04 11:58 - 2016-08-08 15:51 - 00000364 _____ C:\Users\admin\Downloads\MediathekView__Mac_Start.command
2016-09-04 11:58 - 2016-08-08 15:51 - 00000325 _____ C:\Users\admin\Downloads\MediathekView__Linux.sh
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Windows
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Portable
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\lib
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Info
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Icons
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Copyright
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\bin
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Anleitung
2016-09-04 11:56 - 2016-09-04 11:56 - 01474568 _____ C:\Users\hochs\Downloads\MediathekView - CHIP-Installer.exe
2016-09-04 11:54 - 2016-09-04 11:54 - 39389109 _____ C:\Users\admin\Downloads\MediathekView_12.zip
2016-09-04 11:26 - 2016-09-04 11:26 - 00001124 _____ C:\Users\Public\Desktop\BeeThink SpyDetector 2.0.lnk
2016-09-04 11:26 - 2016-09-04 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeeThink SpyDetector 2.0
2016-09-04 11:26 - 2016-09-04 11:26 - 00000000 ____D C:\Program Files (x86)\BeeThink SpyDetector_2.0
2016-09-04 11:25 - 2016-09-04 11:25 - 01678787 _____ (BeeThink SoftWare, Inc. ) C:\Users\hochs\Downloads\BeeThink_SpyDetector2.0_setup.exe
2016-09-04 10:11 - 2016-09-04 10:11 - 00000000 ____D C:\Users\hochs\AppData\Roaming\DVDVideoSoft
2016-09-04 06:12 - 2016-09-04 06:12 - 01222600 _____ (AVM Software Inc.) C:\Users\hochs\Downloads\pal_install_r132144.exe
2016-09-04 06:12 - 2016-09-04 06:12 - 00002065 _____ C:\Users\admin\Desktop\Paltalk Messenger.lnk
2016-09-04 06:12 - 2016-09-04 06:12 - 00001186 _____ C:\Users\admin\Desktop\Upgrade to Paltalk Extreme.lnk
2016-09-04 06:12 - 2016-09-04 06:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\Paltalk
2016-09-04 06:12 - 2016-09-04 06:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
2016-09-04 06:12 - 2016-09-04 06:12 - 00000000 ____D C:\Program Files (x86)\Paltalk Messenger
2016-09-03 11:03 - 2016-09-03 11:31 - 00000000 ____D C:\Users\hochs\AppData\Roaming\WhatsApp
2016-09-03 11:00 - 2016-09-04 14:26 - 00372872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-03 09:22 - 2016-09-03 09:24 - 00312694 _____ C:\TDSSKiller.3.1.0.11_03.09.2016_09.22.54_log.txt
2016-09-03 09:21 - 2016-09-03 09:22 - 04747704 _____ (AO Kaspersky Lab) C:\Users\hochs\Downloads\tdsskiller.exe
2016-09-03 08:37 - 2016-09-03 08:37 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Yahoo!
2016-09-02 23:24 - 2016-09-02 23:24 - 00000000 ____D C:\Users\hochs\AppData\Roaming\HpUpdate
2016-09-02 18:50 - 2016-09-02 18:50 - 00000921 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-09-02 18:50 - 2016-09-02 18:50 - 00000873 _____ C:\Users\admin\Desktop\Start Tor Browser.lnk
2016-09-02 18:50 - 2016-09-02 18:50 - 00000000 ____D C:\Users\admin\Desktop\Tor Browser
2016-09-02 18:11 - 2016-09-02 18:37 - 00000000 ____D C:\Users\admin\AppData\Local\DisconnectDesktop
2016-09-02 18:11 - 2016-09-02 18:11 - 00001258 _____ C:\Users\admin\Desktop\Disconnect Desktop.lnk
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Mozilla
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disconnect Desktop
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Disconnect
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Local\Caphyon
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Program Files\TAP-Windows
2016-09-02 18:08 - 2016-09-02 18:10 - 71515456 _____ (Disconnect) C:\Users\hochs\Downloads\Disconnect+Desktop.exe
2016-09-02 13:58 - 2016-09-02 14:02 - 00000000 ____D C:\Users\hochs\Downloads\tpdhso
2016-09-02 12:12 - 2016-09-02 13:00 - 00000000 ___RD C:\Users\hochs\Downloads\Schrei.wenn.der.Tingler.kommt.1959.German.720p.BluRay.x264-iFPD
2016-09-02 12:12 - 2016-09-02 12:12 - 68821442 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part23.rar
2016-09-02 12:12 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part22.rar
2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part21.rar
2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part20.rar
2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part19.rar
2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part18.rar
2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part17.rar
2016-09-02 12:11 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part16.rar
2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part15.rar
2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part14.rar
2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part13.rar
2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part12.rar
2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part11.rar
2016-09-02 12:10 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part10.rar
2016-09-02 12:10 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part09.rar
2016-09-02 12:10 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part08.rar
2016-09-02 12:09 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part07.rar
2016-09-02 12:09 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part06.rar
2016-09-02 12:09 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part05.rar
2016-09-02 12:09 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part03.rar
2016-09-02 12:09 - 2016-09-02 12:09 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part04.rar
2016-09-02 12:09 - 2016-09-02 12:09 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part02.rar
2016-09-02 12:08 - 2016-09-02 12:09 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part01.rar
2016-09-02 12:05 - 2016-09-02 12:05 - 00006896 _____ C:\Users\hochs\Downloads\29e105b4b84827c1a7694d1a138117dd9c84549f.dlc
2016-09-02 10:30 - 2016-09-02 10:31 - 91468472 _____ (Adobe Systems Incorporated) C:\Users\hochs\Downloads\AcroRdrDC1501720050_de_DE.exe
2016-09-02 10:29 - 2016-09-02 10:29 - 00134646 _____ C:\Users\hochs\Downloads\Offerte P-2017 Urs Hochstrasser neu.pdf
2016-09-02 09:16 - 2016-09-02 09:16 - 00000000 ____D C:\Users\admin\AppData\Local\Avira
2016-09-02 09:15 - 2016-09-02 09:15 - 00002398 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ___RD C:\Users\admin\OneDrive
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\Documents\Bluetooth Folder
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Roaming\SAMSUNG
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Roaming\Atheros
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Roaming\Apple Computer
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\Wondershare
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\CyberLink
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\Clover
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\BMExplorer
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\.swt
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-02 09:14 - 2016-09-02 09:16 - 00000000 ____D C:\Users\admin\AppData\Local\Packages
2016-09-02 09:14 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\ConnectedDevicesPlatform
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Roaming\Adobe
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\VirtualStore
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\TileDataLayer
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\Publishers
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\Google
2016-09-02 03:32 - 2016-09-02 03:32 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Lamantine
2016-09-02 03:30 - 2016-09-07 02:50 - 00000000 ___SD C:\Users\hochs\Documents\Sticky Passwords
2016-09-02 03:29 - 2016-09-02 03:29 - 00001176 _____ C:\Users\Public\Desktop\Sticky Password.lnk
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ___SD C:\Users\admin\Documents\Sticky Passwords
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ____D C:\Users\admin\AppData\Local\PeerDistRepub
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Password
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ____D C:\Program Files (x86)\Sticky Password
2016-09-02 03:28 - 2016-09-02 03:29 - 30170336 _____ (Lamantine Software ) C:\Users\hochs\Downloads\StickyPassword_rev808116.exe
2016-09-02 03:25 - 2016-09-02 09:19 - 00000000 ____D C:\Users\admin
2016-09-02 03:25 - 2016-09-02 03:25 - 00000020 ___SH C:\Users\admin\ntuser.ini
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Vorlagen
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Startmenü
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Netzwerkumgebung
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Lokale Einstellungen
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Eigene Dateien
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Druckumgebung
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Documents\Eigene Videos
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Documents\Eigene Musik
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Documents\Eigene Bilder
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\AppData\Local\Verlauf
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\AppData\Local\Anwendungsdaten
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Anwendungsdaten
2016-09-01 18:18 - 2016-09-01 18:18 - 00000000 ____D C:\Users\hochs\AppData\Local\AviraSpeedup
2016-09-01 18:16 - 2014-05-25 02:36 - 00015360 _____ C:\WINDOWS\system32\SppExtComObjHook.dll
2016-09-01 18:14 - 2014-08-08 18:31 - 00027136 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\ptun0901.sys
2016-09-01 16:24 - 2016-09-01 16:24 - 00002741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002674 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002654 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-09-01 16:24 - 2016-09-01 16:24 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-09-01 16:24 - 2016-09-01 16:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Users\hochs\AppData\Local\Microsoft Help
2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Program Files\Microsoft Office
2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-09-01 16:20 - 2016-09-01 16:20 - 00000000 __RHD C:\MSOCache
2016-09-01 16:16 - 2016-09-01 16:19 - 00000000 ____D C:\Users\hochs\Downloads\86updajulfg3s5d4f
2016-09-01 16:11 - 2016-09-01 16:11 - 00002429 _____ C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira Scout.lnk
2016-09-01 16:11 - 2016-09-01 16:11 - 00002421 _____ C:\Users\hochs\Desktop\Avira Scout.lnk
2016-09-01 16:11 - 2016-09-01 16:11 - 00000000 ____D C:\Users\hochs\AppData\Local\Package Cache
2016-09-01 16:09 - 2016-09-01 17:09 - 00000000 ____D C:\Program Files (x86)\KMSPico
2016-09-01 16:04 - 2016-09-01 17:37 - 00000000 ___HD C:\Users\hochs\Downloads\.ptmp121163
2016-09-01 15:42 - 2016-09-01 15:48 - 00000000 ____D C:\Users\hochs\Downloads\Der.Gendarm.vom.Broadway.1965.GERMAN.DL.720p.HDTV.x264-CDD - filecrypt.cc
2016-09-01 15:23 - 2016-09-01 16:11 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Avira
2016-09-01 15:23 - 2016-09-01 15:23 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-09-01 15:21 - 2016-08-18 15:52 - 00154392 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-09-01 15:21 - 2016-08-18 15:52 - 00144664 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-09-01 15:21 - 2016-08-18 15:52 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-09-01 15:21 - 2016-08-18 15:52 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-09-01 15:10 - 2016-09-01 15:11 - 225639816 _____ C:\Users\hochs\Downloads\avira_antivirus_de-de.exe
2016-09-01 14:44 - 2016-09-01 14:44 - 224665032 _____ C:\Users\hochs\Downloads\avira_internet_security_de(1).exe
2016-09-01 14:43 - 2016-09-01 14:43 - 224665032 _____ C:\Users\hochs\Downloads\avira_internet_security_de.exe
2016-09-01 14:38 - 2016-09-01 14:38 - 00002162 _____ C:\Users\Public\Desktop\Avira Software Updater.lnk
2016-09-01 14:30 - 2016-09-01 14:30 - 04439864 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_de_av_57c81f542973f__ws.exe
2016-09-01 14:28 - 2016-09-01 14:28 - 02983904 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_registry_cleaner_de(1).exe
2016-09-01 14:19 - 2016-09-01 14:20 - 00001370 _____ C:\Users\hochs\Desktop\shutdown.bat.lnk
2016-09-01 14:17 - 2016-09-01 14:17 - 02983904 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_registry_cleaner_de.exe
2016-09-01 14:17 - 2016-09-01 14:17 - 00000289 _____ C:\Users\hochs\Desktop\Wie installiere ich erneut mein Avira Antivirus Produkt - Avira Answers.URL
2016-09-01 14:12 - 2016-09-01 14:13 - 04439864 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_de_av_3021944647_ciukpe49j82kusl080x2_wd.exe
2016-09-01 14:09 - 2016-09-01 14:09 - 04439864 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_de_issudl_3010720132__ws.exe
2016-09-01 14:03 - 2016-09-01 16:11 - 00000000 ____D C:\Users\hochs\AppData\Local\Avira
2016-09-01 13:53 - 2016-09-01 13:53 - 00001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira Phantom VPN.lnk
2016-09-01 13:53 - 2016-09-01 13:53 - 00001124 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2016-09-01 13:51 - 2016-09-07 17:08 - 00000000 ____D C:\Users\Public\Speedup Sessions
2016-09-01 13:51 - 2016-09-06 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-01 13:51 - 2016-09-01 15:21 - 00000000 ____D C:\ProgramData\Avira
2016-09-01 13:51 - 2016-09-01 15:21 - 00000000 ____D C:\Program Files (x86)\Avira
2016-09-01 13:51 - 2016-09-01 13:51 - 04439864 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_de_atss0_3021944647_tuea2maioyrais5w1baz_wd.exe
2016-09-01 13:51 - 2016-09-01 13:51 - 00001298 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-09-01 13:51 - 2016-09-01 13:51 - 00001227 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2016-09-01 13:40 - 2016-09-01 13:40 - 00028335 _____ C:\ProgramData\1472729999.bdinstall.bin
2016-09-01 13:14 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\Kirschblueten.und.rote.Bohnen.2015.German.1080p.BluRay.x264-CONTRiBUTiON - filecrypt.cc
2016-09-01 13:12 - 2016-09-01 13:12 - 00238909 _____ C:\ProgramData\1472728277.bdinstall.bin
2016-09-01 12:45 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\Schweinskopf.Al.Dente.2016.TS.MD.German.XViD-SLiMER - filecrypt.cc
2016-09-01 11:22 - 2016-09-01 11:22 - 00000000 ____D C:\Users\hochs\AppData\Roaming\QuickScan
2016-09-01 11:15 - 2016-09-01 11:16 - 80334050 _____ C:\Users\hochs\Downloads\openatv-5.3-vusolose-20160901_usb.zip
2016-09-01 08:39 - 2016-09-01 08:39 - 01065376 _____ (Google Inc.) C:\Users\hochs\Downloads\ChromeSetup.exe
2016-09-01 08:39 - 2016-09-01 08:39 - 00002351 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-01 08:39 - 2016-09-01 08:39 - 00002339 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-01 08:37 - 2016-09-01 08:37 - 00000826 _____ C:\Users\hochs\Downloads\Preferences.xml
2016-09-01 08:35 - 2016-09-02 10:31 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-09-01 08:35 - 2016-09-01 08:35 - 00002135 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-09-01 08:35 - 2016-09-01 08:35 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-09-01 08:32 - 2016-09-01 08:32 - 00071464 _____ C:\Users\hochs\Downloads\2016_08_31-1-Kontoauszug.pdf
2016-09-01 07:19 - 2016-09-01 07:19 - 00004944 _____ C:\Users\hochs\Downloads\DISKSTATION216_20160901.dss
2016-09-01 02:29 - 2016-08-27 14:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-01 02:29 - 2016-08-27 11:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-01 02:29 - 2016-08-27 07:12 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-01 02:29 - 2016-08-27 07:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-01 02:29 - 2016-08-27 06:58 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-01 02:29 - 2016-08-27 06:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-01 02:29 - 2016-08-27 06:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-01 02:29 - 2016-08-27 06:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-01 02:29 - 2016-08-27 06:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-01 02:29 - 2016-08-27 06:38 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-01 02:29 - 2016-08-27 06:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-01 02:29 - 2016-08-27 06:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-01 02:29 - 2016-08-27 06:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-01 02:29 - 2016-08-20 08:26 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-01 02:29 - 2016-08-20 08:13 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-01 02:29 - 2016-08-20 08:06 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-01 02:29 - 2016-08-20 08:06 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-01 02:29 - 2016-08-20 08:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-01 02:29 - 2016-08-20 08:05 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-01 02:29 - 2016-08-20 08:04 - 07814488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-01 02:29 - 2016-08-20 08:04 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-01 02:29 - 2016-08-20 08:04 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-01 02:29 - 2016-08-20 08:03 - 02257248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-01 02:29 - 2016-08-20 08:03 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-01 02:29 - 2016-08-20 07:52 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 01279328 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-01 02:29 - 2016-08-20 07:52 - 00658776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-01 02:29 - 2016-08-20 07:52 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von hochs (07-09-2016 17:14:42)
Gestartet von C:\Users\hochs\Downloads
Windows 10 Pro Version 1607 (X64) (2016-08-07 12:29:07)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
admin (S-1-5-21-2615813048-3284018108-3599952075-1004 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-2615813048-3284018108-3599952075-500 - Administrator - Disabled) => C:\Users\Administrator
BitBox (S-1-5-21-2615813048-3284018108-3599952075-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-2615813048-3284018108-3599952075-503 - Limited - Disabled)
Gast (S-1-5-21-2615813048-3284018108-3599952075-501 - Limited - Disabled)
hochs (S-1-5-21-2615813048-3284018108-3599952075-1001 - Limited - Enabled) => C:\Users\hochs
HomeGroupUser$ (S-1-5-21-2615813048-3284018108-3599952075-1006 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.2.2075 - Open Media LLC)
Acronis True Image (HKLM-x32\...\{1D97407D-1C0C-4749-8A57-A57C17C71D45}Visible) (Version: 20.0.5534 - Acronis)
Acronis True Image (x32 Version: 20.0.5534 - Acronis) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{6E356EEF-203C-451B-9144-CBF099E3738A}) (Version: 4.54.55.1642 - Elcomsoft Co. Ltd.)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Internet Accelerator 3.20 (HKLM-x32\...\Ashampoo Internet Accelerator 3_is1) (Version: 3.2.0 - ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 14 (HKLM-x32\...\{4209F371-DEAB-BE89-2E8A-9643100258DD}_is1) (Version: 14.00.02 - Ashampoo GmbH & Co. KG)
Audials (HKLM-x32\...\{1FB97FD3-587A-41CC-BDE2-1651FDE7008F}) (Version: 14.1.4900.0 - Audials AG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.20.59 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 1.5.2.25975 - Avira Operations GmbH & Co. KG)
Avira Scout (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\{2e5cccd9-3da2-4641-b197-6d06e92643d0}) (Version: 16.7.11.945 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{96CADA13-A19B-4270-A536-A280EA510DB0}) (Version: 1.2.3.493 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 2.6.1.2751 - Avira Operations GmbH & Co. KG)
AviraScoutMsi (x32 Version: 16.07.11.00945 - Avira Operations GmbH & Co. KG) Hidden
BeeThink SpyDetector 2.0 (HKLM-x32\...\BeeThink SpyDetector_is1) (Version: - BeeThink SoftWare, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
Bria 4 (HKLM-x32\...\{446E2A79-E395-4FB2-98FE-B39A42153EF0}) (Version: 45.8.1133 - CounterPath Corporation)
Browser in the Box (HKLM-x32\...\BitBox) (Version: 4.3.2-r211 - Sirrix AG)
CamStudio (HKLM-x32\...\CamStudio) (Version: - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6139 - CDBurnerXP)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Clover 3.0 (HKLM-x32\...\Clover) (Version: 3.0 - EJIE Technology)
cnlabSpeedTest (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\{fxApplication}}_is1) (Version: 1.4.0 - cnlab AG)
CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.1713.60 - CyberLink Corp.)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 3.01 - NCH Software)
Design & Print (HKLM-x32\...\Design & Print 3.0.2) (Version: 3.0.2 - Avery Zweckform)
Disconnect Desktop (x32 Version: 2.0.5 - Disconnect) Hidden
DoNotSpy10 (HKLM-x32\...\{32D066BD-F94C-4948-8FA8-84653EE9617E}_is1) (Version: 1.1.0.0 - pXc-coding.com)
DVBLink Viewer (HKLM-x32\...\{FE33BB16-65E4-41EA-AA5A-D3436058355D}) (Version: 6.0.0000 - DVBLogic)
DVR-Studio HD 3 (HKLM-x32\...\DVR-Studio HD 3) (Version: 3.21 - Haenlein-Software)
ELAN Touchpad 11.5.21.6_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.21.6 - ELAN Microelectronic Corp.)
EMDB 2.56 (HKLM-x32\...\EMDB_is1) (Version: - Wicked & Wild Inc.)
Epic Games Launcher (HKLM-x32\...\{C8E7C575-FCFA-46B2-8FC0-E8AC65501350}) (Version: 1.1.78.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.6.2.3 - Telerik)
FileBot (HKLM\...\{3C2F8747-8A77-4CF9-8751-83BEA632F148}) (Version: 4.7 - Reinhard Pointner)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.26.721 - Digital Wave Ltd)
Freemake Video Converter Version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.89 - Google Inc.)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HexChat (HKLM\...\HexChat_is1) (Version: 2.12.1 - HexChat)
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{9086D601-50B7-491D-A143-28193DADE36B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6700 Hilfe (HKLM-x32\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.37 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{724A887F-2B55-4306-B6F9-8F0E7A04B1B5}) (Version: 5.2.2.87 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IPTV Playlist Editor (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\b5c1fe538a4271cb) (Version: 1.2.0.0 - Jan Sušnik)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KaraFun Player 2 (HKLM-x32\...\KaraFun Player 2_is1) (Version: 2.2.10.1 - Recisio)
KeePass Password Safe 2.34 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.34 - Dominik Reichl)
Kodi (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Kodi) (Version: - XBMC-Foundation)
Kodi M3U IPTV Editor (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\9dd71a3ef5f76512) (Version: 1.3.6.0 - Gabriel Denys)
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version: - LastPass)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.3.1 (HKLM-x32\...\{26AC9666-A2C6-4D33-8370-A50F50F277C4}_is1) (Version: 1.3.1 - Sam Rodberg)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)
MyHarmony (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
MyMDb 3.6 (HKLM-x32\...\MyMDb_0) (Version: - )
MyMDb 3.6 (HKLM-x32\...\MyMDb_1) (Version: - )
Nero 2016 (HKLM-x32\...\{4297E807-5633-466A-8AC0-5AC48D310471}) (Version: 17.0.02000 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
OpenVPN 2.3.8-I601 (HKLM-x32\...\OpenVPN) (Version: 2.3.8-I601 - )
Oracle VM VirtualBox 5.0.20_Sirrix (HKLM\...\{D5D3DA57-5784-4703-845B-7AC08D13C4DE}) (Version: 5.0.20 - Sirrix AG)
Outils de vérification linguistique 2016 de Microsoft Office*- Français (x32 Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Paltalk Messenger 11.7 (HKLM-x32\...\Paltalk Messenger) (Version: 11.7.646.17836 - AVM Software Inc.)
Password Safe and Repository 7 (HKLM\...\{7B6F4DF3-57DA-49AD-8A6B-5639E9D66E8B}) (Version: 7.5.1.2259 - MATESO GmbH)
PeaZip 6.1.0 (WIN64) (HKLM\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: 6.1.0 - Giorgio Tani)
PeaZip configuration (WIN64) (HKLM\...\{4F8D60A8-C53D-47BD-AE5C-31AE6566D638}_is1) (Version: - Giorgio Tani)
Playlist Creator 3.6.2 (HKLM-x32\...\Playlist Creator 3.6.2) (Version: 3.6.2.0 - oddgravity)
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 3.0.7.0 - Goversoft LLC)
Python Launcher (HKLM-x32\...\{963ECCDD-F09F-4C24-9367-8B5D748AA7C8}) (Version: 3.5.2121.0 - Python Software Foundation)
Qt (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\{81da7fc6-efa6-4d35-b234-db73874b715f}) (Version: 2.0.3 - The Qt Company Ltd)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros Communications)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
RT 7 Lite (64-Bit) (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\RT 7 Lite x64) (Version: 2.6.0 - Rockers Team)
RT 7 Lite x64 (Version: 2.6.0 - Rockers Team) Hidden
Samsung Link 2.0.0.1603091618 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1603091618 - Samsung Electronics Co.,Ltd)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.7 - Samsung Electronics)
Samsung Portable SSD T3 (HKLM-x32\...\Samsung Portable SSD T3_is1) (Version: 1.3 - Samsung Electronics)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
Smart View (HKLM-x32\...\{C7B50A89-F1D6-41C1-9375-0AF0C4CFE66F}) (Version: 1.0.0.0 - Samsung )
SolveigMM AVI Trimmer+ Version 5.0.1603.23 (HKLM-x32\...\SolveigMM AVI Trimmer_is1) (Version: 5.0.1603.23 - Solveig Multimedia)
Star Downloader Free (HKLM-x32\...\Star Downloader Free) (Version: - )
Stashimi Stub Installer (x32 Version: 18.001.1 - Nero AG) Hidden
Sticky Password 8.0.8.116 (HKLM-x32\...\Sticky Password_is1) (Version: 8.0 - Lamantine Software)
Streaming Video Recorder V5.1.5 (HKLM-x32\...\{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1) (Version: 5.1.5 - APOWERSOFT LIMITED)
Strumenti di correzione di Microsoft Office 2016 - Italiano (x32 Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
Synology Cloud Station Backup (remove only) (HKLM\...\Synology Cloud Station Backup) (Version: 4.1.4224 - Synology, Inc.)
Synology Cloud Station Drive (remove only) (HKLM\...\Synology Cloud Station Drive) (Version: 4.1.4224 - Synology, Inc.)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
Total Network Inventory 3.2.6 (build 2170) (HKLM-x32\...\Total Network Inventory 3_is1) (Version: 3.2.6 (build 2170) - Softinventive Lab Inc.)
Total Network Monitor 2.2.0 build 5530 (HKLM-x32\...\Total Network Monitor 2_is1) (Version: 2.2.0.5530 - Softinventive Lab Inc.)
Total Recorder 8.6 Standard Edition (HKLM-x32\...\TotalRecorder) (Version: - )
TraXEx 7.0 (HKLM-x32\...\TraXEx_is1) (Version: 7.0.5.0 - Alexander Miehlke Softwareentwicklung)
Unreal Tournament 3 Black Edition (HKLM-x32\...\Unreal Tournament 3 Black Edition_is1) (Version: - )
Update for Skype for Business 2016 (KB3115087) 32-Bit Edition (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}_Office16.PROPLUS_{3548386C-51B2-4935-9EFC-76AB7048E4C0}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115087) 32-Bit Edition (HKLM-x32\...\{90160000-012B-0407-0000-0000000FF1CE}_Office16.PROPLUS_{3548386C-51B2-4935-9EFC-76AB7048E4C0}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WD My Cloud (HKLM\...\{8F19C800-80A5-4636-B560-39A58112D45B}) (Version: 1.0.4.37 - Western Digital Technologies, Inc.)
Web Stream Recorder (HKLM-x32\...\{8AAD9D0F-567C-4F8C-A0DA-1AB5B1243F68}_is1) (Version: 2015 - Bolide Software)
WhatsApp (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\WhatsApp) (Version: 0.2.1455 - WhatsApp)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17349 - Microsoft Corporation)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinSCP 5.9.1 (HKLM-x32\...\winscp3_is1) (Version: 5.9.1 - Martin Prikryl)
Wondershare TunesGo Retro ( Version 4.9.4 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 4.9.4 - Wondershare)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.23-0 - Bitnami)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.8.9.20150724 - Xilisoft)
Yahoo Messenger (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\yahoomessenger) (Version: 0.8.267 - Yahoo! Inc)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job =>
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job =>
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job =>
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => <==== ACHTUNG
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => <==== ACHTUNG
Task: C:\WINDOWS\Tasks\HPCeeScheduleForhochs.job =>
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\hochs\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.html
ShortcutWithArgument: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt\5.7\MinGW 5.3.0 (32-bit)\Qt 5.7 for Desktop (MinGW 5.3.0 32 bit).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /A /Q /K C:\Qt\5.7\mingw53_32\bin\qtenv2.bat
ShortcutWithArgument: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt\5.6\MinGW 4.9.2 (32-bit)\Qt 5.6 for Desktop (MinGW 4.9.2 32 bit).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /A /Q /K C:\Qt\5.6\mingw49_32\bin\qtenv2.bat
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-07 14:31 - 2016-08-07 14:31 - 00959168 _____ () C:\Users\hochs\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 13:43 - 2016-08-24 03:38 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 13:43 - 2016-09-01 02:26 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-01 02:29 - 2016-08-20 06:54 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-16 13:43 - 2016-09-01 02:26 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-01 02:29 - 2016-08-20 06:54 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-09-25 03:04 - 2013-09-25 03:04 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-25 03:01 - 2013-09-25 03:01 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-25 03:08 - 2013-09-25 03:08 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2016-08-21 14:28 - 2016-08-21 14:28 - 00586352 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2016-05-27 13:45 - 2016-03-09 17:18 - 00025088 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2016-05-27 13:45 - 2016-03-09 17:18 - 00049664 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2013-12-21 11:25 - 2013-12-21 11:25 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 11:26 - 2013-12-21 11:26 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 00030720 _____ () C:\WINDOWS\SYSTEM32\MediaDB64.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 00908800 _____ () C:\WINDOWS\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00016896 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00049152 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00299520 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00058880 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 04535192 _____ () C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe
2016-08-21 15:11 - 2016-08-21 15:11 - 04657312 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe:BDU [0]
AlternateDataStreams: C:\ProgramData\TEMP:D31D1159 [148]
AlternateDataStreams: C:\Users\hochs\Desktop\tdsskiller.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\4kvideodownloader_4.1.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\ashampoo_winoptimizer_14_e14.00.02_sm.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\ChromeSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\da9e.tmp:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\IDM_Pre (1).exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\IDM_Pre.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\Nicht bestätigt 426776.crdownload:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\Nicht bestätigt 72968.crdownload:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\Nicht bestätigt 790328.crdownload:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\putty.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\puttytel.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\sdfree.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\SlimDrivers-setup.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\traxex70.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\TVCSUTSetup_V1.0.0.2.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\vlc-2.2.4-win32(1).exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\vlc-2.2.4-win32.exe:BDU [0]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7914 mehr Seiten.
IE trusted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123simsen.com -> www.123simsen.com
Da befinden sich 7914 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-08-28 14:02 - 2016-09-01 13:10 - 00000021 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{71BC129C-DD6F-4727-8E33-B3F72F789FCF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2BCDD67C-3F96-40D2-AFFB-3D4D9DF92F3E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DF06A1D3-2D4E-4328-B0BE-E39765116DF0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{454DE9C3-1D7E-400B-A792-9A6FE6AD393C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5EB3A212-D803-4E22-8BC4-7058DDEEE41A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8DEAC3A1-4C3F-49E3-9654-480C27A8EDB8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{9B54A4BA-29F0-4D56-A69B-F6FF9815D1B9}C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{B5793EA5-DBFC-4121-94ED-5B37D9317901}C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{0D14957E-832B-4B7F-951A-325AC2201CFB}C:\users\hochs\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\hochs\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [UDP Query User{2E41912B-61BE-48DA-BEC3-A6F2C68BF9EE}C:\users\hochs\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\hochs\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [TCP Query User{678E119B-A233-45E6-A725-A6A33BD246DB}C:\program files\samsung\samsung link\samsung link tray agent.exe] => (Allow) C:\program files\samsung\samsung link\samsung link tray agent.exe
FirewallRules: [UDP Query User{C1310BC5-F429-4A87-B7EC-1BF81C20A04C}C:\program files\samsung\samsung link\samsung link tray agent.exe] => (Allow) C:\program files\samsung\samsung link\samsung link tray agent.exe
FirewallRules: [TCP Query User{69256106-0642-4C68-B603-E70390ACE657}C:\program files (x86)\counterpath\bria 4\bria4.exe] => (Allow) C:\program files (x86)\counterpath\bria 4\bria4.exe
FirewallRules: [UDP Query User{AC30E9FC-FB28-422C-ACCA-7E3E7F7D175B}C:\program files (x86)\counterpath\bria 4\bria4.exe] => (Allow) C:\program files (x86)\counterpath\bria 4\bria4.exe
FirewallRules: [{889938CA-6E77-4AE4-8E54-7FE28D2E4CE2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
FirewallRules: [{58C0D146-0CFC-4BB0-9B67-BFACDE543F6B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
FirewallRules: [{DAAD7992-B9D3-4CB9-80EA-52D898804520}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{60C076A3-7850-449E-A412-01F75CA482E7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{8DA3ED20-46F5-4DA2-9DA6-8DE5201190DB}] => (Allow) LPort=1688
FirewallRules: [{3FA5C158-EB01-4D72-856C-723D882B8DF8}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe
FirewallRules: [{FF620410-5524-49C5-B096-CD8632AF202E}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe
FirewallRules: [TCP Query User{511025B3-0383-4480-A08C-F1CDCA5F588A}C:\program files (x86)\counterpath\bria 4\bria4.exe] => (Allow) C:\program files (x86)\counterpath\bria 4\bria4.exe
FirewallRules: [UDP Query User{B2CE4AA4-3E6C-4889-9B4F-431DC70C8A99}C:\program files (x86)\counterpath\bria 4\bria4.exe] => (Allow) C:\program files (x86)\counterpath\bria 4\bria4.exe
FirewallRules: [TCP Query User{88F2C063-DC0A-4E23-A3B0-5812D4D955F6}C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{8143A44A-CF79-4B7F-A40C-5D6B5250DB27}C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{47104632-9649-476B-9B46-E0C08B74F7FD}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [UDP Query User{6890CE15-6432-4588-9536-B2BDF4ACF54A}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [TCP Query User{E5D59600-8DE6-4481-80D4-DD74592385F5}D:\candiload\load.exe] => (Allow) D:\candiload\load.exe
FirewallRules: [UDP Query User{0FFC06CE-8CD4-41A5-9FC7-4EB39B68694D}D:\candiload\load.exe] => (Allow) D:\candiload\load.exe
FirewallRules: [TCP Query User{02FADEE2-2C87-475E-B663-491838DD6E34}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [UDP Query User{F3779F9F-F43E-4D27-BB13-A5920D03C3FF}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [{CDD20C47-B894-413A-8455-185D51FA810D}] => (Allow) C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\\openvpn\bin\openvpn.exe
FirewallRules: [{1277B574-7D5C-41CF-9C14-BB5A5840FE29}] => (Allow) C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\\openvpn\bin\openvpnserv.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Killer Wireless-N 1202 Network Adapter
Description: Killer Wireless-N 1202 Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/07/2016 05:14:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (09/07/2016 05:13:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (09/07/2016 05:13:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (09/07/2016 05:12:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (09/07/2016 05:11:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (09/07/2016 05:11:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (09/07/2016 05:10:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (09/07/2016 05:10:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (09/07/2016 05:10:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (09/07/2016 05:09:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Systemfehler:
=============
Error: (09/07/2016 05:07:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Audio" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/07/2016 05:07:28 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/07/2016 05:07:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/07/2016 05:07:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/07/2016 05:07:16 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (09/07/2016 05:07:16 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (09/07/2016 05:07:15 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "HomeGroupListener" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%2147944153 = In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.
Error: (09/07/2016 05:06:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/07/2016 05:06:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Ashampoo LiveTuner 2 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/07/2016 05:06:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Acronis Sync Agent Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 10%
Installierter physikalischer RAM: 32717.54 MB
Verfügbarer physikalischer RAM: 29166.11 MB
Summe virtueller Speicher: 32917.54 MB
Verfügbarer virtueller Speicher: 28135.16 MB
==================== Laufwerke ================================
Drive c: (Windows 10 ) (Fixed) (Total:380.77 GB) (Free:28.56 GB) NTFS
Drive d: () (Fixed) (Total:931.39 GB) (Free:101.48 GB) NTFS
Drive y: (Videos) (Network) (Total:3663.13 GB) (Free:3009.36 GB) NTFS
Drive z: (VIDEOS) (Network) (Total:2678.31 GB) (Free:2089.7 GB) NTFS
==================== MBR & Partitionstabelle ==================
==================== Ende von Addition.txt ============================
|
|
08.09.2016, 13:59
| #10 |
| /// Malwareteam | Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus Hi, ich bräuchte das Log von MBAM: Malwarebytes Anti-Malware Logfile finden - Anleitungen Und FRST bitte mit Admin-Rechten wiederholen. |
|
08.09.2016, 19:57
| #11 |
| | Log File Malwarebytes Hallo Dennis Hier noch das Logfile von Malwarebytes : Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 08.09.2016 Suchlaufzeit: 20:39 Protokolldatei: malwarebytes-log-08-09-2016.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.09.08.08 Rootkit-Datenbank: v2016.08.15.01 Lizenz: Premium-Version Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: admin Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 429474 Abgelaufene Zeit: 9 Min., 5 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
08.09.2016, 20:26
| #12 |
| | Log von FRSTCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von admin (Administrator) auf DESKTOP-GBIJB17 (08-09-2016 21:18:15)
Gestartet von D:\FRST
Geladene Profile: hochs & admin (Verfügbare Profile: hochs & admin & Administrator)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
() C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
() C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Visicom Media Inc.) C:\ProgramData\ManyCam\Service\ManyCamService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
() C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe
(CounterPath) C:\Program Files (x86)\CounterPath\Bria 4\Bria4.exe
(Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe
(Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe
(Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(The CefSharp Authors) C:\Program Files (x86)\CounterPath\Bria 4\CefSharp.BrowserSubprocess.exe
(Alexander Miehlke Softwareentwicklung) C:\Program Files (x86)\TraXEx\TraXEx.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(AVM Software Inc.) C:\Program Files (x86)\Paltalk Messenger\paltalk.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(EJIE Technology) C:\Program Files (x86)\Clover\clover.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350232 2016-06-16] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [586352 2016-08-21] ()
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [615144 2016-03-09] (Samsung Electronics Co.,Ltd)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe [4164944 2016-07-01] (Ashampoo Development GmbH & Co. KG)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4657312 2016-08-21] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [PowerDVD16Agent] => C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe [525352 2016-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425352 2016-06-03] (Acronis International GmbH)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2779136 2016-06-11] (Dominik Reichl)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [18520 2016-08-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [830064 2016-09-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [DeleteOnReboot] => C:\Users\admin\AppData\Local\Temp\DeleteOnReboot.bat <===== ACHTUNG
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Atheros Communications)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1084688 2016-04-21] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe [4535192 2016-06-09] ()
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Bria 4] => C:\Program Files (x86)\CounterPath\Bria 4\Bria4.exe [4734344 2016-07-11] (CounterPath)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Yahoo Messenger Updater] => C:\Users\hochs\AppData\Roaming\Yahoo Messenger\YMUpdater\YMUpdater.exe [115144 2016-08-18] (Yahoo!, Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Yahoo Messenger] => C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe [61315088 2016-08-18] (Yahoo! Inc)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Free Download Manager] => "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [64000 2016-08-10] (Lamantine Software a.s.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\MountPoints2: {3aefeae5-1f0f-11e6-9b9c-806e6f6e6963} - "E:\pcwstart.exe"
HKU\S-1-5-21-2615813048-3284018108-3599952075-1004\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [64000 2016-08-10] (Lamantine Software a.s.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1004\...\RunOnce: [gi1060840868] => "C:\Users\admin\AppData\Local\Temp\gi34UBJM.exe" /resume:"C:\Users\admin\AppData\Local\Temp\2C34U6OB" /exename:"C:\Users\hochs\Downloads\SolveigMM Video Splitter 5.2.1512.16 Business Edition & Portabl (Der Dateneintrag hat 60 mehr Zeichen). <===== ACHTUNG
HKU\S-1-5-21-2615813048-3284018108-3599952075-1004\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[C4].txt
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => Keine Datei
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => Keine Datei
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => Keine Datei
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => Keine Datei
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => Keine Datei
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2016-09-04]
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TraXEx 7.0.lnk [2016-09-01]
ShortcutTarget: TraXEx 7.0.lnk -> C:\Program Files (x86)\TraXEx\TraXEx.exe (Alexander Miehlke Softwareentwicklung)
Startup: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2016-08-14] ()
Startup: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2016-08-30]
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{312630d7-a3ea-4a35-adc2-e36214d724f3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{81c71945-0989-48f6-948e-0f58b3f79291}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9758ba7f-718c-4803-9b3d-86710972f7a9}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{fd990bb7-d9d2-4a29-aa70-f3b31832c661}: [DhcpNameServer] 10.143.14.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-06] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-06] (Oracle Corporation)
BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll [2014-01-23] (EJIE Technology)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-06] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-06] (Oracle Corporation)
BHO-x32: Kein Name -> {FFFFFEF0-5B30-21D4-945D-000000000000} -> C:\Program Files (x86)\Star Downloader\SDIEInt.dll [2006-02-26] ()
Toolbar: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-06] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-08-26] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-06] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-08-26] (LastPass)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-05-27] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-08-28] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-05-27] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Firefox\Extensions: [{76dccd48-a276-11e5-8934-cd441d5d46b0}] - C:\Users\hochs\AppData\Roaming\Lamantine\Sticky Password\spAutofillMoz => nicht gefunden
FF HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => nicht gefunden
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hmobfennjmjnkdbklhcnnfbhfibedgkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jeoacafpbcihiomhlakheieifhpjdfeo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1277688 2016-08-21] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6086744 2016-08-25] ()
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert]
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [989696 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1454720 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [253392 2016-08-26] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [26760 2016-08-23] (Avira Operations GmbH & Co. KG)
R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2016-06-20] (Sirrix AG) [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-08-29] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 Cloud Station Backup VSS Service x64; C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [287256 2016-07-04] ()
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287256 2016-07-04] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [391656 2016-07-22] (Digital Wave Ltd.)
S3 Disconnect Desktop Updater; C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe [358400 2015-09-23] (Disconnect)
S3 disconnect-openvpn; C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\nssm.exe [338944 2014-08-31] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
S3 m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E; C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe [8331360 2015-11-26] (Swisscom (Schweiz) AG)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4692840 2016-08-15] (Acronis International GmbH)
R2 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [7717528 2016-07-18] (Acronis International GmbH)
R2 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1516920 2016-08-21] ()
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [623848 2016-03-09] (Samsung Electronics Co.,Ltd)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-17] (Microsoft Corporation)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [27632 2016-08-18] (Avira Operations GmbH & Co. KG)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9729272 2016-08-11] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248840 2016-03-18] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WO_LiveService2; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe [257872 2016-07-01] ()
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\TunesGo Retro\DriverInstall.exe [116368 2016-04-16] (Wondershare)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
S3 athr; C:\Windows\System32\drivers\athw10x.sys [4316456 2016-06-16] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-08-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-08-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-08-18] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-08-18] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-09] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-09] (Disc Soft Ltd)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [375136 2016-08-25] (Acronis International GmbH)
R2 LiveTuner2PM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner64.sys [14320 2014-03-20] ()
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-08] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 prl_virtual_hid; C:\Windows\System32\drivers\prl_virtual_hid.sys [19688 2015-09-18] ()
S3 ptun0901; C:\Windows\System32\drivers\ptun0901.sys [27136 2014-08-08] (The OpenVPN Project)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [34608 2016-06-09] (Audials AG)
S3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42064 2016-08-15] (Anchorfree Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1267544 2016-08-25] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [212320 2016-08-25] (Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [687968 2016-08-25] (Acronis International GmbH)
R3 TotRec8; C:\WINDOWS\system32\drivers\TotRec8.sys [125568 2015-10-20] (High Criteria inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [182480 2016-04-29] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135768 2016-04-28] (Oracle Corporation)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [331104 2016-08-25] (Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; C:\Program Files (x86)\CyberLink\PowerDVD16\Common\NavFilter\000.fcl [29624 2016-03-28] (CyberLink Corp.)
U3 DfSdkS; kein ImagePath
S3 NPF; system32\drivers\NPF.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-08 21:04 - 2016-09-08 21:04 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2016-09-08 21:04 - 2016-09-08 21:04 - 00000000 ____D C:\Program Files\Unlocker
2016-09-08 20:38 - 2016-09-08 20:38 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-08 20:37 - 2016-09-08 20:37 - 00001186 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-09-08 20:37 - 2016-09-08 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-09-08 20:37 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-08 20:37 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-08 20:37 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-07 17:12 - 2016-09-07 17:12 - 02397696 _____ (Farbar) C:\Users\hochs\Downloads\FRST64.exe
2016-09-04 14:06 - 2016-09-04 14:06 - 00000000 ____D C:\Users\hochs\Documents\Solveig Multimedia
2016-09-04 14:05 - 2016-09-04 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solveig Multimedia
2016-09-04 14:05 - 2016-09-04 14:24 - 00000000 ____D C:\Program Files (x86)\Solveig Multimedia
2016-09-04 14:05 - 2016-09-04 14:05 - 00001417 _____ C:\Users\Public\Desktop\SolveigMM AVI Trimmer+.lnk
2016-09-04 13:57 - 2016-09-04 13:57 - 00000000 ____D C:\Users\hochs\AppData\Local\IsolatedStorage
2016-09-04 13:56 - 2016-09-04 13:56 - 00000000 ____D C:\Users\hochs\Documents\Haenlein-Software
2016-09-04 13:55 - 2016-09-04 13:55 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVR-Studio HD 3
2016-09-04 13:54 - 2016-09-04 13:55 - 00001180 _____ C:\Users\admin\Desktop\DVR-Studio HD 3.lnk
2016-09-04 13:54 - 2016-09-04 13:55 - 00000000 ____D C:\Program Files (x86)\DVR-Studio HD 3
2016-09-04 13:09 - 2016-09-04 13:09 - 00002387 _____ C:\Users\admin\Desktop\MediathekView - CHIP Installer.lnk
2016-09-04 12:33 - 2016-09-04 12:33 - 00000000 ____D C:\Users\admin\AppData\Local\Free Download Manager
2016-09-04 12:07 - 2016-09-04 12:08 - 00000000 ____D C:\Users\hochs\MediathekView
2016-09-04 11:58 - 2016-08-08 15:51 - 03065285 _____ C:\Users\admin\Downloads\MediathekView.jar
2016-09-04 11:58 - 2016-08-08 15:51 - 00057344 _____ C:\Users\admin\Downloads\MediathekView__Start.exe
2016-09-04 11:58 - 2016-08-08 15:51 - 00001470 _____ C:\Users\admin\Downloads\Hilfe___bitte_lesen.txt
2016-09-04 11:58 - 2016-08-08 15:51 - 00000364 _____ C:\Users\admin\Downloads\MediathekView__Mac_Start.command
2016-09-04 11:58 - 2016-08-08 15:51 - 00000325 _____ C:\Users\admin\Downloads\MediathekView__Linux.sh
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Windows
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Portable
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\lib
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Info
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Icons
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Copyright
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\bin
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Anleitung
2016-09-04 11:54 - 2016-09-04 11:54 - 39389109 _____ C:\Users\admin\Downloads\MediathekView_12.zip
2016-09-04 11:26 - 2016-09-04 11:26 - 00001124 _____ C:\Users\Public\Desktop\BeeThink SpyDetector 2.0.lnk
2016-09-04 11:26 - 2016-09-04 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeeThink SpyDetector 2.0
2016-09-04 11:26 - 2016-09-04 11:26 - 00000000 ____D C:\Program Files (x86)\BeeThink SpyDetector_2.0
2016-09-04 06:12 - 2016-09-04 06:12 - 00002065 _____ C:\Users\admin\Desktop\Paltalk Messenger.lnk
2016-09-04 06:12 - 2016-09-04 06:12 - 00001186 _____ C:\Users\admin\Desktop\Upgrade to Paltalk Extreme.lnk
2016-09-04 06:12 - 2016-09-04 06:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\Paltalk
2016-09-04 06:12 - 2016-09-04 06:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
2016-09-04 06:12 - 2016-09-04 06:12 - 00000000 ____D C:\Program Files (x86)\Paltalk Messenger
2016-09-03 11:00 - 2016-09-04 14:26 - 00372872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-03 09:22 - 2016-09-03 09:24 - 00312694 _____ C:\TDSSKiller.3.1.0.11_03.09.2016_09.22.54_log.txt
2016-09-02 18:50 - 2016-09-02 18:50 - 00000921 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-09-02 18:50 - 2016-09-02 18:50 - 00000873 _____ C:\Users\admin\Desktop\Start Tor Browser.lnk
2016-09-02 18:50 - 2016-09-02 18:50 - 00000000 ____D C:\Users\admin\Desktop\Tor Browser
2016-09-02 18:11 - 2016-09-02 18:37 - 00000000 ____D C:\Users\admin\AppData\Local\DisconnectDesktop
2016-09-02 18:11 - 2016-09-02 18:11 - 00003764 _____ C:\WINDOWS\System32\Tasks\Disconnect Desktop Updater
2016-09-02 18:11 - 2016-09-02 18:11 - 00001258 _____ C:\Users\admin\Desktop\Disconnect Desktop.lnk
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Mozilla
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disconnect Desktop
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Disconnect
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Local\Caphyon
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Program Files\TAP-Windows
2016-09-02 09:16 - 2016-09-02 09:16 - 00000000 ____D C:\Users\admin\AppData\Local\Avira
2016-09-02 09:15 - 2016-09-02 09:15 - 00002398 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ___RD C:\Users\admin\OneDrive
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\Documents\Bluetooth Folder
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Roaming\SAMSUNG
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Roaming\Atheros
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Roaming\Apple Computer
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\Wondershare
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\CyberLink
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\Clover
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\BMExplorer
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\.swt
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-02 09:14 - 2016-09-02 09:16 - 00000000 ____D C:\Users\admin\AppData\Local\Packages
2016-09-02 09:14 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\ConnectedDevicesPlatform
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Roaming\Adobe
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\VirtualStore
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\TileDataLayer
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\Publishers
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\Google
2016-09-02 03:30 - 2016-09-08 06:43 - 00000000 ___SD C:\Users\hochs\Documents\Sticky Passwords
2016-09-02 03:29 - 2016-09-02 03:29 - 00001176 _____ C:\Users\Public\Desktop\Sticky Password.lnk
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ___SD C:\Users\admin\Documents\Sticky Passwords
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ____D C:\Users\admin\AppData\Local\PeerDistRepub
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Password
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ____D C:\Program Files (x86)\Sticky Password
2016-09-02 03:25 - 2016-09-02 09:19 - 00000000 ____D C:\Users\admin
2016-09-02 03:25 - 2016-09-02 03:25 - 00000020 ___SH C:\Users\admin\ntuser.ini
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Vorlagen
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Startmenü
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Netzwerkumgebung
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Lokale Einstellungen
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Eigene Dateien
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Druckumgebung
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Documents\Eigene Videos
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Documents\Eigene Musik
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Documents\Eigene Bilder
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\AppData\Local\Verlauf
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\AppData\Local\Anwendungsdaten
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Anwendungsdaten
2016-09-01 18:18 - 2016-09-01 18:18 - 00000000 ____D C:\Users\hochs\AppData\Local\AviraSpeedup
2016-09-01 18:16 - 2014-05-25 02:36 - 00015360 _____ C:\WINDOWS\system32\SppExtComObjHook.dll
2016-09-01 18:14 - 2014-08-08 18:31 - 00027136 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\ptun0901.sys
2016-09-01 16:24 - 2016-09-01 16:24 - 00002741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002674 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002654 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-09-01 16:24 - 2016-09-01 16:24 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-09-01 16:24 - 2016-09-01 16:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Users\hochs\AppData\Local\Microsoft Help
2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Program Files\Microsoft Office
2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-09-01 16:20 - 2016-09-01 16:20 - 00000000 __RHD C:\MSOCache
2016-09-01 16:11 - 2016-09-01 16:11 - 00002429 _____ C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira Scout.lnk
2016-09-01 16:11 - 2016-09-01 16:11 - 00002421 _____ C:\Users\hochs\Desktop\Avira Scout.lnk
2016-09-01 16:11 - 2016-09-01 16:11 - 00000000 ____D C:\Users\hochs\AppData\Local\Package Cache
2016-09-01 16:09 - 2016-09-01 17:09 - 00000000 ____D C:\Program Files (x86)\KMSPico
2016-09-01 15:23 - 2016-09-01 15:23 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-09-01 15:21 - 2016-08-18 15:52 - 00154392 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-09-01 15:21 - 2016-08-18 15:52 - 00144664 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-09-01 15:21 - 2016-08-18 15:52 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-09-01 15:21 - 2016-08-18 15:52 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-09-01 14:38 - 2016-09-01 14:38 - 00002162 _____ C:\Users\Public\Desktop\Avira Software Updater.lnk
2016-09-01 14:19 - 2016-09-01 14:20 - 00001370 _____ C:\Users\hochs\Desktop\shutdown.bat.lnk
2016-09-01 14:17 - 2016-09-01 14:17 - 00000289 _____ C:\Users\hochs\Desktop\Wie installiere ich erneut mein Avira Antivirus Produkt - Avira Answers.URL
2016-09-01 14:03 - 2016-09-01 16:11 - 00000000 ____D C:\Users\hochs\AppData\Local\Avira
2016-09-01 13:53 - 2016-09-01 13:53 - 00001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira Phantom VPN.lnk
2016-09-01 13:53 - 2016-09-01 13:53 - 00001124 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2016-09-01 13:51 - 2016-09-08 21:07 - 00000000 ____D C:\Users\Public\Speedup Sessions
2016-09-01 13:51 - 2016-09-06 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-01 13:51 - 2016-09-01 15:21 - 00000000 ____D C:\ProgramData\Avira
2016-09-01 13:51 - 2016-09-01 15:21 - 00000000 ____D C:\Program Files (x86)\Avira
2016-09-01 13:51 - 2016-09-01 13:51 - 00003430 _____ C:\WINDOWS\System32\Tasks\Avira System Speedup Tray
2016-09-01 13:51 - 2016-09-01 13:51 - 00001298 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-09-01 13:51 - 2016-09-01 13:51 - 00001227 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2016-09-01 13:40 - 2016-09-01 13:40 - 00028335 _____ C:\ProgramData\1472729999.bdinstall.bin
2016-09-01 13:12 - 2016-09-01 13:12 - 00238909 _____ C:\ProgramData\1472728277.bdinstall.bin
2016-09-01 08:39 - 2016-09-01 08:39 - 00002351 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-01 08:39 - 2016-09-01 08:39 - 00002339 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-01 08:35 - 2016-09-02 10:31 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-09-01 08:35 - 2016-09-02 10:31 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-09-01 08:35 - 2016-09-01 08:35 - 00002135 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-09-01 08:35 - 2016-09-01 08:35 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-09-01 02:29 - 2016-08-27 14:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-01 02:29 - 2016-08-27 11:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-01 02:29 - 2016-08-27 07:12 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-01 02:29 - 2016-08-27 07:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-01 02:29 - 2016-08-27 06:58 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-01 02:29 - 2016-08-27 06:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-01 02:29 - 2016-08-27 06:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-01 02:29 - 2016-08-27 06:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-01 02:29 - 2016-08-27 06:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-01 02:29 - 2016-08-27 06:38 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-01 02:29 - 2016-08-27 06:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-01 02:29 - 2016-08-27 06:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-01 02:29 - 2016-08-27 06:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-01 02:29 - 2016-08-20 08:26 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-01 02:29 - 2016-08-20 08:13 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-01 02:29 - 2016-08-20 08:06 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-01 02:29 - 2016-08-20 08:06 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-01 02:29 - 2016-08-20 08:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-01 02:29 - 2016-08-20 08:05 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-01 02:29 - 2016-08-20 08:04 - 07814488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-01 02:29 - 2016-08-20 08:04 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-01 02:29 - 2016-08-20 08:04 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-01 02:29 - 2016-08-20 08:03 - 02257248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-01 02:29 - 2016-08-20 08:03 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-01 02:29 - 2016-08-20 07:52 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 01279328 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-01 02:29 - 2016-08-20 07:52 - 00658776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-01 02:29 - 2016-08-20 07:52 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-01 02:29 - 2016-08-20 07:52 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-01 02:29 - 2016-08-20 07:51 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-01 02:29 - 2016-08-20 07:50 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-01 02:29 - 2016-08-20 07:50 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-01 02:29 - 2016-08-20 07:50 - 01099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-01 02:29 - 2016-08-20 07:50 - 00987992 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-01 02:29 - 2016-08-20 07:50 - 00942424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-01 02:29 - 2016-08-20 07:50 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-01 02:29 - 2016-08-20 07:50 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-01 02:29 - 2016-08-20 07:50 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-01 02:29 - 2016-08-20 07:50 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-01 02:29 - 2016-08-20 07:47 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-01 02:29 - 2016-08-20 07:47 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-01 02:29 - 2016-08-20 07:47 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-01 02:29 - 2016-08-20 07:46 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-01 02:29 - 2016-08-20 07:43 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-01 02:29 - 2016-08-20 07:42 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-01 02:29 - 2016-08-20 07:34 - 01430200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-01 02:29 - 2016-08-20 07:34 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-01 02:29 - 2016-08-20 07:34 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-01 02:29 - 2016-08-20 07:33 - 05722312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-01 02:29 - 2016-08-20 07:33 - 00852824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-01 02:29 - 2016-08-20 07:32 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-01 02:29 - 2016-08-20 07:32 - 00846552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-01 02:29 - 2016-08-20 07:29 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-01 02:29 - 2016-08-20 07:29 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-01 02:29 - 2016-08-20 07:29 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-01 02:29 - 2016-08-20 07:25 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-01 02:29 - 2016-08-20 07:22 - 22571008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-01 02:29 - 2016-08-20 07:22 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-01 02:29 - 2016-08-20 07:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-01 02:29 - 2016-08-20 07:21 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-01 02:29 - 2016-08-20 07:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-01 02:29 - 2016-08-20 07:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-01 02:29 - 2016-08-20 07:21 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-01 02:29 - 2016-08-20 07:21 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-01 02:29 - 2016-08-20 07:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-01 02:29 - 2016-08-20 07:20 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-01 02:29 - 2016-08-20 07:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-01 02:29 - 2016-08-20 07:20 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-01 02:29 - 2016-08-20 07:20 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-01 02:29 - 2016-08-20 07:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-01 02:29 - 2016-08-20 07:19 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-01 02:29 - 2016-08-20 07:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-01 02:29 - 2016-08-20 07:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-01 02:29 - 2016-08-20 07:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-01 02:29 - 2016-08-20 07:18 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-09-01 02:29 - 2016-08-20 07:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-01 02:29 - 2016-08-20 07:17 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-09-01 02:29 - 2016-08-20 07:17 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-01 02:29 - 2016-08-20 07:17 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-01 02:29 - 2016-08-20 07:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-01 02:29 - 2016-08-20 07:16 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-01 02:29 - 2016-08-20 07:16 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-01 02:29 - 2016-08-20 07:16 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-01 02:29 - 2016-08-20 07:15 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-01 02:29 - 2016-08-20 07:15 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-01 02:29 - 2016-08-20 07:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-01 02:29 - 2016-08-20 07:15 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-01 02:29 - 2016-08-20 07:15 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-09-01 02:29 - 2016-08-20 07:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-01 02:29 - 2016-08-20 07:14 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-01 02:29 - 2016-08-20 07:14 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-01 02:29 - 2016-08-20 07:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-01 02:29 - 2016-08-20 07:14 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-01 02:29 - 2016-08-20 07:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-01 02:29 - 2016-08-20 07:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-01 02:29 - 2016-08-20 07:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-01 02:29 - 2016-08-20 07:13 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-01 02:29 - 2016-08-20 07:13 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-01 02:29 - 2016-08-20 07:13 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-01 02:29 - 2016-08-20 07:12 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-01 02:29 - 2016-08-20 07:12 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-01 02:29 - 2016-08-20 07:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-01 02:29 - 2016-08-20 07:12 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-01 02:29 - 2016-08-20 07:12 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-01 02:29 - 2016-08-20 07:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-01 02:29 - 2016-08-20 07:12 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-01 02:29 - 2016-08-20 07:11 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-09-01 02:29 - 2016-08-20 07:11 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-01 02:29 - 2016-08-20 07:11 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-01 02:29 - 2016-08-20 07:11 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-01 02:29 - 2016-08-20 07:11 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-01 02:29 - 2016-08-20 07:10 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-01 02:29 - 2016-08-20 07:10 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-01 02:29 - 2016-08-20 07:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-01 02:29 - 2016-08-20 07:09 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-01 02:29 - 2016-08-20 07:09 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-01 02:29 - 2016-08-20 07:09 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-01 02:29 - 2016-08-20 07:09 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-01 02:29 - 2016-08-20 07:08 - 01906176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-01 02:29 - 2016-08-20 07:08 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-01 02:29 - 2016-08-20 07:08 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-01 02:29 - 2016-08-20 07:08 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-01 02:29 - 2016-08-20 07:08 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-01 02:29 - 2016-08-20 07:08 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-01 02:29 - 2016-08-20 07:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-01 02:29 - 2016-08-20 07:06 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-01 02:29 - 2016-08-20 07:06 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-01 02:29 - 2016-08-20 07:05 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-01 02:29 - 2016-08-20 07:05 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-01 02:29 - 2016-08-20 07:04 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-01 02:29 - 2016-08-20 07:04 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-01 02:29 - 2016-08-20 07:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-01 02:29 - 2016-08-20 07:04 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-01 02:29 - 2016-08-20 07:04 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-01 02:29 - 2016-08-20 07:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-01 02:29 - 2016-08-20 07:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-01 02:29 - 2016-08-20 07:03 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-01 02:29 - 2016-08-20 07:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-01 02:29 - 2016-08-20 07:03 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-01 02:29 - 2016-08-20 07:03 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-01 02:29 - 2016-08-20 07:02 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-01 02:29 - 2016-08-20 07:01 - 04612096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-01 02:29 - 2016-08-20 07:01 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-01 02:29 - 2016-08-20 07:01 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-01 02:29 - 2016-08-20 07:00 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-01 02:29 - 2016-08-20 07:00 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-01 02:29 - 2016-08-20 07:00 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-01 02:29 - 2016-08-20 07:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-01 02:29 - 2016-08-20 06:58 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-01 02:29 - 2016-08-20 06:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-01 02:29 - 2016-08-20 06:57 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-01 02:29 - 2016-08-20 06:57 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-01 02:29 - 2016-08-20 06:57 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-01 02:29 - 2016-08-20 06:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-01 02:29 - 2016-08-20 06:55 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-01 02:29 - 2016-08-20 06:55 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-01 02:29 - 2016-08-20 06:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-01 02:29 - 2016-08-20 06:53 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-01 02:29 - 2016-08-20 06:53 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-01 02:29 - 2016-08-20 06:53 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-01 02:29 - 2016-08-20 06:52 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-01 02:29 - 2016-08-20 06:51 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-01 02:29 - 2016-08-20 06:51 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-01 02:29 - 2016-08-20 06:51 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-01 02:29 - 2016-08-20 06:50 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-01 02:29 - 2016-08-20 06:49 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-01 02:29 - 2016-08-20 06:46 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-01 02:29 - 2016-08-19 03:33 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-09-01 02:09 - 2016-09-01 02:08 - 00000390 _____ C:\Users\hochs\Desktop\product-file-76929a54-3505-4045-9b2f-a770f169c5dc-20160901-0208.bin
2016-09-01 01:03 - 2016-09-01 01:03 - 00001154 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-09-01 01:03 - 2016-09-01 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-09-01 01:00 - 2016-09-01 01:01 - 00001401 _____ C:\Users\Public\Desktop\DVBLink Viewer.lnk
2016-09-01 01:00 - 2016-09-01 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVBLink
2016-09-01 01:00 - 2016-09-01 01:00 - 00000000 ____D C:\Program Files (x86)\DVBLogic
2016-09-01 00:26 - 2016-09-01 00:26 - 00002081 _____ C:\Users\Public\Desktop\TraXEx-Schredder.lnk
2016-09-01 00:26 - 2016-09-01 00:26 - 00002059 _____ C:\Users\Public\Desktop\TraXEx-Löschautomat.lnk
2016-09-01 00:26 - 2016-09-01 00:26 - 00002051 _____ C:\Users\Public\Desktop\TraXEx 7.0.lnk
2016-09-01 00:26 - 2016-09-01 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TraXEx 7.0
2016-08-31 06:10 - 2016-08-31 06:11 - 93009920 _____ C:\Users\hochs\Desktop\PlexMediaServer-1.0.3.2461-35f0caa-x86.spk
2016-08-31 05:48 - 2016-08-31 05:48 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-08-30 18:28 - 2016-08-30 18:29 - 00000000 ____D C:\Users\hochs\AppData\Local\CloudStation
2016-08-30 18:28 - 2016-08-30 18:28 - 00001368 _____ C:\Users\Public\Desktop\Synology Cloud Station Drive.lnk
2016-08-30 18:25 - 2016-08-30 18:27 - 00000000 ____D C:\Users\hochs\AppData\Local\CloudStationBackup
2016-08-30 18:25 - 2016-08-30 18:25 - 00001410 _____ C:\Users\Public\Desktop\Synology Cloud Station Backup.lnk
2016-08-30 18:25 - 2016-08-30 18:25 - 00000042 ____H C:\Users\hochs\.uuid
2016-08-30 13:53 - 2016-08-30 13:53 - 00002065 _____ C:\Users\hochs\Desktop\Paltalk Messenger.lnk
2016-08-30 13:53 - 2016-08-30 13:53 - 00001186 _____ C:\Users\hochs\Desktop\Upgrade to Paltalk Extreme.lnk
2016-08-30 13:53 - 2016-08-30 13:53 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
2016-08-30 09:18 - 2016-08-30 09:19 - 00313742 _____ C:\TDSSKiller.3.1.0.11_30.08.2016_09.18.51_log.txt
2016-08-30 09:18 - 2016-08-30 09:18 - 04747704 _____ (AO Kaspersky Lab) C:\Users\hochs\Desktop\tdsskiller.exe
2016-08-30 02:57 - 2016-08-30 18:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology
2016-08-30 02:57 - 2016-08-30 18:28 - 00000000 ____D C:\Program Files (x86)\Synology
2016-08-30 02:57 - 2016-08-30 02:57 - 00001248 _____ C:\Users\Public\Desktop\Synology Assistant.lnk
2016-08-30 02:57 - 2016-08-30 02:57 - 00000000 ____D C:\ProgramData\Synology
2016-08-29 17:14 - 2016-08-29 17:14 - 00000000 ____D C:\Users\hochs\Desktop\Unpacked
2016-08-29 15:58 - 2016-08-29 16:06 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
2016-08-29 15:58 - 2016-08-29 15:58 - 00001201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2016-08-29 15:58 - 2016-08-29 15:58 - 00001189 _____ C:\Users\hochs\Desktop\KeePass 2.lnk
2016-08-28 19:03 - 2016-08-28 19:03 - 00000000 ____D C:\Users\hochs\AppData\Local\enchant
2016-08-28 18:11 - 2016-08-28 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HexChat
2016-08-28 18:11 - 2016-08-28 18:11 - 00000000 ____D C:\Program Files\HexChat
2016-08-28 14:02 - 2016-08-31 07:27 - 00519917 _____ C:\WINDOWS\system32\Drivers\etc\hosts.hitmanpro
2016-08-28 13:48 - 2016-08-28 13:48 - 00490651 _____ C:\Users\hochs\AppData\Local\census.cache
2016-08-28 13:48 - 2016-08-28 13:48 - 00187693 _____ C:\Users\hochs\AppData\Local\ars.cache
2016-08-28 13:41 - 2016-08-28 13:41 - 00000000 ____D C:\Users\hochs\AppData\Local\Macromedia
2016-08-28 13:29 - 2016-08-28 13:29 - 00000036 _____ C:\Users\hochs\AppData\Local\housecall.guid.cache
2016-08-28 12:08 - 2016-08-28 12:08 - 00000000 ____D C:\Program Files (x86)\ESET
2016-08-28 11:05 - 2016-09-01 13:36 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-08-28 10:48 - 2016-09-08 21:18 - 00000000 ____D C:\FRST
2016-08-28 09:58 - 2016-08-28 09:58 - 00001347 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box.lnk
2016-08-28 09:58 - 2016-08-28 09:58 - 00001335 _____ C:\Users\Public\Desktop\Browser in the Box.lnk
2016-08-28 09:58 - 2016-08-28 09:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box
2016-08-28 09:57 - 2016-08-28 09:57 - 00000000 ____D C:\ProgramData\Sirrix AG
2016-08-28 09:57 - 2016-08-28 09:57 - 00000000 ____D C:\Program Files (x86)\Sirrix AG
2016-08-28 09:55 - 2016-08-28 09:55 - 00000000 ____D C:\Program Files\Oracle
2016-08-28 09:41 - 2016-08-28 09:41 - 00000000 ____D C:\Program Files\Common Files\AV
2016-08-28 09:41 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-08-28 09:39 - 2016-09-01 16:10 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-28 09:39 - 2016-09-01 15:23 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-28 09:39 - 2016-08-28 09:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-08-28 03:09 - 2016-08-06 06:17 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-08-28 03:09 - 2016-08-06 06:08 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-28 03:09 - 2016-08-06 06:08 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-28 03:09 - 2016-08-06 06:08 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-08-28 03:09 - 2016-08-06 06:04 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-08-28 03:09 - 2016-08-06 06:03 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-28 03:09 - 2016-08-06 06:03 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-08-28 03:09 - 2016-08-06 06:03 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-08-28 03:09 - 2016-08-06 06:03 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-08-28 03:09 - 2016-08-06 06:03 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-08-28 03:09 - 2016-08-06 06:02 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-28 03:09 - 2016-08-06 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-08-28 03:09 - 2016-08-06 05:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-08-28 03:09 - 2016-08-06 05:48 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-08-28 03:09 - 2016-08-06 05:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-08-28 03:09 - 2016-08-06 05:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-08-28 03:09 - 2016-08-06 05:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-08-28 03:09 - 2016-08-06 05:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-08-28 03:09 - 2016-08-06 05:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-08-28 03:09 - 2016-08-06 05:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-08-28 03:09 - 2016-08-06 05:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-08-28 03:09 - 2016-08-06 05:44 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-08-28 03:09 - 2016-08-06 05:44 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-08-28 03:09 - 2016-08-06 05:41 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-28 03:09 - 2016-08-06 05:41 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-08-28 03:09 - 2016-08-06 05:41 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-08-28 03:09 - 2016-08-06 05:40 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-28 03:09 - 2016-08-06 05:39 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-08-28 03:09 - 2016-08-06 05:37 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-28 03:09 - 2016-08-06 05:31 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-28 03:09 - 2016-08-06 05:30 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-28 03:09 - 2016-08-06 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-08-28 03:09 - 2016-08-06 05:28 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-08-28 03:09 - 2016-08-06 05:28 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-08-28 03:09 - 2016-08-06 05:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-08-28 03:09 - 2016-08-06 05:26 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-08-28 03:09 - 2016-08-06 05:26 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-28 03:09 - 2016-08-06 05:25 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-28 03:09 - 2016-08-06 05:24 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-28 03:09 - 2016-08-06 05:23 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-08-28 03:09 - 2016-08-06 05:21 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-28 03:09 - 2016-08-05 11:10 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-08-28 03:09 - 2016-08-05 10:29 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-08-28 03:09 - 2016-08-05 10:23 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-08-28 03:09 - 2016-08-05 10:20 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-08-28 03:09 - 2016-08-05 10:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-08-28 03:08 - 2016-08-06 06:33 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-08-28 03:08 - 2016-08-06 06:31 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-28 03:08 - 2016-08-06 06:31 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-08-28 03:08 - 2016-08-06 06:29 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-08-28 03:08 - 2016-08-06 06:29 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-08-28 03:08 - 2016-08-06 06:26 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-08-28 03:08 - 2016-08-06 06:23 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-28 03:08 - 2016-08-06 06:18 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-28 03:08 - 2016-08-06 06:18 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-28 03:08 - 2016-08-06 06:18 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-08-28 03:08 - 2016-08-06 06:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-28 03:08 - 2016-08-06 06:17 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-08-28 03:08 - 2016-08-06 06:17 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-28 03:08 - 2016-08-06 06:16 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-28 03:08 - 2016-08-06 06:15 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-08-28 03:08 - 2016-08-06 06:13 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-28 03:08 - 2016-08-06 06:13 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-28 03:08 - 2016-08-06 06:13 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-08-28 03:08 - 2016-08-06 06:13 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-08-28 03:08 - 2016-08-06 06:13 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-28 03:08 - 2016-08-06 06:13 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-08-28 03:08 - 2016-08-06 06:09 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-28 03:08 - 2016-08-06 06:08 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-28 03:08 - 2016-08-06 06:08 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-08-28 03:08 - 2016-08-06 06:08 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-28 03:08 - 2016-08-06 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-08-28 03:08 - 2016-08-06 05:48 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-08-28 03:08 - 2016-08-06 05:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-08-28 03:08 - 2016-08-06 05:48 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-08-28 03:08 - 2016-08-06 05:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-28 03:08 - 2016-08-06 05:47 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-08-28 03:08 - 2016-08-06 05:47 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-08-28 03:08 - 2016-08-06 05:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-08-28 03:08 - 2016-08-06 05:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-08-28 03:08 - 2016-08-06 05:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-08-28 03:08 - 2016-08-06 05:46 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-08-28 03:08 - 2016-08-06 05:46 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-08-28 03:08 - 2016-08-06 05:46 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-08-28 03:08 - 2016-08-06 05:46 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-28 03:08 - 2016-08-06 05:45 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-08-28 03:08 - 2016-08-06 05:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-08-28 03:08 - 2016-08-06 05:45 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-08-28 03:08 - 2016-08-06 05:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-08-28 03:08 - 2016-08-06 05:44 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2016-08-28 03:08 - 2016-08-06 05:44 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-08-28 03:08 - 2016-08-06 05:43 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-08-28 03:08 - 2016-08-06 05:43 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-08-28 03:08 - 2016-08-06 05:43 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-28 03:08 - 2016-08-06 05:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-08-28 03:08 - 2016-08-06 05:42 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-28 03:08 - 2016-08-06 05:41 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-08-28 03:08 - 2016-08-06 05:41 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-08-28 03:08 - 2016-08-06 05:41 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-08-28 03:08 - 2016-08-06 05:41 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-08-28 03:08 - 2016-08-06 05:41 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-08-28 03:08 - 2016-08-06 05:40 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-28 03:08 - 2016-08-06 05:40 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-08-28 03:08 - 2016-08-06 05:40 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-08-28 03:08 - 2016-08-06 05:40 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-08-28 03:08 - 2016-08-06 05:39 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-08-28 03:08 - 2016-08-06 05:39 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-08-28 03:08 - 2016-08-06 05:39 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-08-28 03:08 - 2016-08-06 05:38 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-28 03:08 - 2016-08-06 05:38 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-28 03:08 - 2016-08-06 05:36 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-08-28 03:08 - 2016-08-06 05:33 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-08-28 03:08 - 2016-08-06 05:33 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-08-28 03:08 - 2016-08-06 05:31 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-28 03:08 - 2016-08-06 05:31 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-08-28 03:08 - 2016-08-06 05:31 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-08-28 03:08 - 2016-08-06 05:31 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-08-28 03:08 - 2016-08-06 05:30 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-28 03:08 - 2016-08-06 05:29 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-28 03:08 - 2016-08-06 05:29 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-08-28 03:08 - 2016-08-06 05:29 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-08-28 03:08 - 2016-08-06 05:29 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-08-28 03:08 - 2016-08-06 05:26 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-28 03:08 - 2016-08-06 05:25 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-08-28 03:08 - 2016-08-06 05:24 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-28 03:08 - 2016-08-06 05:23 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-08-28 03:08 - 2016-08-06 05:23 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-28 03:08 - 2016-08-06 05:23 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-28 03:08 - 2016-08-06 05:23 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-28 03:08 - 2016-08-06 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-08-28 03:08 - 2016-08-06 05:23 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-28 03:08 - 2016-08-06 05:23 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-08-28 03:08 - 2016-08-06 05:19 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-08-28 03:08 - 2016-08-06 05:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-28 03:08 - 2016-08-05 11:14 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-08-28 03:08 - 2016-08-05 11:12 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-28 03:08 - 2016-08-05 11:05 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-08-28 03:08 - 2016-08-05 10:28 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-08-28 03:08 - 2016-08-05 10:22 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-08-28 03:08 - 2016-08-05 10:20 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-08-28 03:08 - 2016-08-05 10:08 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-08-28 01:41 - 2016-09-01 00:22 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-08-28 01:41 - 2016-08-28 01:44 - 00001093 _____ C:\Users\hochs\Desktop\Internet Download Manager.lnk
2016-08-28 01:41 - 2016-08-28 01:41 - 00000000 ____D C:\ProgramData\IDM
2016-08-28 01:15 - 2016-09-04 12:32 - 00000000 ____D C:\Users\hochs\AppData\Local\Free Download Manager
2016-08-27 20:37 - 2016-08-27 20:37 - 00001918 _____ C:\Users\Public\Desktop\Star Downloader.lnk
2016-08-27 20:37 - 2016-08-27 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Downloader
2016-08-27 20:37 - 2016-08-27 20:37 - 00000000 ____D C:\Program Files (x86)\Star Downloader
2016-08-27 20:11 - 2016-08-27 20:11 - 00001348 _____ C:\Users\hochs\Desktop\4K Video Downloader.lnk
2016-08-27 20:11 - 2016-08-27 20:11 - 00000000 ____D C:\Users\hochs\AppData\Local\4kdownload.com
2016-08-27 20:11 - 2016-08-27 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2016-08-27 20:11 - 2016-08-27 20:11 - 00000000 ____D C:\Program Files (x86)\4KDownload
2016-08-27 09:14 - 2016-08-27 09:14 - 00000838 _____ C:\Users\hochs\Documents\psr7.lic
2016-08-27 09:13 - 2016-08-27 09:55 - 00548864 _____ C:\Users\hochs\Documents\Passwort.ps7
2016-08-27 09:07 - 2016-08-27 09:07 - 00001214 _____ C:\Users\Public\Desktop\Password Safe 7.lnk
2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Password Safe and Repository 7
2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\ProgramData\InstallMate
2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\Program Files (x86)\Password Safe and Repository 7
2016-08-27 08:08 - 2016-08-27 08:08 - 00001542 _____ C:\Users\Public\Desktop\Ein-Klick-Optimierung (WO14).lnk
2016-08-27 08:08 - 2016-08-27 08:08 - 00001314 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 14.lnk
2016-08-27 08:08 - 2016-08-27 08:08 - 00000214 _____ C:\Users\Public\Desktop\My Software Deals.url
2016-08-27 08:08 - 2016-08-27 08:08 - 00000000 ____D C:\ProgramData\Ashampoo
2016-08-26 16:31 - 2016-08-26 16:31 - 00001158 _____ C:\Users\Public\Desktop\My LastPass Vault.lnk
2016-08-26 16:31 - 2016-08-26 16:31 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2016-08-26 16:31 - 2016-08-26 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2016-08-26 16:30 - 2016-08-26 16:31 - 00000000 ____D C:\Program Files (x86)\LastPass
2016-08-26 16:03 - 2016-09-08 20:37 - 00000000 ____D C:\Users\hochs\AppData\LocalLow\LastPass
2016-08-25 18:26 - 2016-08-25 18:26 - 00331104 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file2355.sys
2016-08-25 18:26 - 2016-08-25 18:26 - 00181088 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2263.sys
2016-08-25 18:26 - 2016-08-25 18:26 - 00000000 ____D C:\ProgramData\Acronis Mobile Backup Data
2016-08-24 04:24 - 2016-08-24 04:24 - 00142170 _____ C:\Users\hochs\Documents\Invoice_9636875_3300331493042016.pdf
2016-08-24 04:23 - 2016-08-24 04:23 - 00071918 _____ C:\Users\hochs\Documents\Details_9636875_3300765375082016_10000149531615.pdf
2016-08-24 04:17 - 2016-08-24 04:27 - 204759040 _____ C:\Users\hochs\Documents\DSM_DS214+_8451.pat
2016-08-23 18:31 - 2016-08-23 18:31 - 00000000 ____D C:\Users\hochs\AppData\Local\Deployment
2016-08-22 19:57 - 2016-08-22 19:57 - 00002126 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-08-22 19:57 - 2016-08-22 19:57 - 00002124 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-08-22 19:57 - 2016-08-22 19:57 - 00002114 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-08-22 19:57 - 2016-08-22 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-08-22 19:32 - 2016-08-22 19:32 - 00000000 ____D C:\Snort
2016-08-22 19:30 - 2016-08-22 19:30 - 00000000 ____D C:\ProgramData\AVAST Software
2016-08-21 04:04 - 2016-08-21 04:04 - 00000000 ____D C:\ProgramData\Wondershare
2016-08-21 04:03 - 2016-08-21 04:03 - 00000000 ____D C:\Users\hochs\AppData\Local\CrashRpt
2016-08-21 04:03 - 2016-08-21 04:03 - 00000000 ____D C:\Users\hochs\AppData\Local\BMExplorer
2016-08-20 15:12 - 2016-08-20 15:12 - 00000000 ____D C:\Users\hochs\AppData\Local\PeerDistRepub
2016-08-20 14:01 - 2016-08-30 02:39 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iStripper
2016-08-20 10:41 - 2016-08-20 10:41 - 00000000 ____D C:\Users\hochs\AppData\Local\Remove_Empty_Directories
2016-08-20 10:36 - 2016-08-20 10:36 - 00001179 _____ C:\Users\Public\Desktop\Remove Empty Directories.lnk
2016-08-20 10:36 - 2016-08-20 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remove Empty Directories
2016-08-20 10:36 - 2016-08-20 10:36 - 00000000 ____D C:\Program Files (x86)\Remove Empty Directories
2016-08-19 22:36 - 2016-08-20 07:39 - 00001150 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-19 22:36 - 2016-08-20 07:39 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-19 22:36 - 2016-08-19 22:41 - 00004208 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-19 22:36 - 2016-08-19 22:41 - 00003976 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-18 18:24 - 2016-09-08 21:07 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Yahoo Messenger
2016-08-18 18:24 - 2016-08-18 18:24 - 00002381 _____ C:\Users\hochs\Desktop\Yahoo Messenger.lnk
2016-08-18 18:24 - 2016-08-18 18:24 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yahoo! Inc
2016-08-18 18:24 - 2016-08-18 18:24 - 00000000 ____D C:\Users\hochs\AppData\Local\yahoomessenger
2016-08-18 00:10 - 2016-08-18 00:10 - 00002449 ____R C:\WINDOWS\RouterControl_Uninstall.in
2016-08-18 00:10 - 2009-05-19 13:49 - 00330344 _____ (Mirko Böer) C:\WINDOWS\RCoUn.EXE
2016-08-17 18:30 - 2016-09-01 00:26 - 00000000 ____D C:\Program Files (x86)\TraXEx
2016-08-17 00:17 - 2016-08-17 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-08-17 00:17 - 2016-08-17 00:17 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-08-17 00:17 - 2016-08-17 00:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-08-15 11:40 - 2016-08-15 11:40 - 00042064 _____ (Anchorfree Inc.) C:\WINDOWS\system32\Drivers\taphss6.sys
2016-08-15 03:42 - 2016-08-15 03:43 - 00000000 ____D C:\ProgramData\F-Secure
2016-08-15 03:42 - 2016-08-15 03:42 - 00000000 ____D C:\Users\hochs\AppData\Local\F-Secure
2016-08-14 16:05 - 2016-08-14 16:05 - 08981510 _____ C:\Users\hochs\Documents\DESKTOP-GBIJB17.arn
2016-08-14 15:56 - 2016-08-14 15:56 - 00000022 ___SH C:\Users\hochs\AppData\Roaming\App1755 Conf_DB.ind
2016-08-14 15:56 - 2016-08-14 15:56 - 00000022 ___SH C:\Users\hochs\AppData\Roaming\0BF913075E33065.xrd
2016-08-14 15:37 - 2016-08-30 02:39 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2016-08-14 15:37 - 2016-08-14 15:49 - 00000000 ____D C:\ProgramData\WindSolutions
2016-08-14 15:18 - 2016-08-14 15:18 - 00001428 _____ C:\Users\Public\Desktop\Wondershare TunesGo Retro.lnk
2016-08-14 15:18 - 2016-08-14 15:18 - 00000000 ____D C:\Users\hochs\AppData\Local\Wondershare
2016-08-14 15:18 - 2016-08-14 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2016-08-14 15:17 - 2016-08-14 15:17 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-08-14 14:29 - 2016-08-14 14:29 - 00002266 _____ C:\Users\Public\Desktop\Xilisoft Video Converter Ultimate.lnk
2016-08-14 14:29 - 2016-08-14 14:29 - 00000000 ____D C:\ProgramData\Xilisoft
2016-08-14 14:29 - 2016-08-14 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2016-08-14 14:29 - 2016-08-14 14:29 - 00000000 ____D C:\Program Files (x86)\Xilisoft
2016-08-14 14:22 - 2016-08-14 14:23 - 00000000 ____D C:\ProgramData\Freemake
2016-08-14 14:22 - 2016-08-14 14:22 - 00001408 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2016-08-14 14:22 - 2016-08-14 14:22 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2016-08-14 14:22 - 2016-08-14 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2016-08-14 14:22 - 2016-08-14 14:22 - 00000000 ____D C:\Program Files (x86)\Freemake
2016-08-14 13:35 - 2016-08-14 13:35 - 00000000 ____D C:\Users\hochs\Documents\Benutzerdefinierte Office-Vorlagen
2016-08-14 12:55 - 2016-08-14 12:55 - 00000000 ____D C:\Users\hochs\AppData\Local\CrashReportClient
2016-08-14 12:21 - 2016-08-14 12:21 - 00000000 ____D C:\Program Files\Epic Games
2016-08-14 12:19 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-08-14 12:19 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-08-14 12:19 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-08-14 12:19 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-08-14 12:19 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-08-14 12:19 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-08-14 12:19 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-08-14 12:18 - 2016-08-14 12:20 - 00002617 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2016-08-14 12:18 - 2016-08-14 12:20 - 00002605 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2016-08-14 12:18 - 2016-08-14 12:19 - 00000000 ____D C:\ProgramData\Epic
2016-08-14 12:18 - 2016-08-14 12:18 - 00000000 ____D C:\Users\hochs\AppData\Local\UnrealEngine
2016-08-14 12:18 - 2016-08-14 12:18 - 00000000 ____D C:\Users\hochs\AppData\Local\EpicGamesLauncher
2016-08-14 12:18 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-08-13 23:41 - 2016-08-13 23:41 - 00000000 ____D C:\Program Files\CMAK
2016-08-13 23:41 - 2016-08-13 23:41 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-08-13 10:03 - 2016-08-13 10:03 - 00000000 ___HD C:\$Windows.~WS
2016-08-12 22:02 - 2016-08-12 22:02 - 00001961 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2016-08-12 22:02 - 2016-08-12 22:02 - 00001949 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2016-08-12 22:02 - 2016-08-12 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2016-08-12 22:02 - 2016-08-12 22:02 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2016-08-12 21:20 - 2016-08-12 21:20 - 00000000 ____D C:\Users\hochs\AppData\Local\Disc_Soft_Ltd
2016-08-10 05:51 - 2016-08-02 10:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-10 05:51 - 2016-08-02 10:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-10 05:51 - 2016-08-02 09:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 05:51 - 2016-08-02 06:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 05:51 - 2016-07-22 03:32 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-10 05:51 - 2016-07-22 03:25 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-10 05:51 - 2016-07-22 03:18 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-10 05:51 - 2016-07-22 03:18 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-10 05:51 - 2016-07-22 03:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-10 05:51 - 2016-07-22 02:32 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-10 05:51 - 2016-07-22 02:31 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-09 20:38 - 2016-08-09 20:38 - 00047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2016-08-09 20:38 - 2016-08-09 20:38 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2016-08-09 20:38 - 2016-08-09 20:38 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-08-09 20:09 - 2016-08-09 20:09 - 00002315 _____ C:\Users\hochs\Desktop\RT 7 Lite (64-Bit).lnk
2016-08-09 20:09 - 2016-08-09 20:09 - 00000000 ____D C:\WINDOWS\system32\RT 7 Lite
2016-08-09 20:09 - 2016-08-09 20:09 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockers Team
2016-08-09 20:09 - 2016-08-09 20:09 - 00000000 ____D C:\Program Files\Rockers Team
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-08 21:12 - 2016-07-17 00:51 - 02177114 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-08 21:12 - 2016-07-17 00:51 - 00557574 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-08 21:12 - 2016-05-20 20:58 - 04552306 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-08 21:07 - 2016-05-20 21:29 - 00000000 ___RD C:\Users\hochs\iCloudDrive
2016-09-08 21:06 - 2016-08-07 14:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-08 21:06 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-09-08 21:05 - 2016-06-23 07:03 - 00000000 ____D C:\Users\hochs\Documents\Outlook-Dateien
2016-09-08 20:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-08 20:37 - 2016-06-11 01:57 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-09-08 06:41 - 2016-08-07 14:17 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-07 18:40 - 2016-05-20 21:32 - 00000000 ____D C:\Users\hochs\AppData\Local\JDownloader 2.0
2016-09-07 17:06 - 2016-08-08 17:15 - 00000000 ____D C:\AdwCleaner
2016-09-07 17:06 - 2016-06-03 03:46 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-09-05 18:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-09-04 14:26 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-09-04 14:26 - 2016-05-20 20:53 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-04 14:25 - 2016-07-17 00:56 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-09-04 13:54 - 2016-05-21 09:20 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-04 13:27 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-04 12:07 - 2016-08-07 14:19 - 00000000 ____D C:\Users\hochs
2016-09-04 11:59 - 2016-07-24 16:54 - 00000000 ____D C:\Users\hochs\.mediathek3
2016-09-04 11:38 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-04 11:38 - 2016-05-20 20:53 - 00000000 ____D C:\Users\hochs\AppData\Local\Packages
2016-09-04 05:15 - 2016-07-24 21:14 - 00000000 ____D C:\Users\hochs\AppData\Local\Glance
2016-09-02 13:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-02 09:15 - 2016-05-31 18:39 - 00000000 ____D C:\ProgramData\Atheros
2016-09-02 03:24 - 2016-05-22 18:12 - 00000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForhochs.job
2016-09-01 18:18 - 2016-08-07 14:25 - 00003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForhochs
2016-09-01 16:26 - 2016-07-30 11:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-01 16:24 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-01 16:24 - 2016-05-20 21:41 - 00000000 ____D C:\WINDOWS\ShellNew
2016-09-01 16:24 - 2016-05-20 21:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-01 16:23 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-01 16:23 - 2016-05-20 21:41 - 00000167 _____ C:\WINDOWS\win.ini
2016-09-01 14:28 - 2016-06-11 05:17 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-09-01 13:39 - 2016-06-22 12:03 - 00000000 ____D C:\Program Files\PeerBlock
2016-09-01 13:35 - 2016-08-07 09:03 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-09-01 13:11 - 2016-05-20 21:27 - 00075803 _____ C:\bdlog.txt
2016-09-01 10:18 - 2016-08-07 09:09 - 00001051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-09-01 10:18 - 2016-08-07 09:09 - 00001039 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-09-01 08:40 - 2016-05-21 05:50 - 00000000 ____D C:\Users\hochs\AppData\LocalLow\Adobe
2016-09-01 08:40 - 2016-05-21 05:48 - 00000000 ____D C:\Users\hochs\AppData\Local\Adobe
2016-09-01 08:39 - 2016-05-20 20:55 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-01 02:26 - 2016-07-16 13:43 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-09-01 02:26 - 2016-07-16 13:43 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-09-01 02:26 - 2016-07-16 13:43 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-01 02:26 - 2016-07-16 13:43 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-01 02:26 - 2016-07-16 13:42 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-09-01 02:26 - 2016-07-16 13:42 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-01 02:26 - 2016-07-16 13:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-09-01 02:26 - 2016-07-16 13:42 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-01 02:26 - 2016-07-16 13:42 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-01 02:26 - 2016-07-16 13:42 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-01 02:26 - 2016-07-16 13:42 - 00079544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-01 02:26 - 2016-07-16 13:42 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-01 02:26 - 2016-07-16 13:42 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-01 02:26 - 2016-07-16 13:42 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-01 01:03 - 2016-05-21 06:57 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-09-01 00:30 - 2016-07-16 08:04 - 00065536 _____ C:\WINDOWS\system32\config\ELAM
2016-08-31 17:43 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-31 06:34 - 2016-05-29 18:43 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2016-08-31 06:34 - 2016-05-29 18:43 - 00001161 _____ C:\Users\Public\Desktop\WinSCP.lnk
2016-08-31 06:34 - 2016-05-29 18:43 - 00000000 ____D C:\Program Files (x86)\WinSCP
2016-08-30 02:29 - 2016-05-21 05:47 - 00000000 ____D C:\ProgramData\Adobe
2016-08-28 14:02 - 2016-05-21 05:48 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-08-27 08:08 - 2016-05-29 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-08-27 08:08 - 2016-05-29 19:27 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2016-08-27 04:28 - 2016-07-30 11:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-26 16:05 - 2016-07-30 11:57 - 00000000 ____D C:\Users\hochs\AppData\Local\Mozilla
2016-08-26 15:57 - 2016-07-30 11:57 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-26 15:57 - 2016-07-30 11:57 - 00001231 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-26 07:43 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-08-26 07:43 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-08-25 18:39 - 2016-05-20 21:00 - 00000000 ____D C:\ProgramData\Acronis
2016-08-25 18:26 - 2016-05-20 21:01 - 01267544 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00687968 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00375136 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00368480 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00331104 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00212320 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00181088 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00001297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2016-08-25 18:26 - 2016-05-20 21:01 - 00001285 _____ C:\Users\Public\Desktop\Acronis True Image.lnk
2016-08-25 18:22 - 2016-05-20 21:26 - 00000000 ____D C:\Users\hochs\AppData\Local\Apple
2016-08-24 03:38 - 2016-07-16 13:43 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-23 18:31 - 2016-05-28 10:47 - 00000000 ____D C:\Users\hochs\AppData\Local\Apps\2.0
2016-08-22 19:57 - 2016-05-20 20:55 - 00000000 ____D C:\Users\hochs\AppData\Local\Google
2016-08-21 16:04 - 2016-05-20 21:27 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Apple Computer
2016-08-21 04:03 - 2016-05-20 21:27 - 00000000 ____D C:\Users\hochs\AppData\Local\Apple Computer
2016-08-20 18:43 - 2016-05-27 07:02 - 00001390 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2016-08-20 18:43 - 2016-05-27 07:02 - 00001329 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-08-20 18:43 - 2016-05-27 07:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-08-20 18:43 - 2016-05-27 07:02 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-08-20 16:20 - 2016-05-20 20:55 - 00000000 ____D C:\Users\hochs\AppData\Local\MicrosoftEdge
2016-08-20 10:41 - 2016-08-06 09:27 - 00000000 ____D C:\xampp2
2016-08-20 10:41 - 2016-08-06 09:16 - 00000000 ____D C:\xampp
2016-08-20 10:40 - 2016-07-15 20:16 - 00000000 ____D C:\Users\hochs\AppData\Local\PrivaZer
2016-08-20 10:37 - 2016-08-06 08:57 - 00000000 ____D C:\Users\hochs\.mythtv
2016-08-20 10:37 - 2016-05-20 20:53 - 00000000 ____D C:\Users\hochs\AppData\Local\Comms
2016-08-20 07:37 - 2016-08-06 09:19 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-08-18 18:26 - 2016-08-06 11:42 - 00000000 ____D C:\Users\hochs\AppData\Local\SquirrelTemp
2016-08-17 01:11 - 2016-08-07 15:17 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-15 04:20 - 2016-07-09 04:00 - 00002126 _____ C:\Users\hochs\Desktop\cnlabSpeedTest.lnk
2016-08-15 04:20 - 2016-07-09 04:00 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\cnlab AG
2016-08-15 04:20 - 2016-07-09 04:00 - 00000000 ____D C:\Users\hochs\AppData\Local\cnlabSpeedTest
2016-08-14 12:18 - 2016-07-31 00:49 - 00000000 ____D C:\Program Files (x86)\Epic Games
2016-08-12 23:17 - 2016-05-21 10:19 - 00000000 ____D C:\Users\hochs\.VirtualBox
2016-08-12 23:00 - 2016-05-21 10:19 - 00000000 ____D C:\Users\hochs\VirtualBox VMs
2016-08-09 20:48 - 2016-08-07 14:26 - 00002563 _____ C:\WINDOWS\diagwrn.xml
2016-08-09 20:48 - 2016-08-07 14:26 - 00001908 _____ C:\WINDOWS\diagerr.xml
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-03-26 13:48 - 2015-03-26 13:48 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2016-09-01 13:12 - 2016-09-01 13:12 - 0238909 _____ () C:\ProgramData\1472728277.bdinstall.bin
2016-09-01 13:40 - 2016-09-01 13:40 - 0028335 _____ () C:\ProgramData\1472729999.bdinstall.bin
2016-05-21 06:09 - 2016-05-21 06:09 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0003439 _____ () C:\ProgramData\cfGH0330.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002297 _____ () C:\ProgramData\cfSB1580.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002244 _____ () C:\ProgramData\cfSB1590.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002595 _____ () C:\ProgramData\cfSB1600.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002595 _____ () C:\ProgramData\cfSB1610.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002244 _____ () C:\ProgramData\cfSB1700.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0003582 _____ () C:\ProgramData\cfSB1710.ini
2016-08-07 14:18 - 2016-08-07 14:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-01-26 00:34 - 2016-01-26 00:34 - 0057587 _____ () C:\ProgramData\SBXH7.cfg
Einige Dateien in TEMP:
====================
C:\Users\admin\AppData\Local\Temp\avgnt.exe
C:\Users\admin\AppData\Local\Temp\libeay32.dll
C:\Users\admin\AppData\Local\Temp\msvcr120.dll
C:\Users\admin\AppData\Local\Temp\sqlite3.dll
C:\Users\hochs\AppData\Local\Temp\avgnt.exe
C:\Users\hochs\AppData\Local\Temp\kernel32.dll
C:\Users\hochs\AppData\Local\Temp\proxy_vole1796711872680176794.dll
C:\Users\hochs\AppData\Local\Temp\proxy_vole1797863368897694260.dll
C:\Users\hochs\AppData\Local\Temp\proxy_vole2240034186095844922.dll
C:\Users\hochs\AppData\Local\Temp\proxy_vole7998053034528165035.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-09-07 18:44
==================== Ende von FRST.txt ============================
Gruss powerug |
|
08.09.2016, 20:37
| #13 |
| | Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus Log von Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von admin (08-09-2016 21:18:36)
Gestartet von D:\FRST
Windows 10 Pro Version 1607 (X64) (2016-08-07 12:29:07)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
admin (S-1-5-21-2615813048-3284018108-3599952075-1004 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-2615813048-3284018108-3599952075-500 - Administrator - Disabled) => C:\Users\Administrator
BitBox (S-1-5-21-2615813048-3284018108-3599952075-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-2615813048-3284018108-3599952075-503 - Limited - Disabled)
Gast (S-1-5-21-2615813048-3284018108-3599952075-501 - Limited - Disabled)
hochs (S-1-5-21-2615813048-3284018108-3599952075-1001 - Limited - Enabled) => C:\Users\hochs
HomeGroupUser$ (S-1-5-21-2615813048-3284018108-3599952075-1006 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.2.2075 - Open Media LLC)
Acronis True Image (HKLM-x32\...\{1D97407D-1C0C-4749-8A57-A57C17C71D45}Visible) (Version: 20.0.5534 - Acronis)
Acronis True Image (x32 Version: 20.0.5534 - Acronis) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{6E356EEF-203C-451B-9144-CBF099E3738A}) (Version: 4.54.55.1642 - Elcomsoft Co. Ltd.)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Internet Accelerator 3.20 (HKLM-x32\...\Ashampoo Internet Accelerator 3_is1) (Version: 3.2.0 - ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 14 (HKLM-x32\...\{4209F371-DEAB-BE89-2E8A-9643100258DD}_is1) (Version: 14.00.02 - Ashampoo GmbH & Co. KG)
Audials (HKLM-x32\...\{1FB97FD3-587A-41CC-BDE2-1651FDE7008F}) (Version: 14.1.4900.0 - Audials AG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.20.59 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 1.5.2.25975 - Avira Operations GmbH & Co. KG)
Avira Scout (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\{2e5cccd9-3da2-4641-b197-6d06e92643d0}) (Version: 16.7.11.945 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{96CADA13-A19B-4270-A536-A280EA510DB0}) (Version: 1.2.3.493 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 2.6.1.2751 - Avira Operations GmbH & Co. KG)
AviraScoutMsi (x32 Version: 16.07.11.00945 - Avira Operations GmbH & Co. KG) Hidden
BeeThink SpyDetector 2.0 (HKLM-x32\...\BeeThink SpyDetector_is1) (Version: - BeeThink SoftWare, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
Bria 4 (HKLM-x32\...\{446E2A79-E395-4FB2-98FE-B39A42153EF0}) (Version: 45.8.1133 - CounterPath Corporation)
Browser in the Box (HKLM-x32\...\BitBox) (Version: 4.3.2-r211 - Sirrix AG)
CamStudio (HKLM-x32\...\CamStudio) (Version: - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6139 - CDBurnerXP)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Clover 3.0 (HKLM-x32\...\Clover) (Version: 3.0 - EJIE Technology)
cnlabSpeedTest (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\{fxApplication}}_is1) (Version: 1.4.0 - cnlab AG)
CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.1713.60 - CyberLink Corp.)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 3.01 - NCH Software)
Design & Print (HKLM-x32\...\Design & Print 3.0.2) (Version: 3.0.2 - Avery Zweckform)
Disconnect Desktop (HKU\S-1-5-21-2615813048-3284018108-3599952075-1004\...\Disconnect Desktop 2.0.5) (Version: 2.0.5 - Disconnect)
Disconnect Desktop (x32 Version: 2.0.5 - Disconnect) Hidden
DoNotSpy10 (HKLM-x32\...\{32D066BD-F94C-4948-8FA8-84653EE9617E}_is1) (Version: 1.1.0.0 - pXc-coding.com)
DVBLink Viewer (HKLM-x32\...\{FE33BB16-65E4-41EA-AA5A-D3436058355D}) (Version: 6.0.0000 - DVBLogic)
DVR-Studio HD 3 (HKLM-x32\...\DVR-Studio HD 3) (Version: 3.21 - Haenlein-Software)
ELAN Touchpad 11.5.21.6_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.21.6 - ELAN Microelectronic Corp.)
EMDB 2.56 (HKLM-x32\...\EMDB_is1) (Version: - Wicked & Wild Inc.)
Epic Games Launcher (HKLM-x32\...\{C8E7C575-FCFA-46B2-8FC0-E8AC65501350}) (Version: 1.1.78.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.6.2.3 - Telerik)
FileBot (HKLM\...\{3C2F8747-8A77-4CF9-8751-83BEA632F148}) (Version: 4.7 - Reinhard Pointner)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.26.721 - Digital Wave Ltd)
Freemake Video Converter Version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.89 - Google Inc.)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HexChat (HKLM\...\HexChat_is1) (Version: 2.12.1 - HexChat)
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{9086D601-50B7-491D-A143-28193DADE36B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6700 Hilfe (HKLM-x32\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.37 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{724A887F-2B55-4306-B6F9-8F0E7A04B1B5}) (Version: 5.2.2.87 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IPTV Playlist Editor (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\b5c1fe538a4271cb) (Version: 1.2.0.0 - Jan Sušnik)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KaraFun Player 2 (HKLM-x32\...\KaraFun Player 2_is1) (Version: 2.2.10.1 - Recisio)
KeePass Password Safe 2.34 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.34 - Dominik Reichl)
Kodi (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Kodi) (Version: - XBMC-Foundation)
Kodi M3U IPTV Editor (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\9dd71a3ef5f76512) (Version: 1.3.6.0 - Gabriel Denys)
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version: - LastPass)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.3.1 (HKLM-x32\...\{26AC9666-A2C6-4D33-8370-A50F50F277C4}_is1) (Version: 1.3.1 - Sam Rodberg)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)
MyHarmony (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
MyMDb 3.6 (HKLM-x32\...\MyMDb_0) (Version: - )
MyMDb 3.6 (HKLM-x32\...\MyMDb_1) (Version: - )
Nero 2016 (HKLM-x32\...\{4297E807-5633-466A-8AC0-5AC48D310471}) (Version: 17.0.02000 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
OpenVPN 2.3.8-I601 (HKLM-x32\...\OpenVPN) (Version: 2.3.8-I601 - )
Oracle VM VirtualBox 5.0.20_Sirrix (HKLM\...\{D5D3DA57-5784-4703-845B-7AC08D13C4DE}) (Version: 5.0.20 - Sirrix AG)
Outils de vérification linguistique 2016 de Microsoft Office*- Français (x32 Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Paltalk Messenger 11.7 (HKLM-x32\...\Paltalk Messenger) (Version: 11.7.646.17836 - AVM Software Inc.)
Password Safe and Repository 7 (HKLM\...\{7B6F4DF3-57DA-49AD-8A6B-5639E9D66E8B}) (Version: 7.5.1.2259 - MATESO GmbH)
PeaZip 6.1.0 (WIN64) (HKLM\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: 6.1.0 - Giorgio Tani)
PeaZip configuration (WIN64) (HKLM\...\{4F8D60A8-C53D-47BD-AE5C-31AE6566D638}_is1) (Version: - Giorgio Tani)
Playlist Creator 3.6.2 (HKLM-x32\...\Playlist Creator 3.6.2) (Version: 3.6.2.0 - oddgravity)
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 3.0.7.0 - Goversoft LLC)
Python Launcher (HKLM-x32\...\{963ECCDD-F09F-4C24-9367-8B5D748AA7C8}) (Version: 3.5.2121.0 - Python Software Foundation)
Qt (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\{81da7fc6-efa6-4d35-b234-db73874b715f}) (Version: 2.0.3 - The Qt Company Ltd)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros Communications)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
RT 7 Lite (64-Bit) (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\RT 7 Lite x64) (Version: 2.6.0 - Rockers Team)
RT 7 Lite x64 (Version: 2.6.0 - Rockers Team) Hidden
Samsung Link 2.0.0.1603091618 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1603091618 - Samsung Electronics Co.,Ltd)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.7 - Samsung Electronics)
Samsung Portable SSD T3 (HKLM-x32\...\Samsung Portable SSD T3_is1) (Version: 1.3 - Samsung Electronics)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
Smart View (HKLM-x32\...\{C7B50A89-F1D6-41C1-9375-0AF0C4CFE66F}) (Version: 1.0.0.0 - Samsung )
SolveigMM AVI Trimmer+ Version 5.0.1603.23 (HKLM-x32\...\SolveigMM AVI Trimmer_is1) (Version: 5.0.1603.23 - Solveig Multimedia)
Star Downloader Free (HKLM-x32\...\Star Downloader Free) (Version: - )
Stashimi Stub Installer (x32 Version: 18.001.1 - Nero AG) Hidden
Sticky Password 8.0.8.116 (HKLM-x32\...\Sticky Password_is1) (Version: 8.0 - Lamantine Software)
Streaming Video Recorder V5.1.5 (HKLM-x32\...\{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1) (Version: 5.1.5 - APOWERSOFT LIMITED)
Strumenti di correzione di Microsoft Office 2016 - Italiano (x32 Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
Synology Cloud Station Backup (remove only) (HKLM\...\Synology Cloud Station Backup) (Version: 4.1.4224 - Synology, Inc.)
Synology Cloud Station Drive (remove only) (HKLM\...\Synology Cloud Station Drive) (Version: 4.1.4224 - Synology, Inc.)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
Total Network Inventory 3.2.6 (build 2170) (HKLM-x32\...\Total Network Inventory 3_is1) (Version: 3.2.6 (build 2170) - Softinventive Lab Inc.)
Total Network Monitor 2.2.0 build 5530 (HKLM-x32\...\Total Network Monitor 2_is1) (Version: 2.2.0.5530 - Softinventive Lab Inc.)
Total Recorder 8.6 Standard Edition (HKLM-x32\...\TotalRecorder) (Version: - )
TraXEx 7.0 (HKLM-x32\...\TraXEx_is1) (Version: 7.0.5.0 - Alexander Miehlke Softwareentwicklung)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Unreal Tournament 3 Black Edition (HKLM-x32\...\Unreal Tournament 3 Black Edition_is1) (Version: - )
Update for Skype for Business 2016 (KB3115087) 32-Bit Edition (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}_Office16.PROPLUS_{3548386C-51B2-4935-9EFC-76AB7048E4C0}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115087) 32-Bit Edition (HKLM-x32\...\{90160000-012B-0407-0000-0000000FF1CE}_Office16.PROPLUS_{3548386C-51B2-4935-9EFC-76AB7048E4C0}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WD My Cloud (HKLM\...\{8F19C800-80A5-4636-B560-39A58112D45B}) (Version: 1.0.4.37 - Western Digital Technologies, Inc.)
Web Stream Recorder (HKLM-x32\...\{8AAD9D0F-567C-4F8C-A0DA-1AB5B1243F68}_is1) (Version: 2015 - Bolide Software)
WhatsApp (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\WhatsApp) (Version: 0.2.1455 - WhatsApp)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17349 - Microsoft Corporation)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinSCP 5.9.1 (HKLM-x32\...\winscp3_is1) (Version: 5.9.1 - Martin Prikryl)
Wondershare TunesGo Retro ( Version 4.9.4 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 4.9.4 - Wondershare)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.23-0 - Bitnami)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.8.9.20150724 - Xilisoft)
Yahoo Messenger (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\yahoomessenger) (Version: 0.8.267 - Yahoo! Inc)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\hochs\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2615813048-3284018108-3599952075-1004_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {014A23F3-4FD2-4CC1-89F5-50C64F67DDA1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {0B31C88B-C034-447A-B8E0-8BF61BE68D8C} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-06-16] (Realtek Semiconductor)
Task: {0FA1FC81-0D50-4851-AC9F-2C2EAE5040FA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {194DD19D-B90E-4126-96BD-7E1DDE29E035} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {2151EF65-8E8C-444A-8F75-D90BB06DE0B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-19] (Google Inc.)
Task: {314B3FC5-739D-47A9-8702-E033F3877F43} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-06-16] (Realtek Semiconductor)
Task: {3A2C9311-F1E6-4C8E-BC84-28963425BD13} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {403891A6-380F-4B4D-9116-4D4E4D107905} - System32\Tasks\HPCeeScheduleForhochs => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {4F708D11-6462-461D-AD1A-A85CDB630AFF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {5AF9AC36-72BD-4969-B753-A860668E308B} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-06-16] (Realtek Semiconductor)
Task: {5C273A34-718A-4DB0-91C6-112B4C8BE155} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe [2016-08-07] (Samsung Electronics)
Task: {62DA9560-171B-40EF-8500-CA0D2108E695} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: {6440FA74-FEF2-45CC-A74A-33DA3DFC7D43} - System32\Tasks\Disconnect Desktop Updater => C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe [2015-09-23] (Disconnect)
Task: {65126962-FAF2-419E-AA5E-207404D56351} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {69150610-66DB-492D-AA16-C7922304FAD7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-19] (Google Inc.)
Task: {6C75780B-C958-436F-9B36-56BD2DC44DDE} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {78322402-802C-4E32-93A7-8BD20C1A6AD6} - System32\Tasks\IPTV-Aufnahme Teleclub => C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe [2016-01-19] (Apowersoft)
Task: {95397DA6-0DEF-4CC5-B6FA-635F80193EA2} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2016-05-13] (Samsung Electronics.)
Task: {BA059C9F-ED71-4C77-A4E7-CF7D5A77419C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {BD932F3F-F960-4A3B-9146-CBF0CEA98DCF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {C21528CB-8193-47C7-A21F-64C9F317D0C2} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe
Task: {C71A9BB8-F2FC-460A-92F8-10CB9CF6954D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C7C7393C-4D2D-4359-9920-EC35D89E8143} - System32\Tasks\Avira System Speedup Tray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2016-08-18] (Avira Operations GmbH & Co. KG)
Task: {CA58EC51-4051-4FD1-9F64-02DB8C292240} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-06-15] (HP Inc.)
Task: {DF31084A-F0BF-473E-A826-E5F32B090670} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {E627355A-F73B-4AF5-B3E1-3426007C6138} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForhochs.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-07 14:18 - 2016-06-03 05:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-18 07:41 - 2016-03-18 07:41 - 00248840 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2016-08-25 18:26 - 2016-08-25 18:26 - 06086744 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2016-08-21 14:38 - 2016-08-21 14:38 - 01277688 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2016-07-04 04:16 - 2016-07-04 04:16 - 00287256 _____ () C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
2016-07-04 07:01 - 2016-07-04 07:01 - 00287256 _____ () C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-27 13:45 - 2016-03-09 17:18 - 00025088 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2016-05-27 13:45 - 2016-03-09 17:18 - 02513920 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2016-05-27 13:45 - 2016-03-09 17:18 - 02436096 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-12-21 11:25 - 2013-12-21 11:25 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 11:26 - 2013-12-21 11:26 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 00030720 _____ () C:\WINDOWS\SYSTEM32\MediaDB64.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 00908800 _____ () C:\WINDOWS\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00016896 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00049152 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00058880 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00299520 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2016-05-27 13:45 - 2016-03-09 17:18 - 00049664 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2016-08-20 08:45 - 2016-09-04 06:11 - 00669696 _____ () C:\Windows\Temp\sqlite-3.7.151-amd64-sqlitejdbc.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-07 14:31 - 2016-08-07 14:31 - 00959168 _____ () C:\Users\hochs\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-09-01 00:26 - 2013-04-07 14:37 - 00081920 _____ () C:\Program Files (x86)\TraXEx\Integration\CppShellExtContextMenuHandler.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2016-07-23 05:39 - 2016-07-23 05:39 - 03525431 _____ () C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll
2016-08-30 18:28 - 2016-08-30 18:28 - 01249792 _____ () C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\ContextMenu.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 13:43 - 2016-08-24 03:38 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 13:43 - 2016-09-01 02:26 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-01 02:29 - 2016-08-20 06:54 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-16 13:43 - 2016-09-01 02:26 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-01 02:29 - 2016-08-20 06:54 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-09-25 03:04 - 2013-09-25 03:04 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-25 03:01 - 2013-09-25 03:01 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-25 03:08 - 2013-09-25 03:08 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2016-08-21 14:28 - 2016-08-21 14:28 - 00586352 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2016-06-09 10:27 - 2016-06-09 10:27 - 04535192 _____ () C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe
2016-08-21 15:11 - 2016-08-21 15:11 - 04657312 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2016-08-21 14:37 - 2016-08-21 14:37 - 01516920 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
2016-08-11 14:29 - 2016-08-11 14:29 - 09729272 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2016-08-27 08:08 - 2016-07-01 09:02 - 00257872 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe
2010-12-23 12:06 - 2010-12-23 12:06 - 00028672 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\cx_Logging.pyd
2012-10-27 16:21 - 2012-10-27 16:21 - 00098816 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32api.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00110080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pywintypes27.dll
2012-10-27 16:20 - 2012-10-27 16:20 - 00018432 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32event.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00119808 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32file.pyd
2012-10-27 16:21 - 2012-10-27 16:21 - 00167936 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32gui.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00024064 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32pipe.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00035840 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32process.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00017408 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32profile.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00108544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32security.pyd
2012-10-27 16:21 - 2012-10-27 16:21 - 00022528 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32ts.pyd
2012-10-27 16:22 - 2012-10-27 16:22 - 00364544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pythoncom27.dll
2012-10-27 16:23 - 2012-10-27 16:23 - 00320512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32com.shell.shell.pyd
2014-06-30 17:04 - 2014-06-30 17:04 - 00087552 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ctypes.pyd
2014-06-30 17:04 - 2014-06-30 17:04 - 00715264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_hashlib.pyd
2014-06-30 17:03 - 2014-06-30 17:03 - 00046080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_socket.pyd
2014-06-30 17:04 - 2014-06-30 17:04 - 01160704 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ssl.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00025600 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32cred.pyd
2014-04-14 16:06 - 2014-04-14 16:06 - 00055510 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pacparser._pacparser.pyd
2014-04-14 16:06 - 2014-04-14 16:06 - 00976827 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pacparser.dll
2012-10-27 16:20 - 2012-10-27 16:20 - 00011264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32crypt.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00064512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32net.pyd
2016-05-27 07:02 - 2016-07-22 08:26 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-05-27 07:02 - 2016-07-22 08:24 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-05-27 07:02 - 2016-07-22 08:24 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-05-27 07:02 - 2016-07-22 08:24 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-08-21 15:11 - 2016-08-21 15:11 - 03847320 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\atih_mms_addon.dll
2016-08-03 15:47 - 2016-08-03 15:47 - 00685488 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sqlite3.dll
2016-08-21 15:05 - 2016-08-21 15:05 - 20655296 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2016-08-21 14:27 - 2016-08-21 14:27 - 00391088 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2016-07-23 17:15 - 2016-07-23 17:15 - 00129968 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2016-08-11 14:14 - 2016-08-11 14:14 - 00248752 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll
2016-06-14 17:24 - 2016-06-14 17:24 - 00444336 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2016-06-22 09:16 - 2016-06-22 09:16 - 00115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\expat.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-10-22 09:48 - 2013-10-22 09:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 16:38 - 2013-04-19 16:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-10-25 19:49 - 2013-10-25 19:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01041208 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 00244536 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00048400 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_date_time-vc90-mt-1_39.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00049424 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_thread-vc90-mt-1_39.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00068504 _____ () C:\Program Files (x86)\Audials\Audials 2016\CrashRpt.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00618256 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_regex-vc90-mt-1_39.dll
2016-06-09 10:28 - 2016-06-09 10:28 - 00544152 _____ () C:\Program Files (x86)\Audials\Audials 2016\StreamingClient.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00016144 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_system-vc90-mt-1_39.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00340992 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Utils\253112fb994d35639dccd8cfd4d8ea44\Utils.ni.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00549888 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ManagedInterfaces\c2038fe4c76d7c29e7c8c678ce57ce9b\ManagedInterfaces.ni.dll
2016-08-14 01:26 - 2016-08-14 01:26 - 04721664 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\AudialsComponents\0cbf997999fb8e51109670cf37d0e1f5\AudialsComponents.ni.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00774144 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\RSControls\310fef0d63d899fee88ad0282663d230\RSControls.ni.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00177664 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\fastJSON\63dae86ea47483367bae63c22fd55c56\fastJSON.ni.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00062464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CrashHandlerNET\a68af5e6e5d69b9e255d6b41d82c7688\CrashHandlerNET.ni.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00040856 _____ () C:\Program Files (x86)\Audials\Audials 2016\CrashHandlerNET.dll
2016-07-11 12:34 - 2016-07-11 12:34 - 20925320 _____ () C:\Program Files (x86)\CounterPath\Bria 4\CPCLR.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00016896 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_system-vc110-mt-1_58.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00047616 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_signals-vc110-mt-1_58.dll
2016-07-11 12:13 - 2016-07-11 12:13 - 11112904 _____ () C:\Program Files (x86)\CounterPath\Bria 4\CPCAPI2_SharedLibrary.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00084480 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_thread-vc110-mt-1_58.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00633856 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_regex-vc110-mt-1_58.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00104960 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_filesystem-vc110-mt-1_58.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00041984 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_date_time-vc110-mt-1_58.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00025600 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_chrono-vc110-mt-1_58.dll
2016-07-11 12:13 - 2016-07-11 12:13 - 00199168 _____ () C:\Program Files (x86)\CounterPath\Bria 4\G729AsDLL.dll
2016-03-11 10:54 - 2016-03-11 10:54 - 01006080 _____ () C:\Program Files (x86)\CounterPath\Bria 4\CefSharp.Core.dll
2016-03-11 10:54 - 2016-03-11 10:54 - 53437440 _____ () C:\Program Files (x86)\CounterPath\Bria 4\libcef.dll
2016-08-18 18:24 - 2016-08-18 18:24 - 01942016 _____ () C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\ffmpeg.dll
2016-08-18 18:24 - 2016-08-18 18:24 - 02196480 _____ () C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\libglesv2.dll
2016-08-18 18:24 - 2016-08-18 18:24 - 00080384 _____ () C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\libegl.dll
2016-09-02 03:29 - 2016-07-26 14:26 - 00796160 _____ () C:\Program Files (x86)\Sticky Password\DLLs\unicodedata.pyd
2016-09-02 03:29 - 2016-07-26 14:26 - 00231936 _____ () C:\Program Files (x86)\Sticky Password\DLLs\pyexpat.pyd
2016-03-11 10:54 - 2016-03-11 10:54 - 00683520 _____ () C:\Program Files (x86)\CounterPath\Bria 4\CefSharp.BrowserSubprocess.Core.dll
2016-03-11 10:54 - 2016-03-11 10:54 - 01976832 _____ () C:\Program Files (x86)\CounterPath\Bria 4\libglesv2.dll
2016-03-11 10:54 - 2016-03-11 10:54 - 00075264 _____ () C:\Program Files (x86)\CounterPath\Bria 4\libegl.dll
2016-08-21 14:27 - 2016-08-21 14:27 - 06068656 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_resources.dll
2016-08-21 14:27 - 2016-08-21 14:27 - 00049072 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2016-08-14 15:18 - 2015-04-28 15:22 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-08-14 15:18 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-09-04 06:12 - 2015-03-27 18:24 - 38713856 _____ () C:\Program Files (x86)\Paltalk Messenger\libcef.dll
2016-09-04 06:12 - 2016-06-02 00:06 - 02226688 _____ () C:\Program Files (x86)\Paltalk Messenger\Images.dll
2016-06-22 11:27 - 2016-06-22 11:27 - 00217008 _____ () C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\pcs_io.dll
2016-03-09 10:28 - 2016-03-09 10:28 - 00042416 _____ () C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\winpthreads4.dll
2016-07-02 21:30 - 2016-07-02 21:30 - 00376240 _____ () C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\archive3.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe:BDU [0]
AlternateDataStreams: C:\ProgramData\TEMP:D31D1159 [148]
AlternateDataStreams: C:\Users\hochs\Desktop\tdsskiller.exe:BDU [0]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7914 mehr Seiten.
IE trusted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123simsen.com -> www.123simsen.com
Da befinden sich 7914 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-08-28 14:02 - 2016-09-01 13:10 - 00000021 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2615813048-3284018108-3599952075-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{71BC129C-DD6F-4727-8E33-B3F72F789FCF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2BCDD67C-3F96-40D2-AFFB-3D4D9DF92F3E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DF06A1D3-2D4E-4328-B0BE-E39765116DF0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{454DE9C3-1D7E-400B-A792-9A6FE6AD393C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5EB3A212-D803-4E22-8BC4-7058DDEEE41A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8DEAC3A1-4C3F-49E3-9654-480C27A8EDB8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{9B54A4BA-29F0-4D56-A69B-F6FF9815D1B9}C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{B5793EA5-DBFC-4121-94ED-5B37D9317901}C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{0D14957E-832B-4B7F-951A-325AC2201CFB}C:\users\hochs\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\hochs\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [UDP Query User{2E41912B-61BE-48DA-BEC3-A6F2C68BF9EE}C:\users\hochs\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\hochs\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [TCP Query User{678E119B-A233-45E6-A725-A6A33BD246DB}C:\program files\samsung\samsung link\samsung link tray agent.exe] => (Allow) C:\program files\samsung\samsung link\samsung link tray agent.exe
FirewallRules: [UDP Query User{C1310BC5-F429-4A87-B7EC-1BF81C20A04C}C:\program files\samsung\samsung link\samsung link tray agent.exe] => (Allow) C:\program files\samsung\samsung link\samsung link tray agent.exe
FirewallRules: [TCP Query User{69256106-0642-4C68-B603-E70390ACE657}C:\program files (x86)\counterpath\bria 4\bria4.exe] => (Allow) C:\program files (x86)\counterpath\bria 4\bria4.exe
FirewallRules: [UDP Query User{AC30E9FC-FB28-422C-ACCA-7E3E7F7D175B}C:\program files (x86)\counterpath\bria 4\bria4.exe] => (Allow) C:\program files (x86)\counterpath\bria 4\bria4.exe
FirewallRules: [{889938CA-6E77-4AE4-8E54-7FE28D2E4CE2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
FirewallRules: [{58C0D146-0CFC-4BB0-9B67-BFACDE543F6B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
FirewallRules: [{DAAD7992-B9D3-4CB9-80EA-52D898804520}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{60C076A3-7850-449E-A412-01F75CA482E7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{8DA3ED20-46F5-4DA2-9DA6-8DE5201190DB}] => (Allow) LPort=1688
FirewallRules: [{3FA5C158-EB01-4D72-856C-723D882B8DF8}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe
FirewallRules: [{FF620410-5524-49C5-B096-CD8632AF202E}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe
FirewallRules: [TCP Query User{511025B3-0383-4480-A08C-F1CDCA5F588A}C:\program files (x86)\counterpath\bria 4\bria4.exe] => (Allow) C:\program files (x86)\counterpath\bria 4\bria4.exe
FirewallRules: [UDP Query User{B2CE4AA4-3E6C-4889-9B4F-431DC70C8A99}C:\program files (x86)\counterpath\bria 4\bria4.exe] => (Allow) C:\program files (x86)\counterpath\bria 4\bria4.exe
FirewallRules: [TCP Query User{88F2C063-DC0A-4E23-A3B0-5812D4D955F6}C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{8143A44A-CF79-4B7F-A40C-5D6B5250DB27}C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{47104632-9649-476B-9B46-E0C08B74F7FD}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [UDP Query User{6890CE15-6432-4588-9536-B2BDF4ACF54A}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [TCP Query User{E5D59600-8DE6-4481-80D4-DD74592385F5}D:\candiload\load.exe] => (Allow) D:\candiload\load.exe
FirewallRules: [UDP Query User{0FFC06CE-8CD4-41A5-9FC7-4EB39B68694D}D:\candiload\load.exe] => (Allow) D:\candiload\load.exe
FirewallRules: [TCP Query User{02FADEE2-2C87-475E-B663-491838DD6E34}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [UDP Query User{F3779F9F-F43E-4D27-BB13-A5920D03C3FF}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [{CDD20C47-B894-413A-8455-185D51FA810D}] => (Allow) C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\\openvpn\bin\openvpn.exe
FirewallRules: [{1277B574-7D5C-41CF-9C14-BB5A5840FE29}] => (Allow) C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\\openvpn\bin\openvpnserv.exe
==================== Wiederherstellungspunkte =========================
04-09-2016 13:27:14 Windows Update
07-09-2016 02:48:44 sicherung-07-09-2016
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Killer Wireless-N 1202 Network Adapter
Description: Killer Wireless-N 1202 Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/08/2016 09:13:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (09/08/2016 09:12:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (09/08/2016 09:12:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (09/08/2016 09:11:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (09/08/2016 09:11:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (09/08/2016 09:11:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (09/08/2016 09:10:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (09/08/2016 09:09:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (09/08/2016 09:09:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Error: (09/08/2016 09:08:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.
Systemfehler:
=============
Error: (09/08/2016 09:06:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/08/2016 09:06:47 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/08/2016 09:06:47 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/08/2016 09:06:40 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (09/08/2016 09:06:40 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (09/08/2016 09:06:39 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "HomeGroupListener" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%2147944153 = In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.
Error: (09/08/2016 09:05:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GBIJB17)
Description: Der Server "{53362C64-A296-4F2D-A2F8-FD984D08340B}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/08/2016 09:05:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GBIJB17)
Description: Der Server "{53362C64-A296-4F2D-A2F8-FD984D08340B}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/08/2016 08:36:21 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/08/2016 08:36:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 11%
Installierter physikalischer RAM: 32717.54 MB
Verfügbarer physikalischer RAM: 29075.79 MB
Summe virtueller Speicher: 32917.54 MB
Verfügbarer virtueller Speicher: 28039.66 MB
==================== Laufwerke ================================
Drive c: (Windows 10 ) (Fixed) (Total:380.77 GB) (Free:213.24 GB) NTFS
Drive d: () (Fixed) (Total:931.39 GB) (Free:101.48 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: 5B98F280)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
10.09.2016, 11:45
| #14 |
| /// Malwareteam | Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus Hi, Schritt # 1: ESET ESET Online Scanner
Schritt # 2: Bitte Posten
|
|
| Themen zu Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus |
| adobe, avast, bonjour, computer, converter, defender, downloader, explorer, firefox, flash player, free download, homepage, installation, internet, karte, keylogger, malware, mozilla, officejet, prozesse, realtek, registry, safer networking, scan, svchost.exe, system, trojaner, virus, windows, windows 10, windowsapps, wlan |
Linear-Darstellung
