Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 28.08.2016, 10:43   #1
powerzug
 
Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus - Standard

Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus



Hallo zusammen ich habe den Verdacht, dass ich von einem Trojaner/Virus/Malware befallen bin.
Der Computer reagiert allerdings normal, bei allen Aktivitäten. Auch ist mein Computer nicht langsamer geworden, ausser bei Downloads hab ich das Gefühl es könnte schneller sein.

Code:
ATTFilter
==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Visicom Media Inc.) C:\ProgramData\ManyCam\Service\ManyCamService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe
(Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe
(Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe
(FreeDownloadManager.org) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Alexander Miehlke Softwareentwicklung) C:\Program Files (x86)\TraXEx\TraXEx.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Murray Hurps Software Pty Ltd) C:\Program Files (x86)\Ad Muncher\AdMunch.exe
(Murray Hurps Software Pty Ltd) C:\Program Files (x86)\Ad Muncher\AdMunch64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(AVM Software Inc.) C:\Program Files (x86)\Paltalk Messenger\paltalk.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(AVM Software Inc.) C:\Program Files (x86)\Paltalk Messenger\paltalk.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Mirko Böer) C:\Program Files (x86)\RouterControl\RouterControl.exe
() C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe
(CounterPath) C:\Program Files (x86)\CounterPath\Bria 4\Bria4.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(The CefSharp Authors) C:\Program Files (x86)\CounterPath\Bria 4\CefSharp.BrowserSubprocess.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
(AVM Software Inc.) C:\Program Files (x86)\Paltalk Messenger\paltalk.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(EJIE Technology) C:\Program Files (x86)\Clover\clover.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350232 2016-06-16] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [586352 2016-08-21] ()
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [615144 2016-03-09] (Samsung Electronics Co.,Ltd)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe [4164944 2016-07-01] (Ashampoo Development GmbH & Co. KG)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4657312 2016-08-21] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [PowerDVD16Agent] => C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe [525352 2016-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Ad Muncher] => C:\Program Files (x86)\Ad Muncher\AdMunch.exe [560760 2016-08-06] (Murray Hurps Software Pty Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\jv16 PowerTools X\StartupOptimizer.exe "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [75776 2016-08-10] ()
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498720 2016-06-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425352 2016-06-03] (Acronis International GmbH)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2631120 2016-07-28] (Malwarebytes Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Atheros Communications)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1084688 2016-04-21] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\jv16 PowerTools X\StartupOptimizer.exe "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe [4535192 2016-06-09] ()
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Bria 4] => C:\Program Files (x86)\CounterPath\Bria 4\Bria4.exe [4734344 2016-07-11] (CounterPath)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [RouterControl] => C:\Program Files (x86)\RouterControl\ROUTERCONTROL.EXE [3449344 2009-05-19] (Mirko Böer)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Yahoo Messenger Updater] => C:\Users\hochs\AppData\Roaming\Yahoo Messenger\YMUpdater\YMUpdater.exe [115144 2016-08-18] (Yahoo!, Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Yahoo Messenger] => C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe [61315088 2016-08-18] (Yahoo! Inc)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [9647104 2016-08-23] (FreeDownloadManager.org)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3966064 2016-08-05] (Tonec Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\MountPoints2: {3aefeae5-1f0f-11e6-9b9c-806e6f6e6963} - "E:\pcwstart.exe" 
HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TraXEx 7.0.lnk [2016-08-17]
ShortcutTarget: TraXEx 7.0.lnk -> C:\Program Files (x86)\TraXEx\TraXEx.exe (Alexander Miehlke Softwareentwicklung)
Startup: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2016-08-14] ()
Startup: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopVideoPlayer.lnk [2016-08-20]
ShortcutTarget: DesktopVideoPlayer.lnk -> C:\Users\hochs\AppData\Local\vghd\bin\vghd.exe (Keine Datei)
Startup: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2016-08-06]
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{312630d7-a3ea-4a35-adc2-e36214d724f3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{81c71945-0989-48f6-948e-0f58b3f79291}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9758ba7f-718c-4803-9b3d-86710972f7a9}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-07-13] (Internet Download Manager, Tonec Inc.)
BHO: Kein Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Keine Datei
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-06] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-06] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll [2014-01-23] (EJIE Technology)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-07-13] (Internet Download Manager, Tonec Inc.)
BHO-x32: Kein Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Keine Datei
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-06] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-08-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-06] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
BHO-x32: Kein Name -> {FFFFFEF0-5B30-21D4-945D-000000000000} -> C:\Program Files (x86)\Star Downloader\SDIEInt.dll [2006-02-26] ()
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation)

Edge: 
======
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.0.5.0_neutral__c1wakc4j0nefm [2016-08-07]

FireFox:
========
FF ProfilePath: C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default
FF Homepage: hxxps://www.startpage.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-06] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-08-26] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-06] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-08-26] (LastPass)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-27] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-27] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-08-28] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-08-20]
FF Extension: (LastPass) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\extensions\support@lastpass.com [2016-08-26]
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-08-03]
FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2016-08-26]
FF Extension: (Adblock Plus) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-26]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2016-05-12] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\hochs\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\hochs\AppData\Roaming\IDM\idmmzcc5 [2016-08-28] [ist nicht signiert]
FF HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi

Chrome: 
=======
CHR HomePage: Default -> hxxps://startseite.com/
CHR DefaultSearchURL: Default -> hxxps://www.startpage.com/do/dsearch?query={searchTerms}&cat=web&pl=opensearch&language=deutsch
CHR DefaultSearchKeyword: Default -> https://startpage.com
CHR Profile: C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Free Download Manager Chrome extension) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2016-08-28]
CHR Extension: (Google Docs) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-15]
CHR Extension: (Google Drive) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-15]
CHR Extension: (WhatsChrome) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan [2016-08-07]
CHR Extension: (YouTube) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-15]
CHR Extension: (Porno-Blocker und Kindersicherung) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\cenggogncmgefhljmbhbjgfbfjbmpkml [2016-08-15]
CHR Extension: (Adobe Acrobat) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-08-20]
CHR Extension: (Google Docs Offline) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-15]
CHR Extension: (AdBlock) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-26]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-08-27]
CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2016-06-23]
CHR Extension: (Chrono Download Manager) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2016-08-28]
CHR Extension: (IDM Integration Module) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-08-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-15]
CHR Extension: (Google Mail) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-15]
CHR Extension: (Chrome Media Router) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-08-05]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-06-23]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-08-05]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1277688 2016-08-21] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6086744 2016-08-25] ()
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2016-06-20] (Sirrix AG) [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [90112 2016-07-25] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2981056 2016-08-11] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [391656 2016-07-22] (Digital Wave Ltd.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-06-11] (SurfRight B.V.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
S3 m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E; C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe [8331360 2015-11-26] (Swisscom (Schweiz) AG)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [750032 2016-07-28] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4692840 2016-08-15] (Acronis International GmbH)
R2 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [7717528 2016-07-18] (Acronis International GmbH)
R2 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1516920 2016-08-21] ()
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1310448 2016-08-14] (Overwolf LTD)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [950200 2016-05-24] (Bitdefender)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [623848 2016-03-09] (Samsung Electronics Co.,Ltd)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-17] (Microsoft Corporation)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9729272 2016-08-11] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7248144 2016-08-08] (TeamViewer GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [156016 2016-07-01] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1693104 2016-07-01] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WO_LiveService2; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe [257872 2016-07-01] ()
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\TunesGo Retro\DriverInstall.exe [116368 2016-04-16] (Wondershare)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
S3 athr; C:\Windows\System32\drivers\athw10x.sys [4316456 2016-06-16] (Qualcomm Atheros Communications, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1603264 2016-08-22] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [850464 2016-08-22] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-07-01] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-09] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-09] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [75360 2016-08-04] ()
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [375136 2016-08-25] (Acronis International GmbH)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [182936 2015-12-16] (BitDefender LLC)
R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [299816 2016-07-01] (Bitdefender)
R2 LiveTuner2PM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner64.sys [14320 2014-03-20] ()
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-28] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()
S3 prl_virtual_hid; C:\Windows\System32\drivers\prl_virtual_hid.sys [19688 2015-09-18] ()
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [34608 2016-06-09] (Audials AG)
S3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42064 2016-08-15] (Anchorfree Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1267544 2016-08-25] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [212320 2016-08-25] (Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [687968 2016-08-25] (Acronis International GmbH)
R3 TotRec8; C:\WINDOWS\system32\drivers\TotRec8.sys [125568 2015-10-20] (High Criteria inc.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [520032 2016-07-01] (BitDefender S.R.L.)
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [182480 2016-04-29] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135768 2016-04-28] (Oracle Corporation)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [331104 2016-08-25] (Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; C:\Program Files (x86)\CyberLink\PowerDVD16\Common\NavFilter\000.fcl [29624 2016-03-28] (CyberLink Corp.)
U3 DfSdkS; kein ImagePath
S3 NPF; system32\drivers\NPF.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-28 11:25 - 2016-08-28 11:35 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Adobe
2016-08-28 11:19 - 2016-08-28 11:19 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Atheros
2016-08-28 11:10 - 2016-08-28 11:19 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Bitdefender
2016-08-28 11:05 - 2016-08-28 11:06 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-08-28 11:05 - 2016-08-28 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-08-28 11:05 - 2016-08-28 11:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2016-08-28 10:48 - 2016-08-28 11:37 - 00000000 ____D C:\FRST
2016-08-28 10:13 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part6.rar
2016-08-28 10:13 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part5.rar
2016-08-28 10:13 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part4.rar
2016-08-28 10:13 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part3.rar
2016-08-28 10:13 - 2016-08-28 10:13 - 54107190 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part7.rar
2016-08-28 10:12 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part1.rar
2016-08-28 10:12 - 2016-08-28 10:13 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part2.rar
2016-08-28 10:07 - 2016-08-28 10:07 - 00002756 _____ C:\Users\hochs\Downloads\333179792d081560db7da4895d27228227acbdda.dlc
2016-08-28 09:58 - 2016-08-28 09:58 - 00001347 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box.lnk
2016-08-28 09:58 - 2016-08-28 09:58 - 00001335 _____ C:\Users\Public\Desktop\Browser in the Box.lnk
2016-08-28 09:58 - 2016-08-28 09:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box
2016-08-28 09:57 - 2016-08-28 09:57 - 00000000 ____D C:\ProgramData\Sirrix AG
2016-08-28 09:57 - 2016-08-28 09:57 - 00000000 ____D C:\Program Files (x86)\Sirrix AG
2016-08-28 09:55 - 2016-08-28 09:55 - 00000000 ____D C:\Program Files\Oracle
2016-08-28 09:46 - 2016-08-14 16:09 - 00485873 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160828-094649.backup
2016-08-28 09:41 - 2016-08-28 09:41 - 00000000 ____D C:\Program Files\Common Files\AV
2016-08-28 09:41 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-08-28 09:39 - 2016-08-28 09:47 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-28 09:39 - 2016-08-28 09:41 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-28 09:39 - 2016-08-28 09:39 - 00001475 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-08-28 09:39 - 2016-08-28 09:39 - 00001463 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-08-28 09:39 - 2016-08-28 09:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-08-28 09:39 - 2016-08-28 09:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-08-28 09:39 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-08-28 09:30 - 2016-08-28 09:30 - 00344928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-28 02:26 - 2016-08-28 02:29 - 00000000 ____D C:\Users\hochs\Downloads\home_made_pro_am_pussy_4_720p.mp4 - hd-area.org
2016-08-28 02:23 - 2016-08-28 02:23 - 00002992 _____ C:\Users\hochs\Downloads\dad82ff837cf7d22a95974c8353b6eeba7879229.dlc
2016-08-28 02:23 - 2016-08-28 02:23 - 00002992 _____ C:\Users\hochs\Downloads\dad82ff837cf7d22a95974c8353b6eeba7879229 (3).dlc
2016-08-28 02:23 - 2016-08-28 02:23 - 00002992 _____ C:\Users\hochs\Downloads\dad82ff837cf7d22a95974c8353b6eeba7879229 (2).dlc
2016-08-28 02:23 - 2016-08-28 02:23 - 00002992 _____ C:\Users\hochs\Downloads\dad82ff837cf7d22a95974c8353b6eeba7879229 (1).dlc
2016-08-28 02:22 - 2016-08-28 02:22 - 00013755 _____ C:\Users\hochs\Downloads\helper.html
2016-08-28 01:41 - 2016-08-28 11:28 - 00000000 ____D C:\Users\hochs\AppData\Roaming\IDM
2016-08-28 01:41 - 2016-08-28 09:30 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-08-28 01:41 - 2016-08-28 02:11 - 00000000 ____D C:\Users\hochs\Downloads\Compressed
2016-08-28 01:41 - 2016-08-28 01:44 - 00001093 _____ C:\Users\hochs\Desktop\Internet Download Manager.lnk
2016-08-28 01:41 - 2016-08-28 01:41 - 00000000 ____D C:\Users\hochs\Downloads\Video
2016-08-28 01:41 - 2016-08-28 01:41 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-08-28 01:41 - 2016-08-28 01:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-08-28 01:41 - 2016-08-28 01:41 - 00000000 ____D C:\ProgramData\IDM
2016-08-28 01:41 - 2016-08-28 01:41 - 00000000 _____ C:\Users\hochs\Downloads\Download.htm
2016-08-28 01:39 - 2016-08-28 01:41 - 06895345 _____ (Tonec Inc.) C:\Users\hochs\Downloads\IDM_Pre.exe
2016-08-28 01:39 - 2016-08-28 01:39 - 06895345 _____ (Tonec Inc.) C:\Users\hochs\Downloads\IDM_Pre (1).exe
2016-08-28 01:38 - 2016-08-28 01:38 - 00000000 _____ C:\Users\hochs\Downloads\da9e.tmp
2016-08-28 01:35 - 2016-08-28 01:35 - 00000000 ____D C:\Users\hochs\Downloads\Internet Download Manager 6 25 Build 25 Pre-Activated
2016-08-28 01:29 - 2016-08-28 01:29 - 00000196 _____ C:\Users\hochs\Downloads\a6dbb02e-c968-40a7-899f-d43a357ae8b4.htm
2016-08-28 01:26 - 2016-08-28 01:26 - 03875576 _____ C:\Users\hochs\Downloads\Nicht bestätigt 790328.crdownload
2016-08-28 01:26 - 2016-08-28 01:26 - 03875576 _____ C:\Users\hochs\Downloads\Nicht bestätigt 72968.crdownload
2016-08-28 01:25 - 2016-08-28 01:25 - 03875576 _____ C:\Users\hochs\Downloads\Nicht bestätigt 426776.crdownload
2016-08-28 01:20 - 2016-08-28 01:20 - 00004440 _____ C:\Users\hochs\Downloads\e7b3c70dacfd72a5689c890d8fbb75d688f8b75d.dlc
2016-08-28 01:20 - 2016-08-28 01:20 - 00004440 _____ C:\Users\hochs\Downloads\e7b3c70dacfd72a5689c890d8fbb75d688f8b75d (3).dlc
2016-08-28 01:20 - 2016-08-28 01:20 - 00004440 _____ C:\Users\hochs\Downloads\e7b3c70dacfd72a5689c890d8fbb75d688f8b75d (2).dlc
2016-08-28 01:20 - 2016-08-28 01:20 - 00004440 _____ C:\Users\hochs\Downloads\e7b3c70dacfd72a5689c890d8fbb75d688f8b75d (1).dlc
2016-08-28 01:15 - 2016-08-28 11:24 - 00000000 ____D C:\Users\hochs\AppData\Local\Free Download Manager
2016-08-28 01:15 - 2016-08-28 01:15 - 00001168 _____ C:\Users\Public\Desktop\Free Download Manager 5.lnk
2016-08-28 01:15 - 2016-08-28 01:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
2016-08-28 01:15 - 2016-08-28 01:15 - 00000000 ____D C:\Program Files\FreeDownloadManager.ORG
2016-08-27 20:41 - 2016-08-27 20:42 - 00000000 ____D C:\Users\hochs\Downloads\Cuban.Fury.Echte.Maenner.tanzen.German.2014.AC3.BDRip.x264-FRACTAL
2016-08-27 20:39 - 2016-08-27 20:39 - 00003480 _____ C:\Users\hochs\Downloads\5b1f9ae276247c172704601f80fd4f7e6cdb3388 (1).dlc
2016-08-27 20:38 - 2016-08-27 20:38 - 00003480 _____ C:\Users\hochs\Downloads\5b1f9ae276247c172704601f80fd4f7e6cdb3388.dlc
2016-08-27 20:37 - 2016-08-27 20:37 - 00001918 _____ C:\Users\Public\Desktop\Star Downloader.lnk
2016-08-27 20:37 - 2016-08-27 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Downloader
2016-08-27 20:37 - 2016-08-27 20:37 - 00000000 ____D C:\Program Files (x86)\Star Downloader
2016-08-27 20:36 - 2016-08-27 20:37 - 02452082 _____ (Star Downloader) C:\Users\hochs\Downloads\sdfree.exe
2016-08-27 20:32 - 2016-08-27 20:33 - 00000000 ____D C:\Users\hochs\Downloads\Star.Trek.Beyond.2016.German.TS.V2.MD.x264-MULTiPLEX - filecrypt.cc
2016-08-27 20:11 - 2016-08-27 20:11 - 00001348 _____ C:\Users\hochs\Desktop\4K Video Downloader.lnk
2016-08-27 20:11 - 2016-08-27 20:11 - 00000000 ____D C:\Users\hochs\AppData\Local\4kdownload.com
2016-08-27 20:11 - 2016-08-27 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2016-08-27 20:11 - 2016-08-27 20:11 - 00000000 ____D C:\Program Files (x86)\4KDownload
2016-08-27 20:10 - 2016-08-27 20:11 - 31335352 _____ (Open Media LLC ) C:\Users\hochs\Downloads\4kvideodownloader_4.1.exe
2016-08-27 20:04 - 2016-08-27 20:04 - 00003113 _____ C:\Users\hochs\Downloads\ardmediathek.host
2016-08-27 19:52 - 2016-08-27 19:52 - 00003149 _____ C:\Users\hochs\Downloads\zdfmediathek.host
2016-08-27 11:56 - 2016-08-27 11:59 - 00000000 ____D C:\Users\hochs\Downloads\The.Mechanic.2.Resurrection.2016.TS.MD.German.x264-PS - filecrypt.cc
2016-08-27 09:14 - 2016-08-27 09:14 - 00000838 _____ C:\Users\hochs\Documents\psr7.lic
2016-08-27 09:13 - 2016-08-27 09:55 - 00548864 _____ C:\Users\hochs\Documents\Passwort.ps7
2016-08-27 09:07 - 2016-08-27 09:07 - 00001214 _____ C:\Users\Public\Desktop\Password Safe 7.lnk
2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\Users\hochs\Downloads\Bitdefender Safepay
2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Password Safe and Repository 7
2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\ProgramData\InstallMate
2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\Program Files (x86)\Password Safe and Repository 7
2016-08-27 08:47 - 2016-08-27 08:47 - 00418464 _____ C:\Users\hochs\Downloads\SecureSafe-Recovery-Code.pdf
2016-08-27 08:08 - 2016-08-27 08:08 - 00001542 _____ C:\Users\Public\Desktop\Ein-Klick-Optimierung (WO14).lnk
2016-08-27 08:08 - 2016-08-27 08:08 - 00001314 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 14.lnk
2016-08-27 08:08 - 2016-08-27 08:08 - 00000214 _____ C:\Users\Public\Desktop\My Software Deals.url
2016-08-27 08:08 - 2016-08-27 08:08 - 00000000 ____D C:\ProgramData\Ashampoo
2016-08-27 08:08 - 2009-08-24 22:13 - 00034304 _____ (mst software GmbH, Germany) C:\WINDOWS\system32\DfSdkBt.exe
2016-08-27 08:07 - 2016-08-27 08:08 - 28473112 _____ (Ashampoo GmbH & Co. KG ) C:\Users\hochs\Downloads\ashampoo_winoptimizer_14_e14.00.02_sm.exe
2016-08-27 05:34 - 2015-11-11 13:56 - 00043618 ____N C:\Users\hochs\Downloads\qualcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_630.dll
2016-08-27 05:34 - 2015-11-11 13:56 - 00029361 ____N C:\Users\hochs\Downloads\manual_installation_guidequalcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_630.pdf
2016-08-27 05:34 - 2015-11-11 13:56 - 00005159 ____N C:\Users\hochs\Downloads\qualcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_6301.sys
2016-08-27 05:34 - 2015-11-11 13:56 - 00003638 ____N C:\Users\hochs\Downloads\READ-ME.txt
2016-08-27 05:34 - 2015-11-11 13:56 - 00001474 ____N C:\Users\hochs\Downloads\qualcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_630.cat
2016-08-27 05:33 - 2016-08-27 05:33 - 00031404 _____ C:\Users\hochs\Downloads\qualcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_630_driver.zip
2016-08-27 04:55 - 2016-08-27 04:55 - 00981592 _____ (SlimWare Utilities, Inc.) C:\Users\hochs\Downloads\SlimDrivers-setup.exe
2016-08-27 04:40 - 2016-08-27 04:50 - 00000000 ____D C:\Users\hochs\Downloads\lhd-hwahrheit-1080p.mkv - hd-area.org
2016-08-27 04:21 - 2016-08-27 04:49 - 00000000 ____D C:\Users\hochs\Downloads\Nichts.mehr.wie.vorher.German.2013.AC3.DVDRip.x264-iMPERiUM - filecrypt.cc
2016-08-26 18:00 - 2016-08-27 04:02 - 00000000 ____D C:\Users\hochs\Downloads\Wie.Klaut.Man.Eine.Million.German.DL.1966.HDTV.720p.x264.AC3-msd - hd-area.org
2016-08-26 17:50 - 2016-08-26 17:54 - 00000000 ____D C:\Users\hochs\Downloads\Dafranosuri
2016-08-26 16:31 - 2016-08-26 16:31 - 00001158 _____ C:\Users\Public\Desktop\My LastPass Vault.lnk
2016-08-26 16:31 - 2016-08-26 16:31 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2016-08-26 16:31 - 2016-08-26 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2016-08-26 16:30 - 2016-08-26 16:31 - 00000000 ____D C:\Program Files (x86)\LastPass
2016-08-26 16:03 - 2016-08-28 11:28 - 00000000 ____D C:\Users\hochs\AppData\LocalLow\LastPass
2016-08-26 15:57 - 2016-08-26 15:57 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Mozilla
2016-08-26 11:43 - 2016-08-26 15:54 - 00000000 ____D C:\Users\hochs\Downloads\Crouching.Tiger.Hidden.Dragon.Sword.of.Destiny.2016.German.Dubbed.DL.2160p.WEB-DL.x264-NIMA4K
2016-08-25 19:45 - 2016-08-26 11:41 - 00000000 ____D C:\Users\hochs\Downloads\Made.in.France.2015.German.1080p.BluRay.x264-ROOR - filecrypt.cc
2016-08-25 18:26 - 2016-08-25 18:26 - 00331104 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file2355.sys
2016-08-25 18:26 - 2016-08-25 18:26 - 00181088 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2263.sys
2016-08-25 18:26 - 2016-08-25 18:26 - 00000000 ____D C:\ProgramData\Acronis Mobile Backup Data
2016-08-24 04:24 - 2016-08-24 04:24 - 00142170 _____ C:\Users\hochs\Documents\Invoice_9636875_3300331493042016.pdf
2016-08-24 04:23 - 2016-08-24 04:23 - 00071918 _____ C:\Users\hochs\Documents\Details_9636875_3300765375082016_10000149531615.pdf
2016-08-24 04:17 - 2016-08-24 04:27 - 204759040 _____ C:\Users\hochs\Documents\DSM_DS214+_8451.pat
2016-08-23 19:03 - 2016-08-24 20:04 - 00000000 ____D C:\Users\hochs\Downloads\xan-The.Ardennes-avc.mkv - hd-area.org
2016-08-23 18:53 - 2016-08-24 20:03 - 00000000 ____D C:\Users\hochs\Downloads\kilotwobravo180.mkv - hd-area.org
2016-08-23 18:47 - 2016-08-23 18:51 - 00000000 ____D C:\Users\hochs\Downloads\The.Confirmation.2016.German.AC3.DVDRip.x264-MULTiPLEX - filecrypt.cc
2016-08-23 18:31 - 2016-08-23 18:31 - 00000000 ____D C:\Users\hochs\AppData\Local\Deployment
2016-08-22 20:18 - 2016-08-22 20:32 - 00000000 ____D C:\Users\hochs\Downloads\Riff.Piraten.1939.German.DL.1080p.BluRay.x264-CONTRiBUTiON - filecrypt.cc
2016-08-22 19:57 - 2016-08-22 19:57 - 00002126 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-08-22 19:57 - 2016-08-22 19:57 - 00002124 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-08-22 19:57 - 2016-08-22 19:57 - 00002114 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-08-22 19:57 - 2016-08-22 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-08-22 19:32 - 2016-08-22 19:32 - 00000000 ____D C:\Snort
2016-08-22 19:30 - 2016-08-22 19:30 - 00000000 ____D C:\ProgramData\AVAST Software
2016-08-21 16:07 - 2016-08-22 20:17 - 00000000 ____D C:\Users\hochs\Downloads\Der.Wert.des.Menschen.German.2015.DL.PAL.DVDR-SAViOUR - filecrypt.cc
2016-08-21 15:59 - 2016-08-22 20:17 - 00000000 ____D C:\Users\hochs\Downloads\Nick.Knattertons.Abenteuer.Der.Raub.der.Gloria.Nylon.1959.German.BDRip.x264-MONOBiLD - filecrypt.cc
2016-08-21 13:45 - 2016-08-21 13:45 - 00000000 ____D C:\Users\hochs\Downloads\Unterschrift
2016-08-21 04:04 - 2016-08-21 04:04 - 00000000 ____D C:\ProgramData\Wondershare
2016-08-21 04:03 - 2016-08-21 04:03 - 00000000 ____D C:\Users\hochs\AppData\Local\CrashRpt
2016-08-21 04:03 - 2016-08-21 04:03 - 00000000 ____D C:\Users\hochs\AppData\Local\BMExplorer
2016-08-20 19:13 - 2016-08-22 20:17 - 00000000 ____D C:\Users\hochs\Downloads\Suicide.Squad.TS.MD.GERMAN.x264-KarlsKrone - filecrypt.cc
2016-08-20 15:12 - 2016-08-20 15:12 - 00000000 ____D C:\Users\hochs\AppData\Local\PeerDistRepub
2016-08-20 14:01 - 2016-08-20 14:01 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iStripper
2016-08-20 10:41 - 2016-08-20 10:41 - 00000000 ____D C:\Users\hochs\AppData\Local\Remove_Empty_Directories
2016-08-20 10:36 - 2016-08-20 10:36 - 00001179 _____ C:\Users\Public\Desktop\Remove Empty Directories.lnk
2016-08-20 10:36 - 2016-08-20 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remove Empty Directories
2016-08-20 10:36 - 2016-08-20 10:36 - 00000000 ____D C:\Program Files (x86)\Remove Empty Directories
2016-08-20 10:23 - 2016-08-25 18:47 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Paltalk
2016-08-20 07:47 - 2016-08-20 07:47 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2016-08-20 07:47 - 2016-08-20 07:47 - 00002298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2016-08-20 07:47 - 2016-08-20 07:47 - 00002228 _____ C:\Users\Public\Desktop\Adobe FormsCentral.lnk
2016-08-20 07:47 - 2016-08-20 07:47 - 00002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2016-08-20 07:47 - 2016-08-20 07:47 - 00002114 _____ C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
2016-08-19 22:36 - 2016-08-20 07:39 - 00001150 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-19 22:36 - 2016-08-20 07:39 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-19 22:36 - 2016-08-19 22:41 - 00004208 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-19 22:36 - 2016-08-19 22:41 - 00003976 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-18 18:24 - 2016-08-28 11:24 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Yahoo Messenger
2016-08-18 18:24 - 2016-08-18 18:24 - 00002381 _____ C:\Users\hochs\Desktop\Yahoo Messenger.lnk
2016-08-18 18:24 - 2016-08-18 18:24 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yahoo! Inc
2016-08-18 18:24 - 2016-08-18 18:24 - 00000000 ____D C:\Users\hochs\AppData\Local\yahoomessenger
2016-08-18 00:11 - 2016-08-18 00:11 - 00002449 ____R C:\WINDOWS\RouterControl0_Uninstall.in
2016-08-18 00:11 - 2009-05-19 13:49 - 00330344 _____ (Mirko Böer) C:\WINDOWS\RCoUn0.exe
2016-08-18 00:10 - 2016-08-18 00:11 - 00001107 _____ C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RouterControl.lnk
2016-08-18 00:10 - 2016-08-18 00:11 - 00001077 _____ C:\Users\hochs\Desktop\RouterControl.lnk
2016-08-18 00:10 - 2016-08-18 00:11 - 00000000 ____D C:\Program Files (x86)\RouterControl
2016-08-18 00:10 - 2016-08-18 00:10 - 00002449 ____R C:\WINDOWS\RouterControl_Uninstall.in
2016-08-18 00:10 - 2016-08-18 00:10 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RouterControl
2016-08-18 00:10 - 2009-05-19 13:49 - 00330344 _____ (Mirko Böer) C:\WINDOWS\RCoUn.EXE
2016-08-17 18:30 - 2016-08-17 18:30 - 00002081 _____ C:\Users\Public\Desktop\TraXEx-Schredder.lnk
2016-08-17 18:30 - 2016-08-17 18:30 - 00002059 _____ C:\Users\Public\Desktop\TraXEx-Löschautomat.lnk
2016-08-17 18:30 - 2016-08-17 18:30 - 00002051 _____ C:\Users\Public\Desktop\TraXEx 7.0.lnk
2016-08-17 18:30 - 2016-08-17 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TraXEx 7.0
2016-08-17 18:30 - 2016-08-17 18:30 - 00000000 ____D C:\Program Files (x86)\TraXEx
2016-08-17 00:17 - 2016-08-17 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-08-17 00:17 - 2016-08-17 00:17 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-08-17 00:17 - 2016-08-17 00:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-08-15 11:40 - 2016-08-15 11:40 - 00042064 _____ (Anchorfree Inc.) C:\WINDOWS\system32\Drivers\taphss6.sys
2016-08-15 03:42 - 2016-08-15 03:43 - 00000000 ____D C:\ProgramData\F-Secure
2016-08-15 03:42 - 2016-08-15 03:42 - 00000000 ____D C:\Users\hochs\AppData\Local\F-Secure
2016-08-14 16:09 - 2016-08-14 16:09 - 00006666 _____ C:\WINDOWS\system32\Drivers\etc\hosts_PTbackup2.bak
2016-08-14 16:05 - 2016-08-14 16:05 - 08981510 _____ C:\Users\hochs\Documents\DESKTOP-GBIJB17.arn
2016-08-14 15:56 - 2016-08-14 15:56 - 00000022 ___SH C:\Users\hochs\AppData\Roaming\App1755 Conf_DB.ind
2016-08-14 15:56 - 2016-08-14 15:56 - 00000022 ___SH C:\Users\hochs\AppData\Roaming\0BF913075E33065.xrd
2016-08-14 15:56 - 2016-08-14 15:56 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools X
2016-08-14 15:55 - 2016-08-22 19:42 - 00000000 ____D C:\Program Files (x86)\jv16 PowerTools X
2016-08-14 15:55 - 2016-08-14 15:55 - 00001952 _____ C:\Users\hochs\Desktop\jv16 PowerTools X.lnk
2016-08-14 15:37 - 2016-08-14 15:49 - 00000000 ____D C:\ProgramData\WindSolutions
2016-08-14 15:37 - 2016-08-14 15:37 - 00001436 _____ C:\Users\hochs\Desktop\CopyTrans Control Center.lnk
2016-08-14 15:37 - 2016-08-14 15:37 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2016-08-14 15:18 - 2016-08-14 15:18 - 00001428 _____ C:\Users\Public\Desktop\Wondershare TunesGo Retro.lnk
2016-08-14 15:18 - 2016-08-14 15:18 - 00000000 ____D C:\Users\hochs\AppData\Local\Wondershare
2016-08-14 15:18 - 2016-08-14 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2016-08-14 15:17 - 2016-08-14 15:17 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-08-14 14:29 - 2016-08-14 14:29 - 00002266 _____ C:\Users\Public\Desktop\Xilisoft Video Converter Ultimate.lnk
2016-08-14 14:29 - 2016-08-14 14:29 - 00000000 ____D C:\ProgramData\Xilisoft
2016-08-14 14:29 - 2016-08-14 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2016-08-14 14:29 - 2016-08-14 14:29 - 00000000 ____D C:\Program Files (x86)\Xilisoft
2016-08-14 14:22 - 2016-08-14 14:23 - 00000000 ____D C:\ProgramData\Freemake
2016-08-14 14:22 - 2016-08-14 14:22 - 00001408 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2016-08-14 14:22 - 2016-08-14 14:22 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2016-08-14 14:22 - 2016-08-14 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2016-08-14 14:22 - 2016-08-14 14:22 - 00000000 ____D C:\Program Files (x86)\Freemake
2016-08-14 13:35 - 2016-08-14 13:35 - 00000000 ____D C:\Users\hochs\Documents\Benutzerdefinierte Office-Vorlagen
2016-08-14 12:55 - 2016-08-14 12:55 - 00000000 ____D C:\Users\hochs\AppData\Local\CrashReportClient
2016-08-14 12:21 - 2016-08-14 12:21 - 00000000 ____D C:\Program Files\Epic Games
2016-08-14 12:19 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-08-14 12:19 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-08-14 12:19 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-08-14 12:19 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-08-14 12:19 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-08-14 12:19 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2016-08-14 12:19 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2016-08-14 12:19 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2016-08-14 12:19 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2016-08-14 12:19 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-08-14 12:19 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-08-14 12:19 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-08-14 12:18 - 2016-08-14 12:20 - 00002617 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2016-08-14 12:18 - 2016-08-14 12:20 - 00002605 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2016-08-14 12:18 - 2016-08-14 12:19 - 00000000 ____D C:\ProgramData\Epic
2016-08-14 12:18 - 2016-08-14 12:18 - 00000000 ____D C:\Users\hochs\AppData\Local\UnrealEngine
2016-08-14 12:18 - 2016-08-14 12:18 - 00000000 ____D C:\Users\hochs\AppData\Local\EpicGamesLauncher
2016-08-14 12:18 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-08-13 23:41 - 2016-08-13 23:41 - 00000000 ____D C:\Program Files\CMAK
2016-08-13 23:41 - 2016-08-13 23:41 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-08-13 10:03 - 2016-08-13 10:03 - 00000000 ___HD C:\$Windows.~WS
2016-08-12 22:02 - 2016-08-12 22:02 - 00001961 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2016-08-12 22:02 - 2016-08-12 22:02 - 00001949 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2016-08-12 22:02 - 2016-08-12 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2016-08-12 22:02 - 2016-08-12 22:02 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2016-08-12 21:20 - 2016-08-12 21:20 - 00000000 ____D C:\Users\hochs\AppData\Local\Disc_Soft_Ltd
2016-08-11 20:03 - 2016-08-11 20:03 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2016-08-10 05:51 - 2016-08-02 10:58 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 05:51 - 2016-08-02 10:53 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 05:51 - 2016-08-02 10:52 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 05:51 - 2016-08-02 10:48 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 05:51 - 2016-08-02 10:48 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-10 05:51 - 2016-08-02 10:44 - 00151232 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 05:51 - 2016-08-02 10:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-10 05:51 - 2016-08-02 10:23 - 22572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 05:51 - 2016-08-02 10:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-10 05:51 - 2016-08-02 10:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-10 05:51 - 2016-08-02 10:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-10 05:51 - 2016-08-02 10:20 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-10 05:51 - 2016-08-02 10:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-10 05:51 - 2016-08-02 10:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-10 05:51 - 2016-08-02 10:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-10 05:51 - 2016-08-02 10:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 05:51 - 2016-08-02 10:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-10 05:51 - 2016-08-02 10:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-10 05:51 - 2016-08-02 10:11 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-10 05:51 - 2016-08-02 10:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-10 05:51 - 2016-08-02 10:09 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-10 05:51 - 2016-08-02 10:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 05:51 - 2016-08-02 10:07 - 09125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-10 05:51 - 2016-08-02 10:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-10 05:51 - 2016-08-02 10:00 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-10 05:51 - 2016-08-02 09:59 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 05:51 - 2016-08-02 09:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 05:51 - 2016-08-02 09:57 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 05:51 - 2016-08-02 09:56 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-10 05:51 - 2016-08-02 09:56 - 01785856 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 05:51 - 2016-08-02 09:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-10 05:51 - 2016-08-02 09:55 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 05:51 - 2016-08-02 09:55 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 05:51 - 2016-08-02 09:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-10 05:51 - 2016-08-02 06:56 - 02251440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 05:51 - 2016-08-02 06:51 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 05:51 - 2016-08-02 06:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-08-10 05:51 - 2016-08-02 06:39 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-10 05:51 - 2016-08-02 06:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-08-10 05:51 - 2016-08-02 06:37 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-08-10 05:51 - 2016-08-02 06:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-08-10 05:51 - 2016-08-02 06:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-10 05:51 - 2016-08-02 06:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-10 05:51 - 2016-08-02 06:28 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 05:51 - 2016-08-02 06:27 - 07623168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-10 05:51 - 2016-08-02 06:26 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 05:51 - 2016-08-02 06:26 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-08-10 05:51 - 2016-08-02 06:25 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-10 05:51 - 2016-08-02 06:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 05:51 - 2016-08-02 06:23 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-10 05:51 - 2016-08-02 06:16 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 05:51 - 2016-08-02 06:13 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 05:51 - 2016-08-02 06:13 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-10 05:51 - 2016-08-02 06:12 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-08-10 05:51 - 2016-08-02 06:09 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-10 05:51 - 2016-07-22 03:32 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-10 05:51 - 2016-07-22 03:27 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 05:51 - 2016-07-22 03:27 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 05:51 - 2016-07-22 03:27 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 05:51 - 2016-07-22 03:26 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-10 05:51 - 2016-07-22 03:25 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-10 05:51 - 2016-07-22 03:20 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-08-10 05:51 - 2016-07-22 03:18 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-10 05:51 - 2016-07-22 03:18 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-10 05:51 - 2016-07-22 03:18 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-10 05:51 - 2016-07-22 03:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-10 05:51 - 2016-07-22 03:11 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-10 05:51 - 2016-07-22 02:49 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 05:51 - 2016-07-22 02:32 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-10 05:51 - 2016-07-22 02:31 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-09 20:38 - 2016-08-09 20:38 - 00047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2016-08-09 20:38 - 2016-08-09 20:38 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2016-08-09 20:38 - 2016-08-09 20:38 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-08-09 20:09 - 2016-08-09 20:09 - 00002315 _____ C:\Users\hochs\Desktop\RT 7 Lite (64-Bit).lnk
2016-08-09 20:09 - 2016-08-09 20:09 - 00000000 ____D C:\WINDOWS\system32\RT 7 Lite
2016-08-09 20:09 - 2016-08-09 20:09 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockers Team
2016-08-09 20:09 - 2016-08-09 20:09 - 00000000 ____D C:\Program Files\Rockers Team
2016-08-08 17:27 - 2016-08-08 17:27 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2016-08-08 17:15 - 2016-08-28 11:22 - 00000000 ____D C:\AdwCleaner
2016-08-07 15:28 - 2016-08-07 15:28 - 00000000 ____D C:\Users\hochs\AppData\Local\ElevatedDiagnostics
2016-08-07 15:17 - 2016-08-17 01:11 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-07 15:15 - 2016-08-07 15:15 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-07 15:14 - 2016-08-07 15:14 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-08-07 15:14 - 2016-08-07 15:14 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-07 15:14 - 2016-08-07 15:14 - 00000000 ____D C:\Program Files\MSBuild
2016-08-07 15:14 - 2016-08-07 15:14 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-07 15:14 - 2016-08-07 15:14 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-07 15:14 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-07 15:14 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-07 15:14 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-07 15:14 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-07 15:14 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-07 15:14 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-07 14:29 - 2016-08-08 16:59 - 00000000 ____D C:\Users\hochs\AppData\Local\ConnectedDevicesPlatform
2016-08-07 14:29 - 2016-08-07 14:29 - 00000020 ___SH C:\Users\hochs\ntuser.ini
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-08-07 14:27 - 2016-08-07 14:27 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2016-08-07 14:26 - 2016-08-09 20:48 - 00002563 _____ C:\WINDOWS\diagwrn.xml
2016-08-07 14:26 - 2016-08-09 20:48 - 00001908 _____ C:\WINDOWS\diagerr.xml
2016-08-07 14:25 - 2016-08-28 11:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-07 14:25 - 2016-08-25 18:44 - 00003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForhochs
2016-08-07 14:25 - 2016-08-07 14:43 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-08-07 14:25 - 2016-08-07 14:25 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-07 14:25 - 2016-08-07 14:25 - 00003566 _____ C:\WINDOWS\System32\Tasks\Driver Easy Scheduled Scan
2016-08-07 14:25 - 2016-08-07 14:25 - 00003314 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{82C7B0E5-717C-433B-B746-49CB807503D5}
2016-08-07 14:25 - 2016-08-07 14:25 - 00003098 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-08-07 14:25 - 2016-08-07 14:25 - 00002676 _____ C:\WINDOWS\System32\Tasks\IPTV-Aufnahme Teleclub
2016-08-07 14:25 - 2016-08-07 14:25 - 00002668 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task
2016-08-07 14:25 - 2016-08-07 14:25 - 00002668 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-08-07 14:25 - 2016-08-07 14:25 - 00002536 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2016-08-07 14:25 - 2016-08-07 14:25 - 00002494 _____ C:\WINDOWS\System32\Tasks\Samsung_PSSD_Registration
2016-08-07 14:25 - 2016-08-07 14:25 - 00002428 _____ C:\WINDOWS\System32\Tasks\PrivaZer_SkipUAC
2016-08-07 14:25 - 2016-08-07 14:25 - 00002346 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice
2016-08-07 14:25 - 2016-08-07 14:25 - 00002288 _____ C:\WINDOWS\System32\Tasks\RtHDVBg
2016-08-07 14:25 - 2016-08-07 14:25 - 00002280 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2016-08-07 14:25 - 2016-08-07 14:25 - 00000000 ____D C:\WINDOWS\System32\Tasks\Nero
2016-08-07 14:25 - 2016-08-07 14:25 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2016-08-07 14:25 - 2016-08-07 14:25 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-08-07 14:23 - 2016-08-07 14:23 - 00000000 ____D C:\ProgramData\USOShared
2016-08-07 14:22 - 2016-08-07 14:22 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-07 14:20 - 2016-08-07 14:22 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-07 14:19 - 2016-08-21 19:49 - 00000000 ____D C:\Users\hochs
2016-08-07 14:19 - 2016-08-07 14:23 - 00000000 ____D C:\Users\Administrator
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Vorlagen
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Startmenü
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Netzwerkumgebung
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Lokale Einstellungen
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Eigene Dateien
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Druckumgebung
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Documents\Eigene Videos
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Documents\Eigene Musik
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Documents\Eigene Bilder
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\AppData\Local\Verlauf
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\AppData\Local\Anwendungsdaten
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\hochs\Anwendungsdaten
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2016-08-07 14:19 - 2016-08-07 14:19 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2016-08-07 14:18 - 2016-08-07 14:18 - 00317063 _____ C:\WINDOWS\system32\Drivers\RTWAVES40.dat
2016-08-07 14:18 - 2016-08-07 14:18 - 00006786 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat
2016-08-07 14:18 - 2016-08-07 14:18 - 00002626 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat
2016-08-07 14:18 - 2016-08-07 14:18 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-08-07 14:18 - 2016-08-07 14:18 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-07 14:18 - 2016-08-07 14:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-07 14:18 - 2016-08-07 14:18 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-07 14:18 - 2016-08-07 14:18 - 00000000 ____D C:\Program Files\Realtek
2016-08-07 14:18 - 2016-08-07 14:18 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-08-07 14:18 - 2016-08-07 14:18 - 00000000 ____D C:\Program Files\Elantech
2016-08-07 14:18 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-07 14:18 - 2016-06-03 05:59 - 06452948 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-07 14:18 - 2016-06-03 05:59 - 06364216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-07 14:18 - 2016-06-03 05:59 - 02455608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-07 14:18 - 2016-06-03 05:59 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-07 14:18 - 2016-06-03 05:59 - 01352760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-07 14:18 - 2016-06-03 05:59 - 00534072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-07 14:18 - 2016-06-03 05:59 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-07 14:18 - 2016-06-03 05:59 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-07 14:18 - 2016-06-03 05:59 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-07 14:17 - 2016-08-28 09:22 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-07 14:17 - 2016-08-07 14:17 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-07 13:57 - 2016-08-07 13:59 - 00000036 _____ C:\WINDOWS\progress.ini
2016-08-07 13:51 - 2016-08-08 20:28 - 00000000 ____D C:\Windows10Upgrade
2016-08-07 13:51 - 2016-08-07 14:29 - 00000000 ___HD C:\$GetCurrent
2016-08-07 13:51 - 2016-08-07 13:51 - 00000742 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Upgrade-Assistent.lnk
2016-08-07 13:51 - 2016-08-07 13:51 - 00000730 _____ C:\Users\hochs\Desktop\Windows 10-Upgrade-Assistent.lnk
2016-08-07 09:09 - 2016-08-07 09:09 - 00001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-08-07 09:09 - 2016-08-07 09:09 - 00001115 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-08-07 09:03 - 2016-08-19 19:27 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-08-07 08:47 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2016-08-07 08:47 - 2016-08-07 08:47 - 00001313 _____ C:\Users\Public\Desktop\Samsung Magician.lnk
2016-08-07 08:47 - 2016-08-07 08:47 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-08-07 08:46 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Portable SSD T3
2016-08-07 08:46 - 2016-08-07 08:46 - 00001729 _____ C:\Users\Public\Desktop\Samsung Portable SSD T3.lnk
2016-08-07 08:46 - 2016-08-07 08:46 - 00000000 ____D C:\ProgramData\Samsung Apps
2016-08-06 18:49 - 2016-08-07 14:22 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
2016-08-06 18:49 - 2016-08-06 18:49 - 00002065 _____ C:\Users\hochs\Desktop\Paltalk Messenger.lnk
2016-08-06 18:49 - 2016-08-06 18:49 - 00001186 _____ C:\Users\hochs\Desktop\Upgrade to Paltalk Extreme.lnk
2016-08-06 18:49 - 2016-08-06 18:49 - 00000000 ____D C:\Program Files (x86)\Paltalk Messenger
2016-08-06 18:12 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
2016-08-06 18:12 - 2016-08-06 18:12 - 00000000 ____D C:\ProgramData\Elcomsoft Password Recovery
2016-08-06 18:12 - 2016-08-06 18:12 - 00000000 ____D C:\Program Files (x86)\Elcomsoft Password Recovery
2016-08-06 18:12 - 2016-08-06 18:12 - 00000000 ____D C:\Program Files (x86)\Elcomsoft
2016-08-06 11:42 - 2016-08-18 18:26 - 00000000 ____D C:\Users\hochs\AppData\Local\SquirrelTemp
2016-08-06 11:42 - 2016-08-07 14:19 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2016-08-06 11:42 - 2016-08-06 11:42 - 00002253 _____ C:\Users\hochs\Desktop\WhatsApp.lnk
2016-08-06 11:42 - 2016-08-06 11:42 - 00000000 ____D C:\Users\hochs\AppData\Local\WhatsApp
2016-08-06 10:16 - 2016-08-06 10:16 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2016-08-06 09:27 - 2016-08-20 10:41 - 00000000 ____D C:\xampp2
2016-08-06 09:19 - 2016-08-20 07:37 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-08-06 09:18 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2016-08-06 09:16 - 2016-08-20 10:41 - 00000000 ____D C:\xampp
2016-08-06 09:05 - 2016-08-06 09:05 - 00000000 ____D C:\Program Files (x86)\MySQL
2016-08-06 08:57 - 2016-08-20 10:37 - 00000000 ____D C:\Users\hochs\.mythtv
2016-08-06 08:57 - 2016-08-07 14:22 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MythTV
2016-08-06 08:56 - 2016-08-06 08:57 - 00000000 ____D C:\Program Files (x86)\MythTV
2016-08-06 08:15 - 2016-08-20 13:56 - 00000000 ____D C:\ProgramData\Ad Muncher
2016-08-06 08:15 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad Muncher
2016-08-06 08:15 - 2016-08-06 08:15 - 00000000 ____D C:\Program Files (x86)\Ad Muncher
2016-08-05 17:50 - 2016-08-05 15:04 - 00217256 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2016-08-04 18:57 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minimal ADB and Fastboot
2016-08-04 18:57 - 2016-08-04 18:57 - 00001184 _____ C:\Users\Public\Desktop\Minimal ADB and Fastboot.lnk
2016-08-04 18:57 - 2016-08-04 18:57 - 00000000 ____D C:\Program Files (x86)\Minimal ADB and Fastboot
2016-08-04 18:21 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-04 18:21 - 2016-08-04 18:21 - 00001833 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-08-04 18:21 - 2016-08-04 18:21 - 00000000 ____D C:\Program Files\iTunes
2016-08-04 18:21 - 2016-08-04 18:21 - 00000000 ____D C:\Program Files\iPod
2016-08-04 18:21 - 2016-08-04 18:21 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-08-01 10:03 - 2016-08-07 14:22 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileBot
2016-08-01 10:03 - 2016-08-01 10:03 - 00002164 _____ C:\Users\hochs\Desktop\FileBot.lnk
2016-08-01 10:03 - 2016-08-01 10:03 - 00000000 ____D C:\Program Files\FileBot
2016-07-31 23:01 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2016-07-31 22:57 - 2016-07-31 23:05 - 00000000 ____D C:\Users\hochs\AppData\Local\ManyCam
2016-07-31 22:51 - 2016-07-31 23:01 - 00001075 _____ C:\Users\Public\Desktop\ManyCam.lnk
2016-07-31 22:51 - 2016-07-31 22:51 - 00000000 ____D C:\ProgramData\ManyCam
2016-07-31 22:50 - 2016-07-31 23:02 - 00000000 ____D C:\Program Files (x86)\ManyCam
2016-07-31 16:33 - 2016-08-07 14:22 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.5
2016-07-31 16:33 - 2016-07-31 16:33 - 00000000 ____D C:\Users\hochs\AppData\Local\Package Cache
2016-07-31 08:56 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeaZip
2016-07-31 08:56 - 2016-07-31 08:56 - 00000836 _____ C:\Users\hochs\Desktop\PeaZip.lnk
2016-07-31 08:55 - 2016-07-31 08:59 - 00000000 ____D C:\Program Files\PeaZip
2016-07-31 08:45 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clover
2016-07-31 08:45 - 2016-07-31 08:45 - 00001063 _____ C:\Users\Public\Desktop\Clover.lnk
2016-07-31 08:45 - 2016-07-31 08:45 - 00000000 ____D C:\Users\hochs\AppData\Local\Clover
2016-07-31 08:45 - 2016-07-31 08:45 - 00000000 ____D C:\Program Files (x86)\Clover
2016-07-31 07:21 - 2016-07-30 23:34 - 00001172 _____ C:\Users\hochs\Desktop\KaraFun Player 2 - Kopie.lnk
2016-07-31 00:59 - 2016-08-07 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games
2016-07-31 00:59 - 2016-07-31 00:59 - 00001519 _____ C:\Users\Public\Desktop\Unreal Tournament 3 Black Edition.lnk
2016-07-31 00:49 - 2016-08-14 12:18 - 00000000 ____D C:\Program Files (x86)\Epic Games
2016-07-30 23:34 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KaraFun Player 2
2016-07-30 23:34 - 2016-07-30 23:34 - 00001172 _____ C:\Users\hochs\Desktop\KaraFun Player 2.lnk
2016-07-30 23:34 - 2016-07-30 23:34 - 00000000 ____D C:\ProgramData\Recisio
2016-07-30 23:34 - 2016-07-30 23:34 - 00000000 ____D C:\Program Files (x86)\KaraFun Player 2
2016-07-30 11:57 - 2016-08-27 04:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-30 11:57 - 2016-08-26 16:05 - 00000000 ____D C:\Users\hochs\AppData\Local\Mozilla
2016-07-30 11:57 - 2016-08-26 15:57 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-07-30 11:57 - 2016-08-26 15:57 - 00001231 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-07-30 11:57 - 2016-08-26 15:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-07-30 03:20 - 2016-08-07 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-07-30 03:20 - 2016-07-30 03:20 - 00001154 _____ C:\Users\Public\Desktop\VLC media player.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-28 11:30 - 2016-07-17 00:51 - 01719680 _____ C:\WINDOWS\system32\perfh007.dat
2016-08-28 11:30 - 2016-07-17 00:51 - 00429702 _____ C:\WINDOWS\system32\perfc007.dat
2016-08-28 11:30 - 2016-05-20 20:58 - 03711796 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-28 11:28 - 2016-07-16 08:04 - 00065536 _____ C:\WINDOWS\system32\config\ELAM
2016-08-28 11:28 - 2016-06-11 01:58 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-28 11:24 - 2016-05-20 21:29 - 00000000 ___RD C:\Users\hochs\iCloudDrive
2016-08-28 11:24 - 2016-05-20 21:05 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-08-28 11:23 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-08-28 11:19 - 2016-05-20 21:27 - 00070504 _____ C:\bdlog.txt
2016-08-28 10:36 - 2016-06-23 07:03 - 00000000 ____D C:\Users\hochs\Documents\Outlook-Dateien
2016-08-28 09:55 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-08-28 09:48 - 2016-05-20 21:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-08-28 09:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-28 09:25 - 2016-05-20 20:55 - 00000000 ____D C:\Program Files (x86)\Google
2016-08-28 04:07 - 2016-07-24 21:14 - 00000000 ____D C:\Users\hochs\AppData\Local\Glance
2016-08-28 03:09 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-28 01:20 - 2016-05-20 21:32 - 00000000 ____D C:\Users\hochs\AppData\Local\JDownloader 2.0
2016-08-27 17:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-27 08:08 - 2016-05-29 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-08-27 08:08 - 2016-05-29 19:27 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2016-08-27 08:06 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-26 11:20 - 2016-05-22 18:12 - 00000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForhochs.job
2016-08-25 18:39 - 2016-05-20 21:00 - 00000000 ____D C:\ProgramData\Acronis
2016-08-25 18:26 - 2016-05-20 21:01 - 01267544 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00687968 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00375136 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00368480 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00331104 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00212320 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00181088 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00001297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2016-08-25 18:26 - 2016-05-20 21:01 - 00001285 _____ C:\Users\Public\Desktop\Acronis True Image.lnk
2016-08-25 18:22 - 2016-05-20 21:26 - 00000000 ____D C:\Users\hochs\AppData\Local\Apple
2016-08-23 18:31 - 2016-05-28 10:47 - 00000000 ____D C:\Users\hochs\AppData\Local\Apps\2.0
2016-08-22 19:57 - 2016-05-20 20:55 - 00000000 ____D C:\Users\hochs\AppData\Local\Google
2016-08-22 18:34 - 2016-05-20 21:07 - 01603264 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2016-08-22 18:34 - 2016-05-20 21:07 - 00850464 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2016-08-21 16:04 - 2016-05-20 21:27 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Apple Computer
2016-08-21 07:36 - 2016-05-20 20:53 - 00000000 ____D C:\Users\hochs\AppData\Local\Packages
2016-08-21 07:18 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-21 04:03 - 2016-05-31 18:39 - 00000000 ____D C:\ProgramData\Atheros
2016-08-21 04:03 - 2016-05-20 21:27 - 00000000 ____D C:\Users\hochs\AppData\Local\Apple Computer
2016-08-20 18:43 - 2016-05-27 07:02 - 00001390 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2016-08-20 18:43 - 2016-05-27 07:02 - 00001329 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-08-20 18:43 - 2016-05-27 07:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-08-20 18:43 - 2016-05-27 07:02 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-08-20 16:20 - 2016-05-20 20:55 - 00000000 ____D C:\Users\hochs\AppData\Local\MicrosoftEdge
2016-08-20 14:42 - 2016-07-10 08:42 - 00000000 ____D C:\ProgramData\Overwolf
2016-08-20 10:40 - 2016-07-15 20:16 - 00000000 ____D C:\Users\hochs\AppData\Local\PrivaZer
2016-08-20 10:40 - 2016-05-21 05:50 - 00000000 ____D C:\Users\hochs\AppData\LocalLow\Adobe
2016-08-20 10:38 - 2016-07-10 08:41 - 00000000 ____D C:\Users\hochs\AppData\Local\Overwolf
2016-08-20 10:37 - 2016-05-20 20:53 - 00000000 ____D C:\Users\hochs\AppData\Local\Comms
2016-08-20 07:49 - 2016-05-21 05:48 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-08-20 07:46 - 2016-05-21 05:47 - 00000000 ____D C:\ProgramData\Adobe
2016-08-20 07:46 - 2016-05-21 05:47 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-18 02:42 - 2016-07-10 08:42 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-08-17 00:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-08-17 00:17 - 2016-05-21 09:20 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-17 00:16 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-15 20:17 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-08-15 04:20 - 2016-07-09 04:00 - 00002126 _____ C:\Users\hochs\Desktop\cnlabSpeedTest.lnk
2016-08-15 04:20 - 2016-07-09 04:00 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\cnlab AG
2016-08-15 04:20 - 2016-07-09 04:00 - 00000000 ____D C:\Users\hochs\AppData\Local\cnlabSpeedTest
2016-08-14 15:41 - 2016-07-16 07:48 - 00006664 _____ C:\WINDOWS\system32\Drivers\etc\hosts_PTBackup.bak
2016-08-13 23:41 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-13 23:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-08-13 23:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-08-13 23:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-08-13 23:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-08-13 23:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-13 23:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-13 23:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-08-13 23:41 - 2016-05-20 20:53 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-12 23:17 - 2016-05-21 10:19 - 00000000 ____D C:\Users\hochs\.VirtualBox
2016-08-12 23:00 - 2016-05-21 10:19 - 00000000 ____D C:\Users\hochs\VirtualBox VMs
2016-08-08 17:17 - 2016-07-05 19:50 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2016-08-08 17:17 - 2016-06-22 12:27 - 00000000 ____D C:\ProgramData\Lavasoft
2016-08-08 17:17 - 2016-06-22 12:27 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2016-08-08 04:48 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-07 18:09 - 2016-05-20 21:09 - 00002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-08-07 15:23 - 2016-05-20 20:53 - 00000000 ____D C:\Users\hochs\AppData\Local\VirtualStore
2016-08-07 15:17 - 2016-07-16 13:49 - 00000000 ____D C:\WINDOWS\Setup
2016-08-07 15:17 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-07 15:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-08-07 15:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-07 15:14 - 2016-07-16 13:43 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\telnet.exe
2016-08-07 14:31 - 2016-05-20 20:55 - 00002398 _____ C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-07 14:31 - 2016-05-20 20:55 - 00000000 ___RD C:\Users\hochs\OneDrive
2016-08-07 14:29 - 2016-06-03 03:46 - 00000468 __RSH C:\ProgramData\ntuser.pol
2016-08-07 14:27 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-08-07 14:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-07 14:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-08-07 14:26 - 2016-05-20 21:41 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-07 14:24 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-07 14:23 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-07 14:22 - 2016-07-24 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio
2016-08-07 14:22 - 2016-07-24 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Stream Recorder
2016-08-07 14:22 - 2016-07-24 01:08 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt
2016-08-07 14:22 - 2016-07-21 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-08-07 14:22 - 2016-07-20 19:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CounterPath Bria 4
2016-08-07 14:22 - 2016-07-17 12:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EMDB
2016-08-07 14:22 - 2016-07-16 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Recorder
2016-08-07 14:22 - 2016-07-16 10:39 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gabriel Denys
2016-08-07 14:22 - 2016-07-16 10:36 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jan Sušnik
2016-08-07 14:22 - 2016-07-16 10:33 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Playlist Creator 3.6.2
2016-08-07 14:22 - 2016-07-16 07:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-08-07 14:22 - 2016-07-15 20:16 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer
2016-08-07 14:22 - 2016-07-05 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-07 14:22 - 2016-06-22 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DoNotSpy10
2016-08-07 14:22 - 2016-06-22 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
2016-08-07 14:22 - 2016-06-22 08:46 - 00000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e
2016-08-07 14:22 - 2016-06-18 23:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avery Zweckform
2016-08-07 14:22 - 2016-06-12 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour-Druckdienste
2016-08-07 14:22 - 2016-06-11 03:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Network Inventory 3
2016-08-07 14:22 - 2016-06-11 03:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Network Monitor 2
2016-08-07 14:22 - 2016-06-11 01:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-08-07 14:22 - 2016-06-01 05:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyMDb
2016-08-07 14:22 - 2016-05-28 10:47 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logitech
2016-08-07 14:22 - 2016-05-27 13:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-08-07 14:22 - 2016-05-23 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016
2016-08-07 14:22 - 2016-05-23 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2016-08-07 14:22 - 2016-05-21 09:19 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2016-08-07 14:22 - 2016-05-21 06:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-08-07 14:22 - 2016-05-21 06:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-08-07 14:22 - 2016-05-21 05:41 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-07 14:22 - 2016-05-21 05:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-07 14:22 - 2016-05-20 21:35 - 00000000 ____D C:\Users\Default.migrated
2016-08-07 14:22 - 2016-05-20 21:32 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2016-08-07 14:22 - 2016-05-20 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Swisscom
2016-08-07 14:22 - 2016-05-20 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-08-07 14:22 - 2016-05-20 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016
2016-08-07 14:20 - 2016-07-24 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2016-08-07 14:20 - 2016-07-17 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2016-08-07 14:20 - 2016-07-17 00:52 - 00000000 ____D C:\WINDOWS\OCR
2016-08-07 14:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-08-07 14:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-07 14:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-08-07 14:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-07 14:20 - 2016-06-22 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2016-08-07 14:20 - 2016-06-12 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2016-08-07 14:20 - 2016-05-27 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-08-07 14:20 - 2016-05-20 21:41 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-08-07 14:20 - 2016-05-20 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2016-08-07 14:19 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-07 14:19 - 2016-07-10 08:42 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2016-08-07 14:19 - 2016-07-01 16:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2016-08-07 14:18 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-07 14:18 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-07 14:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Help
2016-08-07 13:54 - 2016-05-20 21:02 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-07 12:28 - 2016-05-21 05:48 - 00000000 ____D C:\Users\hochs\AppData\Local\Adobe
2016-08-07 09:11 - 2016-05-20 21:30 - 00000000 ____D C:\Users\hochs\AppData\Local\F1E5964B-262A-4856-A13B-52D28ED9F3FF.aplzod
2016-08-07 08:47 - 2016-05-27 13:45 - 00000000 ____D C:\ProgramData\SAMSUNG
2016-08-06 10:21 - 2016-07-05 19:48 - 00000000 ____D C:\ProgramData\Oracle
2016-08-06 10:16 - 2016-07-12 20:23 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-08-06 10:16 - 2016-07-12 20:22 - 00000000 ____D C:\Program Files\Java
2016-08-06 10:16 - 2016-07-05 19:48 - 00000000 ____D C:\Users\hochs\.oracle_jre_usage
2016-08-06 10:16 - 2016-07-05 19:48 - 00000000 ____D C:\Program Files (x86)\Java
2016-08-06 10:15 - 2016-07-05 19:48 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-08-04 18:21 - 2016-05-20 21:26 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-07-31 22:23 - 2016-05-31 18:35 - 00000000 ____D C:\Users\hochs\Documents\Bluetooth Folder
2016-07-31 22:20 - 2016-05-27 19:48 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-31 22:20 - 2016-05-27 19:48 - 00000000 ____D C:\ProgramData\Skype

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-03-26 13:48 - 2015-03-26 13:48 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2016-08-14 15:56 - 2016-08-14 15:56 - 0000022 ___SH () C:\Users\hochs\AppData\Roaming\0BF913075E33065.xrd
2016-08-14 15:56 - 2016-08-14 15:56 - 0000022 ___SH () C:\Users\hochs\AppData\Roaming\App1755 Conf_DB.ind
2016-05-20 21:09 - 2016-05-20 21:09 - 0427224 _____ () C:\ProgramData\1463771146.bdinstall.bin
2016-06-14 18:42 - 2016-06-14 18:42 - 0026778 _____ () C:\ProgramData\1465922534.bdinstall.bin
2016-05-21 06:09 - 2016-05-21 06:09 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0003439 _____ () C:\ProgramData\cfGH0330.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002297 _____ () C:\ProgramData\cfSB1580.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002244 _____ () C:\ProgramData\cfSB1590.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002595 _____ () C:\ProgramData\cfSB1600.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002595 _____ () C:\ProgramData\cfSB1610.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002244 _____ () C:\ProgramData\cfSB1700.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0003582 _____ () C:\ProgramData\cfSB1710.ini
2016-08-07 14:18 - 2016-08-07 14:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-01-26 00:34 - 2016-01-26 00:34 - 0057587 _____ () C:\ProgramData\SBXH7.cfg

Einige Dateien in TEMP:
====================
C:\Users\hochs\AppData\Local\Temp\libeay32.dll
C:\Users\hochs\AppData\Local\Temp\msvcr120.dll
C:\Users\hochs\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-08-19 05:59

==================== Ende von FRST.txt ============================
         

Alt 28.08.2016, 11:04   #2
powerzug
 
Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus - Standard

Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-08-2016
durchgeführt von hochs (28-08-2016 10:49:14)
Gestartet von C:\Users\hochs\Downloads\Programs
Windows 10 Pro Version 1607 (X64) (2016-08-07 12:29:07)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2615813048-3284018108-3599952075-500 - Administrator - Disabled) => C:\Users\Administrator
BitBox (S-1-5-21-2615813048-3284018108-3599952075-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-2615813048-3284018108-3599952075-503 - Limited - Disabled)
Gast (S-1-5-21-2615813048-3284018108-3599952075-501 - Limited - Disabled)
hochs (S-1-5-21-2615813048-3284018108-3599952075-1001 - Administrator - Enabled) => C:\Users\hochs

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.2.2075 - Open Media LLC)
Acronis True Image (HKLM-x32\...\{1D97407D-1C0C-4749-8A57-A57C17C71D45}Visible) (Version: 20.0.5534 - Acronis)
Acronis True Image (x32 Version: 20.0.5534 - Acronis) Hidden
Ad Muncher v4.94.34121 (Free)  (HKLM-x32\...\Ad Muncher) (Version:  - )
adbLink version 2.04 (HKLM-x32\...\{284C09DA-1752-4856-BE41-52D34D3DBD11}_is1) (Version: 2.04 - jocala.com)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.17 - Adobe Systems)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{6E356EEF-203C-451B-9144-CBF099E3738A}) (Version: 4.54.55.1642 - Elcomsoft Co. Ltd.)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Internet Accelerator 3.20 (HKLM-x32\...\Ashampoo Internet Accelerator 3_is1) (Version: 3.2.0 - ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 14 (HKLM-x32\...\{4209F371-DEAB-BE89-2E8A-9643100258DD}_is1) (Version: 14.00.02 - Ashampoo GmbH & Co. KG)
Audials (HKLM-x32\...\{1FB97FD3-587A-41CC-BDE2-1651FDE7008F}) (Version: 14.1.4900.0 - Audials AG)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.26.1436 - Bitdefender)
Bitdefender Total Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.28.1478 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
Bria 4 (HKLM-x32\...\{446E2A79-E395-4FB2-98FE-B39A42153EF0}) (Version: 45.8.1133 - CounterPath Corporation)
Browser in the Box (HKLM-x32\...\BitBox) (Version: 4.3.2-r211 - Sirrix AG)
CamStudio (HKLM-x32\...\CamStudio) (Version:  - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6139 - CDBurnerXP)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.8.9 - Chip Digital GmbH)
Clover 3.0 (HKLM-x32\...\Clover) (Version: 3.0 - EJIE Technology)
cnlabSpeedTest (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\{fxApplication}}_is1) (Version: 1.4.0 - cnlab AG)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\CopyTrans Suite) (Version: 4.010 - WindSolutions)
CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.1713.60 - CyberLink Corp.)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 3.01 - NCH Software)
Design & Print (HKLM-x32\...\Design & Print 3.0.2) (Version: 3.0.2 - Avery Zweckform)
DoNotSpy10 (HKLM-x32\...\{32D066BD-F94C-4948-8FA8-84653EE9617E}_is1) (Version: 1.1.0.0 - pXc-coding.com)
ELAN Touchpad 11.5.21.6_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.21.6 - ELAN Microelectronic Corp.)
EMDB 2.56 (HKLM-x32\...\EMDB_is1) (Version:  - Wicked & Wild Inc.)
Epic Games Launcher (HKLM-x32\...\{C8E7C575-FCFA-46B2-8FC0-E8AC65501350}) (Version: 1.1.78.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.6.2.3 - Telerik)
FileBot (HKLM\...\{3C2F8747-8A77-4CF9-8751-83BEA632F148}) (Version: 4.7 - Reinhard Pointner)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: 5.1.17.4597 - FreeDownloadManager.ORG)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.26.721 - Digital Wave Ltd)
Freemake Video Converter Version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.14.265 - SurfRight B.V.)
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{9086D601-50B7-491D-A143-28193DADE36B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6700 Hilfe (HKLM-x32\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.37 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{724A887F-2B55-4306-B6F9-8F0E7A04B1B5}) (Version: 5.2.2.87 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
IPTV Playlist Editor (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\b5c1fe538a4271cb) (Version: 1.2.0.0 - Jan Sušnik)
iStripper Version 1.2.126 (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\iStripper_is1) (Version: 1.2.126 - Totem Entertainment)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
jv16 PowerTools X (HKLM-x32\...\jv16 PowerTools X) (Version:  - Macecraft Software)
KaraFun Player 2 (HKLM-x32\...\KaraFun Player 2_is1) (Version: 2.2.10.1 - Recisio)
Kodi (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Kodi) (Version:  - XBMC-Foundation)
Kodi M3U IPTV Editor (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\9dd71a3ef5f76512) (Version: 1.3.6.0 - Gabriel Denys)
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.7167.2040 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.3.1 (HKLM-x32\...\{26AC9666-A2C6-4D33-8370-A50F50F277C4}_is1) (Version: 1.3.1 - Sam Rodberg)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)
My Swisscom Assistant (HKLM-x32\...\My Swisscom Assistant) (Version: 2.15.3.2514 - Swisscom (Schweiz) AG)
MyHarmony (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
MyMDb 3.6 (HKLM-x32\...\MyMDb_0) (Version:  - )
MyMDb 3.6 (HKLM-x32\...\MyMDb_1) (Version:  - )
Nero 2016 (HKLM-x32\...\{4297E807-5633-466A-8AC0-5AC48D310471}) (Version: 17.0.02000 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.0.20_Sirrix (HKLM\...\{D5D3DA57-5784-4703-845B-7AC08D13C4DE}) (Version: 5.0.20 - Sirrix AG)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.97.31.0 - Overwolf Ltd.)
Paltalk Messenger  11.7 (HKLM-x32\...\Paltalk Messenger) (Version: 11.7.646.17836 - AVM Software Inc.)
Password Safe and Repository 7 (HKLM\...\{7B6F4DF3-57DA-49AD-8A6B-5639E9D66E8B}) (Version: 7.5.1.2259 - MATESO GmbH)
PeaZip 6.1.0 (WIN64) (HKLM\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: 6.1.0 - Giorgio Tani)
PeaZip configuration (WIN64) (HKLM\...\{4F8D60A8-C53D-47BD-AE5C-31AE6566D638}_is1) (Version:  - Giorgio Tani)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Playlist Creator 3.6.2 (HKLM-x32\...\Playlist Creator 3.6.2) (Version: 3.6.2.0 - oddgravity)
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 3.0.7.0 - Goversoft LLC)
Python 3.5.2 (32-bit) (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\{cf72a2ab-2f1d-49fd-a0d7-1065e6357e1e}) (Version: 3.5.2150.0 - Python Software Foundation)
Python 3.5.2 Core Interpreter (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Development Libraries (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Documentation (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Executables (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 pip Bootstrap (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Standard Library (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Tcl/Tk Support (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Test Suite (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Utility Scripts (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{963ECCDD-F09F-4C24-9367-8B5D748AA7C8}) (Version: 3.5.2121.0 - Python Software Foundation)
Qt (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\{81da7fc6-efa6-4d35-b234-db73874b715f}) (Version: 2.0.3 - The Qt Company Ltd)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros Communications)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
RouterControl 2.0 (HKLM-x32\...\RouterControl) (Version:  - )
RT 7 Lite (64-Bit) (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\RT 7 Lite x64) (Version: 2.6.0 - Rockers Team)
RT 7 Lite x64 (Version: 2.6.0 - Rockers Team) Hidden
Samsung Link 2.0.0.1603091618 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1603091618 - Samsung Electronics Co.,Ltd)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.7 - Samsung Electronics)
Samsung Portable SSD T3 (HKLM-x32\...\Samsung Portable SSD T3_is1) (Version: 1.3 - Samsung Electronics)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
Smart View (HKLM-x32\...\{C7B50A89-F1D6-41C1-9375-0AF0C4CFE66F}) (Version: 1.0.0.0 - Samsung )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Star Downloader Free (HKLM-x32\...\Star Downloader Free) (Version:  - )
Stashimi Stub Installer (x32 Version: 18.001.1 - Nero AG) Hidden
Streaming Video Recorder V5.1.5 (HKLM-x32\...\{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1) (Version: 5.1.5 - APOWERSOFT LIMITED)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.64630 - TeamViewer)
Total Network Inventory 3.2.6 (build 2170) (HKLM-x32\...\Total Network Inventory 3_is1) (Version: 3.2.6 (build 2170) - Softinventive Lab Inc.)
Total Network Monitor 2.2.0 build 5530 (HKLM-x32\...\Total Network Monitor 2_is1) (Version: 2.2.0.5530 - Softinventive Lab Inc.)
Total Recorder 8.6 Standard Edition (HKLM-x32\...\TotalRecorder) (Version:  - )
TraXEx 7.0 (HKLM-x32\...\TraXEx_is1) (Version: 7.0.4.0 - Alexander Miehlke Softwareentwicklung)
Unreal Tournament 3 Black Edition (HKLM-x32\...\Unreal Tournament 3 Black Edition_is1) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WD My Cloud (HKLM\...\{8F19C800-80A5-4636-B560-39A58112D45B}) (Version: 1.0.4.37 - Western Digital Technologies, Inc.)
Web Stream Recorder (HKLM-x32\...\{8AAD9D0F-567C-4F8C-A0DA-1AB5B1243F68}_is1) (Version: 2015 - Bolide Software)
WhatsApp (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\WhatsApp) (Version: 0.2.1455 - WhatsApp)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17349 - Microsoft Corporation)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinSCP 5.9 (HKLM-x32\...\winscp3_is1) (Version: 5.9 - Martin Prikryl)
Wondershare TunesGo Retro ( Version 4.9.4 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 4.9.4 - Wondershare)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.23-0 - Bitnami)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.8.9.20150724 - Xilisoft)
Yahoo Messenger (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\yahoomessenger) (Version: 0.8.267 - Yahoo! Inc)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\hochs\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {014A23F3-4FD2-4CC1-89F5-50C64F67DDA1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {066A3A47-D27F-4DEF-9189-C6FB99B5B162} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [2016-08-23] ()
Task: {0B31C88B-C034-447A-B8E0-8BF61BE68D8C} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-06-16] (Realtek Semiconductor)
Task: {0FA1FC81-0D50-4851-AC9F-2C2EAE5040FA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {194DD19D-B90E-4126-96BD-7E1DDE29E035} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {2151EF65-8E8C-444A-8F75-D90BB06DE0B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-19] (Google Inc.)
Task: {314B3FC5-739D-47A9-8702-E033F3877F43} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-06-16] (Realtek Semiconductor)
Task: {38A9EE0B-8E9C-4A01-82DC-40B6330F693F} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-04-18] (Bitdefender)
Task: {3A2C9311-F1E6-4C8E-BC84-28963425BD13} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {4E1D73B5-F965-479D-97C5-33F034146192} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation)
Task: {52FFA039-7427-4D25-8CED-CBCD652C7577} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-08-14] (Overwolf LTD)
Task: {5AF9AC36-72BD-4969-B753-A860668E308B} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-06-16] (Realtek Semiconductor)
Task: {5BC4ABE8-3F33-480B-9295-269F26798125} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {5C273A34-718A-4DB0-91C6-112B4C8BE155} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe [2016-08-07] (Samsung Electronics)
Task: {62DA9560-171B-40EF-8500-CA0D2108E695} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: {69150610-66DB-492D-AA16-C7922304FAD7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-19] (Google Inc.)
Task: {691BB049-358D-418E-835D-54B7F92C2B96} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {6C75780B-C958-436F-9B36-56BD2DC44DDE} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {78322402-802C-4E32-93A7-8BD20C1A6AD6} - System32\Tasks\IPTV-Aufnahme Teleclub => C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe [2016-01-19] (Apowersoft)
Task: {95397DA6-0DEF-4CC5-B6FA-635F80193EA2} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2016-05-13] (Samsung Electronics.)
Task: {9C507C6A-0B3E-4E9D-87EF-435A16FD9D00} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {B6D11EBB-4770-4E55-B8A2-05125A2D3C70} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation)
Task: {BC66FB7B-8212-43F2-A7CF-B334BAABAF3A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-08-27] (Microsoft Corporation)
Task: {BD932F3F-F960-4A3B-9146-CBF0CEA98DCF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {C21528CB-8193-47C7-A21F-64C9F317D0C2} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe
Task: {C71A9BB8-F2FC-460A-92F8-10CB9CF6954D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {CA58EC51-4051-4FD1-9F64-02DB8C292240} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-06-15] (HP Inc.)
Task: {CB5F307D-E26B-43DC-B54B-8BC1B055C2BC} - System32\Tasks\HPCeeScheduleForhochs => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {E627355A-F73B-4AF5-B3E1-3426007C6138} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {EDD95F92-D0AB-4058-8B1E-94FA1A272854} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-08-27] (Microsoft Corporation)
Task: {F2C68BBE-C583-44A9-8DDF-2EC7450F738A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForhochs.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\hochs\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.html

ShortcutWithArgument: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt\5.7\MinGW 5.3.0 (32-bit)\Qt 5.7 for Desktop (MinGW 5.3.0 32 bit).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /A /Q /K C:\Qt\5.7\mingw53_32\bin\qtenv2.bat
ShortcutWithArgument: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt\5.6\MinGW 4.9.2 (32-bit)\Qt 5.6 for Desktop (MinGW 4.9.2 32 bit).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /A /Q /K C:\Qt\5.6\mingw49_32\bin\qtenv2.bat

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-20 21:07 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2016-05-20 21:07 - 2016-05-09 11:29 - 01006336 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpbr.mdl
2016-05-20 21:07 - 2016-05-09 11:29 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpdsp.mdl
2016-05-20 21:07 - 2016-05-09 11:29 - 03035488 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpph.mdl
2016-05-20 21:07 - 2016-05-09 11:29 - 01541440 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttprbl.mdl
2016-08-28 01:15 - 2016-08-23 20:27 - 00848896 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe
2016-08-28 01:15 - 2016-08-23 20:24 - 00029696 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\WinDivert.dll
2016-08-07 14:18 - 2016-06-03 05:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-25 18:26 - 2016-08-25 18:26 - 06086744 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2016-08-21 14:38 - 2016-08-21 14:38 - 01277688 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2016-05-27 13:45 - 2016-03-09 17:18 - 00025088 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2016-05-27 13:45 - 2016-03-09 17:18 - 02513920 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2016-05-27 13:45 - 2016-03-09 17:18 - 02436096 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-12-21 11:25 - 2013-12-21 11:25 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 11:26 - 2013-12-21 11:26 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 00030720 _____ () C:\WINDOWS\SYSTEM32\MediaDB64.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 00908800 _____ () C:\WINDOWS\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00049152 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00016896 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00058880 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00299520 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2016-05-27 13:45 - 2016-03-09 17:18 - 00049664 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2016-08-20 08:45 - 2016-08-20 08:45 - 00669696 _____ () C:\Windows\Temp\sqlite-3.7.151-amd64-sqlitejdbc.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-07 14:31 - 2016-08-07 14:31 - 00959168 _____ () C:\Users\hochs\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-08-10 05:51 - 2016-08-02 10:15 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2013-09-25 03:04 - 2013-09-25 03:04 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-25 03:01 - 2013-09-25 03:01 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-25 03:08 - 2013-09-25 03:08 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2016-08-28 01:15 - 2016-06-28 19:14 - 02160128 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avformat-57.dll
2016-08-28 01:15 - 2016-06-28 19:14 - 00484352 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avutil-55.dll
2016-08-28 01:15 - 2016-06-28 19:14 - 12621312 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avcodec-57.dll
2016-08-28 01:15 - 2016-06-28 19:14 - 02111488 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avfilter-6.dll
2016-08-28 01:15 - 2016-06-28 19:14 - 00663040 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swscale-4.dll
2016-08-28 01:15 - 2016-06-28 19:14 - 00139264 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swresample-2.dll
2016-08-28 01:15 - 2016-06-28 19:14 - 00071168 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\postproc-54.dll
2016-08-28 01:15 - 2016-08-23 20:24 - 00099328 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winunivappfeatures.dll
2016-08-28 01:15 - 2016-06-28 18:32 - 65771520 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libcef.dll
2016-08-28 01:15 - 2016-06-28 18:32 - 02129920 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libglesv2.dll
2016-08-28 01:15 - 2016-06-28 18:32 - 00087040 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libegl.dll
2016-08-21 15:11 - 2016-08-21 15:11 - 04657312 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2016-08-21 14:28 - 2016-08-21 14:28 - 00586352 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2016-06-09 10:27 - 2016-06-09 10:27 - 04535192 _____ () C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe
2016-08-14 14:22 - 2016-08-10 14:19 - 00075776 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2016-08-21 14:37 - 2016-08-21 14:37 - 01516920 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
2016-08-11 14:29 - 2016-08-11 14:29 - 09729272 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2016-08-27 08:08 - 2016-07-01 09:02 - 00257872 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe
2016-05-20 21:07 - 2016-07-01 16:30 - 00521112 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\intermsec.dll
2016-05-20 21:07 - 2016-04-05 16:31 - 00159232 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\ui\ltr\intermsec.ui
2016-05-20 21:07 - 2016-05-12 17:48 - 00032256 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\lang\de-DE\intermsec.txtui
2016-05-20 21:07 - 2016-05-12 17:48 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\lang\de-DE\bdaphconp.txtui
2016-05-20 21:07 - 2016-07-01 16:30 - 00061392 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bddpsp.dll
2016-08-10 05:51 - 2016-08-02 10:01 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-10 05:51 - 2016-08-02 09:53 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-10 05:51 - 2016-08-02 09:53 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-08-10 05:51 - 2016-08-02 09:54 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-10 05:51 - 2016-08-02 09:56 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-27 07:02 - 2016-07-22 08:26 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-05-27 07:02 - 2016-07-22 08:24 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-05-27 07:02 - 2016-07-22 08:24 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-05-27 07:02 - 2016-07-22 08:24 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-08-21 15:11 - 2016-08-21 15:11 - 03847320 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\atih_mms_addon.dll
2016-08-03 15:47 - 2016-08-03 15:47 - 00685488 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sqlite3.dll
2016-08-21 15:05 - 2016-08-21 15:05 - 20655296 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2016-08-21 14:27 - 2016-08-21 14:27 - 00391088 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2016-07-23 17:15 - 2016-07-23 17:15 - 00129968 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2016-08-11 14:14 - 2016-08-11 14:14 - 00248752 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll
2016-06-14 17:24 - 2016-06-14 17:24 - 00444336 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2016-06-22 09:16 - 2016-06-22 09:16 - 00115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\expat.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-10-22 09:48 - 2013-10-22 09:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 16:38 - 2013-04-19 16:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-10-25 19:49 - 2013-10-25 19:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01041208 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-08-07 08:47 - 2016-05-13 01:35 - 00021600 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 00244536 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-08-18 18:24 - 2016-08-18 18:24 - 01942016 _____ () C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\ffmpeg.dll
2016-08-18 18:24 - 2016-08-18 18:24 - 02196480 _____ () C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\libglesv2.dll
2016-08-18 18:24 - 2016-08-18 18:24 - 00080384 _____ () C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\libegl.dll
2016-08-21 14:27 - 2016-08-21 14:27 - 06068656 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_resources.dll
2016-08-21 14:27 - 2016-08-21 14:27 - 00049072 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2016-07-11 12:34 - 2016-07-11 12:34 - 20925320 _____ () C:\Program Files (x86)\CounterPath\Bria 4\CPCLR.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00047616 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_signals-vc110-mt-1_58.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00016896 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_system-vc110-mt-1_58.dll
2016-07-11 12:13 - 2016-07-11 12:13 - 11112904 _____ () C:\Program Files (x86)\CounterPath\Bria 4\CPCAPI2_SharedLibrary.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00084480 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_thread-vc110-mt-1_58.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00633856 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_regex-vc110-mt-1_58.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00104960 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_filesystem-vc110-mt-1_58.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00041984 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_date_time-vc110-mt-1_58.dll
2016-07-11 12:13 - 2016-07-11 12:13 - 00199168 _____ () C:\Program Files (x86)\CounterPath\Bria 4\G729AsDLL.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00025600 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_chrono-vc110-mt-1_58.dll
2016-03-11 10:54 - 2016-03-11 10:54 - 01006080 _____ () C:\Program Files (x86)\CounterPath\Bria 4\CefSharp.Core.dll
2016-03-11 10:54 - 2016-03-11 10:54 - 53437440 _____ () C:\Program Files (x86)\CounterPath\Bria 4\libcef.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00049424 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_thread-vc90-mt-1_39.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00048400 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_date_time-vc90-mt-1_39.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00068504 _____ () C:\Program Files (x86)\Audials\Audials 2016\CrashRpt.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00618256 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_regex-vc90-mt-1_39.dll
2016-06-09 10:28 - 2016-06-09 10:28 - 00544152 _____ () C:\Program Files (x86)\Audials\Audials 2016\StreamingClient.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00016144 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_system-vc90-mt-1_39.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00340992 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Utils\253112fb994d35639dccd8cfd4d8ea44\Utils.ni.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00549888 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ManagedInterfaces\c2038fe4c76d7c29e7c8c678ce57ce9b\ManagedInterfaces.ni.dll
2016-08-14 01:26 - 2016-08-14 01:26 - 04721664 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\AudialsComponents\0cbf997999fb8e51109670cf37d0e1f5\AudialsComponents.ni.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00774144 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\RSControls\310fef0d63d899fee88ad0282663d230\RSControls.ni.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00177664 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\fastJSON\63dae86ea47483367bae63c22fd55c56\fastJSON.ni.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00062464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CrashHandlerNET\a68af5e6e5d69b9e255d6b41d82c7688\CrashHandlerNET.ni.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00040856 _____ () C:\Program Files (x86)\Audials\Audials 2016\CrashHandlerNET.dll
2016-03-11 10:54 - 2016-03-11 10:54 - 00683520 _____ () C:\Program Files (x86)\CounterPath\Bria 4\CefSharp.BrowserSubprocess.Core.dll
2016-03-11 10:54 - 2016-03-11 10:54 - 01976832 _____ () C:\Program Files (x86)\CounterPath\Bria 4\libglesv2.dll
2016-03-11 10:54 - 2016-03-11 10:54 - 00075264 _____ () C:\Program Files (x86)\CounterPath\Bria 4\libegl.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\Acrotray.deu
2016-08-14 15:18 - 2015-04-28 15:22 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-08-14 15:18 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-06-22 11:27 - 2016-06-22 11:27 - 00217008 _____ () C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\pcs_io.dll
2016-07-02 21:30 - 2016-07-02 21:30 - 00376240 _____ () C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\archive3.dll
2016-03-09 10:28 - 2016-03-09 10:28 - 00042416 _____ () C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\winpthreads4.dll
2016-08-28 09:39 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-08-28 09:39 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-08-28 09:39 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-08-28 09:39 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-08-28 09:39 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2010-12-23 12:06 - 2010-12-23 12:06 - 00028672 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\cx_Logging.pyd
2012-10-27 16:21 - 2012-10-27 16:21 - 00098816 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32api.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00110080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pywintypes27.dll
2012-10-27 16:20 - 2012-10-27 16:20 - 00018432 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32event.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00119808 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32file.pyd
2012-10-27 16:21 - 2012-10-27 16:21 - 00167936 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32gui.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00024064 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32pipe.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00035840 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32process.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00017408 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32profile.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00108544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32security.pyd
2012-10-27 16:21 - 2012-10-27 16:21 - 00022528 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32ts.pyd
2012-10-27 16:22 - 2012-10-27 16:22 - 00364544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pythoncom27.dll
2012-10-27 16:23 - 2012-10-27 16:23 - 00320512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32com.shell.shell.pyd
2014-06-30 17:04 - 2014-06-30 17:04 - 00087552 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ctypes.pyd
2014-06-30 17:04 - 2014-06-30 17:04 - 00715264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_hashlib.pyd
2014-06-30 17:03 - 2014-06-30 17:03 - 00046080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_socket.pyd
2014-06-30 17:04 - 2014-06-30 17:04 - 01160704 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ssl.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00025600 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32cred.pyd
2014-04-14 16:06 - 2014-04-14 16:06 - 00055510 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pacparser._pacparser.pyd
2014-04-14 16:06 - 2014-04-14 16:06 - 00976827 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pacparser.dll
2012-10-27 16:20 - 2012-10-27 16:20 - 00011264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32crypt.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00064512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32net.pyd
2014-02-15 16:29 - 2014-02-15 16:29 - 01853440 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\PySide.QtCore.pyd
2014-02-15 16:25 - 2014-02-15 16:25 - 00110592 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pyside-python2.7.dll
2014-02-15 16:24 - 2014-02-15 16:24 - 00108544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\shiboken-python2.7.dll
2014-02-15 16:47 - 2014-02-15 16:47 - 06947328 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\PySide.QtGui.pyd
2016-08-06 18:49 - 2015-03-27 18:24 - 38713856 _____ () C:\Program Files (x86)\Paltalk Messenger\libcef.dll
2016-08-06 18:49 - 2016-06-02 00:06 - 02226688 _____ () C:\Program Files (x86)\Paltalk Messenger\Images.dll
2016-08-26 16:02 - 2016-08-26 16:02 - 01114136 _____ () C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe:BDU [0]
AlternateDataStreams: C:\ProgramData\TEMP:D31D1159 [148]
AlternateDataStreams: C:\Users\hochs\Downloads\4kvideodownloader_4.1.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\ashampoo_winoptimizer_14_e14.00.02_sm.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\da9e.tmp:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\IDM_Pre (1).exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\IDM_Pre.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\Nicht bestätigt 426776.crdownload:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\Nicht bestätigt 72968.crdownload:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\Nicht bestätigt 790328.crdownload:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\sdfree.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\SlimDrivers-setup.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7914 mehr Seiten.

IE trusted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7914 mehr Seiten.

IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-500\...\123simsen.com -> www.123simsen.com

Da befinden sich 7914 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 07:48 - 2016-08-28 09:46 - 00894386 ____R C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1	localhost
127.0.0.1	local

Da befinden sich 29468 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2615813048-3284018108-3599952075-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{B4E61C76-7673-488F-A116-49FCE5D5562C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{1ACFA3B3-DFF8-4530-8B59-132842D75DD0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C5918D25-ACC2-4745-BE52-06B22FAF943E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F5A95913-3636-4E67-89AB-D9161B718754}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E60F03FC-5F55-4EEA-A53B-C707E1158D5F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

26-08-2016 15:38:19 Geplanter Prüfpunkt
28-08-2016 09:55:31 Installed Oracle VM VirtualBox 5.0.20_Sirrix

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Killer Wireless-N 1202 Network Adapter
Description: Killer Wireless-N 1202 Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/28/2016 10:40:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (08/28/2016 10:40:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (08/28/2016 10:40:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (08/28/2016 10:39:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (08/28/2016 10:38:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (08/28/2016 10:38:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (08/28/2016 10:37:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (08/28/2016 10:37:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (08/28/2016 10:37:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (08/28/2016 10:36:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.


Systemfehler:
=============
Error: (08/28/2016 09:33:06 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/28/2016 09:33:06 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/28/2016 09:33:05 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/28/2016 09:32:58 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (08/28/2016 09:32:58 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (08/28/2016 09:32:38 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst VSSERV erreicht.

Error: (08/28/2016 09:32:05 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GBIJB17)
Description: {CEFF45EE-C862-41DE-AEE2-A022C81EDA92}

Error: (08/28/2016 09:30:43 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/28/2016 09:30:43 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/28/2016 09:30:37 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 32717.54 MB
Verfügbarer physikalischer RAM: 26538.31 MB
Summe virtueller Speicher: 32917.54 MB
Verfügbarer virtueller Speicher: 25158.32 MB

==================== Laufwerke ================================

Drive c: (Windows 10 ) (Fixed) (Total:380.77 GB) (Free:73.91 GB) NTFS
Drive d: () (Fixed) (Total:931.39 GB) (Free:103.29 GB) NTFS
Drive w: (web) (Network) (Total:1829.25 GB) (Free:651.89 GB) NTFS
Drive x: (TV Recording) (Network) (Total:1829.25 GB) (Free:651.89 GB) NTFS
Drive y: (Videos) (Network) (Total:3663.13 GB) (Free:3160.3 GB) NTFS
Drive z: (video) (Network) (Total:1829.25 GB) (Free:651.89 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: 5B98F280)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
__________________


Alt 30.08.2016, 08:09   #3
Deathkid535
/// Malwareteam
 
Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus - Standard

Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus





Mein Name ist Dennis und ich werde dir bei der Bereinigung helfen.

Bitte beachte, dass es ein paar Regeln gibt:
  • Bitte lies meine Posts komplett durch bevor du sie abarbeitest
  • Wenn ein Problem auftauchen sollte, unterbreche deine Arbeit, poste die entstandenen Logs und schildere dieses so genau wie möglich.
  • Bitte kein Crossposting
  • Installiere oder Deinstalliere keine Software ohne Aufforderung
  • Bitte verwende nur die Tools welche hier im Thread erwähnt werden
  • Antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
  • Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen

Sollte ich nicht innerhalb von 48h antworten, schreibe mir eine PM!

Posten in CODE-Tags

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.


Los gehts!

Das erste FRST-Log ist nicht vollständig.

Spybot Search and Destroy würde ich jetzt nicht unbedingt empfehlen.



Schritt # 1: TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.


Schritt # 2: Bitte Posten
  • Das Log von TDSS Killer
__________________
__________________

Alt 03.09.2016, 08:37   #4
powerzug
 
Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus - Standard

Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus



Lieber Dennis

Hier das Logfile von TSKILLER 1. Teil

Code:
ATTFilter
09:22:54.0268 0x6b784  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
09:22:54.0268 0x6b784  UEFI system
09:22:57.0309 0x6b784  ============================================================
09:22:57.0309 0x6b784  Current date / time: 2016/09/03 09:22:57.0309
09:22:57.0310 0x6b784  SystemInfo:
09:22:57.0310 0x6b784  
09:22:57.0310 0x6b784  OS Version: 10.0.14393 ServicePack: 0.0
09:22:57.0310 0x6b784  Product type: Workstation
09:22:57.0310 0x6b784  ComputerName: DESKTOP-GBIJB17
09:22:57.0310 0x6b784  UserName: admin
09:22:57.0311 0x6b784  Windows directory: C:\WINDOWS
09:22:57.0311 0x6b784  System windows directory: C:\WINDOWS
09:22:57.0311 0x6b784  Running under WOW64
09:22:57.0311 0x6b784  Processor architecture: Intel x64
09:22:57.0311 0x6b784  Number of processors: 8
09:22:57.0311 0x6b784  Page size: 0x1000
09:22:57.0311 0x6b784  Boot type: Normal boot
09:22:57.0311 0x6b784  CodeIntegrityOptions = 0x00000001
09:22:57.0311 0x6b784  ============================================================
09:22:57.0409 0x6b784  KLMD registered as C:\WINDOWS\system32\drivers\01324397.sys
09:22:57.0409 0x6b784  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.82, osProperties = 0x19
09:22:57.0555 0x6b784  System UUID: {002C4BDC-1A3F-BA68-F7C2-FC488927941E}
09:22:58.0029 0x6b784  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:22:58.0029 0x6b784  Drive \Device\Harddisk1\DR1 - Size: 0x773C256000 ( 476.94 Gb ), SectorSize: 0x200, Cylinders: 0xF334, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:22:58.0065 0x6b784  ============================================================
09:22:58.0066 0x6b784  \Device\Harddisk0\DR0:
09:22:58.0066 0x6b784  GPT partitions:
09:22:58.0066 0x6b784  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {0F8ADA34-56F9-4300-BCCB-BE087D1D0DFD}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
09:22:58.0066 0x6b784  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C1A65E69-8C24-4562-8C4B-6AE577730CB0}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746C6000
09:22:58.0066 0x6b784  MBR partitions:
09:22:58.0066 0x6b784  \Device\Harddisk1\DR1:
09:22:58.0066 0x6b784  GPT partitions:
09:22:58.0067 0x6b784  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {22A35F56-058F-4F85-B0DA-971E23248B92}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
09:22:58.0067 0x6b784  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {286A3D8A-EB66-4C20-B03D-4FD9622524A8}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x32000
09:22:58.0067 0x6b784  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E233DDD9-35E4-4C1B-B2C4-911C1F1BC446}, Name: Microsoft reserved partition, StartLBA 0xC8800, BlocksNum 0x40000
09:22:58.0067 0x6b784  \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2196C8DD-49A6-40B0-8B17-2B54BC5B3E1E}, Name: , StartLBA 0x108800, BlocksNum 0x2F98AFFD
09:22:58.0067 0x6b784  \Device\Harddisk1\DR1\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {715E91B4-AC5E-4C79-B199-17AC748DE4A5}, Name: , StartLBA 0x2FA93800, BlocksNum 0xE1000
09:22:58.0067 0x6b784  \Device\Harddisk1\DR1\Partition6: GPT, TypeGUID: {0FC63DAF-8483-4772-8E79-3D69D8477DE4}, UniqueGUID: {7588D454-8CF2-459A-9CD4-1E8A4D718B48}, Name: , StartLBA 0x2FB74800, BlocksNum 0x7E86000
09:22:58.0067 0x6b784  \Device\Harddisk1\DR1\Partition7: GPT, TypeGUID: {0657FD6D-A4AB-43C4-84E5-0933C84B4F4F}, UniqueGUID: {D978BBAB-B2AB-4C9F-BA9F-142148D03BCA}, Name: , StartLBA 0x379FA800, BlocksNum 0x3FE6800
09:22:58.0067 0x6b784  MBR partitions:
09:22:58.0067 0x6b784  ============================================================
09:22:58.0068 0x6b784  C: <-> \Device\Harddisk1\DR1\Partition4
09:22:58.0071 0x6b784  D: <-> \Device\Harddisk0\DR0\Partition2
09:22:58.0071 0x6b784  ============================================================
09:22:58.0071 0x6b784  Initialize success
09:22:58.0071 0x6b784  ============================================================
09:23:22.0934 0x6b560  ============================================================
09:23:22.0934 0x6b560  Scan started
09:23:22.0935 0x6b560  Mode: Manual; SigCheck; TDLFS; 
09:23:22.0935 0x6b560  ============================================================
09:23:22.0935 0x6b560  KSN ping started
09:23:22.0974 0x6b560  KSN ping finished: true
09:23:26.0345 0x6b560  ================ Scan system memory ========================
09:23:26.0346 0x6b560  System memory - ok
09:23:26.0346 0x6b560  ================ Scan services =============================
09:23:26.0376 0x6b560  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
09:23:26.0415 0x6b560  1394ohci - ok
09:23:26.0423 0x6b560  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
09:23:26.0435 0x6b560  3ware - ok
09:23:26.0449 0x6b560  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
09:23:26.0476 0x6b560  ACPI - ok
09:23:26.0480 0x6b560  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
09:23:26.0494 0x6b560  AcpiDev - ok
09:23:26.0500 0x6b560  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
09:23:26.0513 0x6b560  acpiex - ok
09:23:26.0517 0x6b560  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
09:23:26.0529 0x6b560  acpipagr - ok
09:23:26.0533 0x6b560  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
09:23:26.0547 0x6b560  AcpiPmi - ok
09:23:26.0551 0x6b560  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
09:23:26.0564 0x6b560  acpitime - ok
09:23:26.0592 0x6b560  [ 3B4FDD0E324492636F5E093A32718E8F, 971F5B42BDCA6BCFA3D36761F65C62625BDAF109812D819702AB8ACE811A99E5 ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
09:23:26.0624 0x6b560  AcrSch2Svc - ok
09:23:26.0631 0x6b560  [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:23:26.0639 0x6b560  AdobeARMservice - ok
09:23:26.0656 0x6b560  [ 32B31B696CB8E8F380831DFEB80A67E4, 8C8F6E16F2FB3E8F10569261B7712BBC931A2924B6C27D561E7F828041C4F3E6 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:23:26.0669 0x6b560  AdobeFlashPlayerUpdateSvc - ok
09:23:26.0694 0x6b560  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
09:23:26.0728 0x6b560  ADP80XX - ok
09:23:26.0845 0x6b560  [ 276E1A64159AB954C8C0DE9E73028AF7, F305E2BF794AAAAB27607D052255646747BBF45AF89723816F440B5D72968E37 ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
09:23:26.0971 0x6b560  afcdpsrv - ok
09:23:26.0990 0x6b560  [ 983266DA83FFF73DBDDD3730A4712228, 433A2731DAC687C52FB7E23093B8E11D92CCCF4C35B493D73AC30C6A4A6D2A6C ] AFD             C:\WINDOWS\system32\drivers\afd.sys
09:23:27.0012 0x6b560  AFD - ok
09:23:27.0056 0x6b560  [ E20C1118524DF19945BCD83A3843E8CF, 90C87096E9E2595DAA503CFD9C24D7D8F9CB2D567ACAB06FBF5527C8A6059409 ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
09:23:27.0102 0x6b560  AGSService - ok
09:23:27.0112 0x6b560  [ E44DB3F7225EC3E119560738B3619972, 32946FBC2BD74072F22E48D769A034183F6C3728FCCC3CF0DD561602511E39B2 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
09:23:27.0130 0x6b560  ahcache - ok
09:23:27.0134 0x6b560  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
09:23:27.0144 0x6b560  AJRouter - ok
09:23:27.0149 0x6b560  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\WINDOWS\System32\alg.exe
09:23:27.0164 0x6b560  ALG - ok
09:23:27.0174 0x6b560  [ 5EE5E5DF9E92B3A5581B9DE7DCC05972, 6AD4D98F00C2B454807450EDB9ED3545BA91B608A853A59BDE7282808CBFF6B0 ] AllShare Framework DMS C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
09:23:27.0192 0x6b560  AllShare Framework DMS - detected UnsignedFile.Multi.Generic ( 1 )
09:23:27.0225 0x6b560  Detect skipped due to KSN trusted
09:23:27.0225 0x6b560  AllShare Framework DMS - ok
09:23:27.0230 0x6b560  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
09:23:27.0244 0x6b560  AmdK8 - ok
09:23:27.0249 0x6b560  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
09:23:27.0263 0x6b560  AmdPPM - ok
09:23:27.0268 0x6b560  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
09:23:27.0278 0x6b560  amdsata - ok
09:23:27.0286 0x6b560  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
09:23:27.0304 0x6b560  amdsbs - ok
09:23:27.0308 0x6b560  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
09:23:27.0317 0x6b560  amdxata - ok
09:23:27.0339 0x6b560  [ 6AFF881E38E4C984131358A0F215401F, C26E5715E62BAED5FEA4EB0110975A3C9A235D93F0F3408D418BBCCFCFA36BCB ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
09:23:27.0373 0x6b560  AntiVirMailService - ok
09:23:27.0386 0x6b560  [ AC0A0FDFB1C1FC25B9455C1C710A28DA, 2B007C8DD3F490EC6B3FFC2453C0C88344C2E08626992C84FCC6F1065404B8E5 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
09:23:27.0402 0x6b560  AntiVirSchedulerService - ok
09:23:27.0413 0x6b560  [ AC0A0FDFB1C1FC25B9455C1C710A28DA, 2B007C8DD3F490EC6B3FFC2453C0C88344C2E08626992C84FCC6F1065404B8E5 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
09:23:27.0426 0x6b560  AntiVirService - ok
09:23:27.0454 0x6b560  [ DFAA497B31EB75657F90017D67588DB5, 022E02E5A663B622E07CA17498CEDCA568CE2F593569D6CD88831D5C2111F0EB ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
09:23:27.0489 0x6b560  AntiVirWebService - ok
09:23:27.0493 0x6b560  [ 4542CC17440E85D2D2D73A7D40FAED0A, F157F9A137DEACFC5A1A982265F5CE05A79C0CF8F13291773E2351BEFCB94E08 ] Apowersoft_AudioDevice C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys
09:23:27.0501 0x6b560  Apowersoft_AudioDevice - ok
09:23:27.0506 0x6b560  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\WINDOWS\system32\drivers\appid.sys
09:23:27.0520 0x6b560  AppID - ok
09:23:27.0526 0x6b560  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
09:23:27.0543 0x6b560  AppIDSvc - ok
09:23:27.0548 0x6b560  [ 008E4CCA7A4B33042276061E0A5B8244, DAD980540B564EFA06760435AF1B3213056E6DE8B2A55DF98E7D871625D4B080 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
09:23:27.0564 0x6b560  Appinfo - ok
09:23:27.0570 0x6b560  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:23:27.0577 0x6b560  Apple Mobile Device Service - ok
09:23:27.0580 0x6b560  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
09:23:27.0595 0x6b560  applockerfltr - ok
09:23:27.0602 0x6b560  [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
09:23:27.0618 0x6b560  AppMgmt - ok
09:23:27.0630 0x6b560  [ 41BF82B41BD24BAC9D9890DAC3212007, 0644BEE740244188B3D39F875D313B560D288B7FC33064E352C2A5F09073E361 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
09:23:27.0663 0x6b560  AppReadiness - ok
09:23:27.0682 0x6b560  [ 1C37C4C7172DFF2B1824F063C4527E71, 9F3C3906CB71A8AD5C63F12A9CC2495BE062366E136D389FCBCF5F40AFA7DEAB ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
09:23:27.0708 0x6b560  AppVClient - ok
09:23:27.0713 0x6b560  [ FC51FBAF73621601693DA24262353DE3, 147A5F185724E76C7E4EC6FA829A0311773B6A77B8F0A7953C1E6073AD5F4F94 ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
09:23:27.0726 0x6b560  AppvStrm - ok
09:23:27.0732 0x6b560  [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
09:23:27.0743 0x6b560  AppvVemgr - ok
09:23:27.0749 0x6b560  [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
09:23:27.0761 0x6b560  AppvVfs - ok
09:23:27.0804 0x6b560  [ 757646A22C2E9BC21E6A50842FE79139, 6AEBD3486F79C55154D677204D0CCB8179DAFC90941A743D277B44C1EED9DB12 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
09:23:27.0892 0x6b560  AppXSvc - ok
09:23:27.0900 0x6b560  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
09:23:27.0910 0x6b560  arcsas - ok
09:23:27.0914 0x6b560  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
09:23:27.0926 0x6b560  AsyncMac - ok
09:23:27.0929 0x6b560  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
09:23:27.0941 0x6b560  atapi - ok
09:23:27.0947 0x6b560  [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort       C:\WINDOWS\system32\DRIVERS\btath_flt.sys
09:23:27.0954 0x6b560  AthBTPort - ok
09:23:27.0962 0x6b560  [ 18BDDA150B814F6EC8477499470F76CE, FD78EFC593288FE4F41ADBEBFF0DAB00C0DF0D3802BBD7B41DCCBFF8C5BF5525 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
09:23:27.0980 0x6b560  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:23:28.0013 0x6b560  Detect skipped due to KSN trusted
09:23:28.0013 0x6b560  AtherosSvc - ok
09:23:28.0087 0x6b560  [ 9E6592755C8A8C2C716FBC36D49D7D43, 51A86935971D2E62E8902769B503201C4FA69E08C822B66DBDDD3A42585BABE2 ] athr            C:\WINDOWS\System32\drivers\athw10x.sys
09:23:28.0178 0x6b560  athr - ok
09:23:28.0191 0x6b560  [ 5D637DF654D6386487876ADF5AF301B3, 7B53356237369D892F5BBEA9C967B20DCA40FA2B6B3C5AF7A4304FFD00DF1BFC ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
09:23:28.0212 0x6b560  AudioEndpointBuilder - ok
09:23:28.0229 0x6b560  [ 57CEE51D9D84870F93D404302705A054, 14364B9798E9FE3F8A42109D749804795FA507C1A7D535DC17876ECCD47644E9 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
09:23:28.0272 0x6b560  Audiosrv - ok
09:23:28.0279 0x6b560  [ AA0F13E719C3C527287AD87E9205F4D9, 818AB6B2B9AF0ABA28954A142527CE71C25CC24DDC64581EF7117CA88C6CF302 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
09:23:28.0287 0x6b560  avgntflt - ok
09:23:28.0294 0x6b560  [ 9039B209BA877AF088288DB83C18D3D8, 11EC0E195A735A7599C74DD25A00F86BD44AEBAE6C20D9A995DCEB252887679E ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
09:23:28.0304 0x6b560  avipbb - ok
09:23:28.0312 0x6b560  [ A177265C1777ABE56B22D921F91DDC38, D4E9C5BFC65063EDA015723058805B03C51F5B7456B404A4548CEC8DF6A3F7B7 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
09:23:28.0323 0x6b560  Avira.ServiceHost - ok
09:23:28.0331 0x6b560  [ 6F08E7D6AA35DD33EC1026A809D55166, 51D2C63319522CA96D61F9722DF4E4852176F39230A3A2DE96CECE5EE99D6629 ] AviraPhantomVPN C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
09:23:28.0341 0x6b560  AviraPhantomVPN - ok
09:23:28.0344 0x6b560  [ F830C969F1F1ACBBA8C862F9A196C7B3, F64DCC79EBD2272F08C1A25F205F9B1C92629943F089ECA4DFB3FC44D0961B9F ] AviraUpdaterService C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
09:23:28.0352 0x6b560  AviraUpdaterService - ok
09:23:28.0356 0x6b560  [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
09:23:28.0365 0x6b560  avkmgr - ok
09:23:28.0370 0x6b560  [ 899D89FDF015BBAF628076987D74C295, 7534A10F652FBE559431B9B1C6BC13874E8BC7438D7AFD7553F96811FD3E59BD ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
09:23:28.0377 0x6b560  avnetflt - ok
09:23:28.0382 0x6b560  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
09:23:28.0399 0x6b560  AxInstSV - ok
09:23:28.0411 0x6b560  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
09:23:28.0432 0x6b560  b06bdrv - ok
09:23:28.0436 0x6b560  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
09:23:28.0450 0x6b560  BasicDisplay - ok
09:23:28.0453 0x6b560  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
09:23:28.0465 0x6b560  BasicRender - ok
09:23:28.0470 0x6b560  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
09:23:28.0481 0x6b560  bcmfn - ok
09:23:28.0485 0x6b560  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
09:23:28.0496 0x6b560  bcmfn2 - ok
09:23:28.0505 0x6b560  [ D4EFDA0D56429018281F8F3188E6F86C, 020B861338BAF8E2A861CA1D2D22640CCD39BA84F18260F9862F7E3AC5014985 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
09:23:28.0529 0x6b560  BDESVC - ok
09:23:28.0533 0x6b560  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
09:23:28.0546 0x6b560  Beep - ok
09:23:28.0562 0x6b560  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\WINDOWS\System32\bfe.dll
09:23:28.0600 0x6b560  BFE - ok
09:23:28.0617 0x6b560  [ DEEDB9C7504B423FFA3AEFF986A687B0, 96E7F43D0A18AEF6C7FEACCE0D26AD49B47C0DF90B9D9503F567D782777977BD ] BitBoxService   C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe
09:23:28.0643 0x6b560  BitBoxService - detected UnsignedFile.Multi.Generic ( 1 )
09:23:28.0681 0x6b560  Detect skipped due to KSN trusted
09:23:28.0681 0x6b560  BitBoxService - ok
09:23:28.0702 0x6b560  [ BC27BF1FCD63540A194E549FB80C9C8D, E0D698201AC00BA8A8D8E2B19FAAB6DD0488E837EDB011943ACAD5E72EF281DA ] BITS            C:\WINDOWS\System32\qmgr.dll
09:23:28.0748 0x6b560  BITS - ok
09:23:28.0761 0x6b560  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:23:28.0773 0x6b560  Bonjour Service - ok
09:23:28.0779 0x6b560  [ EEBFAEB4702E1049ECD44B10485E6C0C, 8F4D31E36717101B6172D7346E86EBC77B9CDAA5CC14AA1379661C16A7FF05E2 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
09:23:28.0792 0x6b560  bowser - ok
09:23:28.0810 0x6b560  [ 78C35DD7CF780428650B1EE9B0F8D41E, C5A3111383CD9813A4ED33E244E20E2E0607CDEFC5BF00A760F63DAD019EE90E ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
09:23:28.0843 0x6b560  BrokerInfrastructure - ok
09:23:28.0850 0x6b560  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\WINDOWS\System32\browser.dll
09:23:28.0865 0x6b560  Browser - ok
09:23:28.0875 0x6b560  [ 4DCAF7A846AAABA6D3565F827A917576, 543D6436283C315103BDE557794A740D61A3BEA773D8CD413143F801E94955B9 ] BTATH_A2DP      C:\WINDOWS\system32\drivers\btath_a2dp.sys
09:23:28.0886 0x6b560  BTATH_A2DP - ok
09:23:28.0891 0x6b560  [ 1D175D11CEC6B7D4C53CBA1CFFC126E8, 38170E4616140CF68D8C59EC4D478E5AF76642A3CA00E4DB7EB019AD23147051 ] btath_avdt      C:\WINDOWS\system32\drivers\btath_avdt.sys
09:23:28.0898 0x6b560  btath_avdt - ok
09:23:28.0902 0x6b560  [ 32507307D899CDCA4173F210BC70A796, DFA643BEB06C672EDBDB4333040CE49A31E82EA026D5ACCACBD9ABBED11BF8CA ] BTATH_BUS       C:\WINDOWS\system32\drivers\btath_bus.sys
09:23:28.0913 0x6b560  BTATH_BUS - ok
09:23:28.0919 0x6b560  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\WINDOWS\System32\drivers\btath_hcrp.sys
09:23:28.0928 0x6b560  BTATH_HCRP - ok
09:23:28.0932 0x6b560  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
09:23:28.0938 0x6b560  BTATH_LWFLT - ok
09:23:28.0943 0x6b560  [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP       C:\WINDOWS\System32\drivers\btath_rcp.sys
09:23:28.0951 0x6b560  BTATH_RCP - ok
09:23:28.0965 0x6b560  [ CD5B031E0A313CCFF6DCF54E9F732FF7, FD07B233943902E3A10EAEF1D76C703E8365A9CD60C60BB4786F85E8663560FA ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
09:23:28.0986 0x6b560  BtFilter - ok
09:23:28.0991 0x6b560  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
09:23:29.0002 0x6b560  BthAvrcpTg - ok
09:23:29.0008 0x6b560  [ FF218FBB511B733F8A6829FB17CA972D, 05BB1C3BFE189549E78A02C5C0C0C832C248680668D821F92FE7B6B39DC111A0 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
09:23:29.0021 0x6b560  BthEnum - ok
09:23:29.0025 0x6b560  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
09:23:29.0039 0x6b560  BthHFEnum - ok
09:23:29.0042 0x6b560  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
09:23:29.0054 0x6b560  bthhfhid - ok
09:23:29.0062 0x6b560  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
09:23:29.0083 0x6b560  BthHFSrv - ok
09:23:29.0090 0x6b560  [ 8EDA0733FF6266C2FB26BCE0B4AA8B15, F60BE5630EE714B718233933DC6101130DF672A01F99C7389D0708BC00E8D5DF ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
09:23:29.0110 0x6b560  BthLEEnum - ok
09:23:29.0114 0x6b560  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
09:23:29.0126 0x6b560  BTHMODEM - ok
09:23:29.0132 0x6b560  [ D2A121586B660311B09964D2A6DDF864, 539953D953D40014366918BB38FADD3F21417EF8ADA532E1ABD1824949B952D4 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
09:23:29.0145 0x6b560  BthPan - ok
09:23:29.0166 0x6b560  [ E465D7F6F3E4CA9F0E5FB6FD346F2F3D, 8F01051202903E8E16A6AE42B3F5F900C4D0B021311AE44225E8D11BE48DB129 ] BTHPORT         C:\WINDOWS\system32\DRIVERS\BTHport.sys
09:23:29.0204 0x6b560  BTHPORT - ok
09:23:29.0212 0x6b560  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\WINDOWS\system32\bthserv.dll
09:23:29.0226 0x6b560  bthserv - ok
09:23:29.0231 0x6b560  [ 7E844E3B520CA7873674D36286BC380F, 8B2A079B59625754D4CDFC486FC606B036B063DB382F6449A0CB69C5675F7A8A ] BTHUSB          C:\WINDOWS\system32\DRIVERS\BTHUSB.sys
09:23:29.0244 0x6b560  BTHUSB - ok
09:23:29.0249 0x6b560  [ 5A458422B4312BAEEFA3E64D321596E6, 1213D86B9B6FBB1414D1D3E5F4B0ED0C68D05EB98C902395AB0F0FC3D8A29AD5 ] busenum         C:\WINDOWS\System32\drivers\busenum.sys
09:23:29.0256 0x6b560  busenum - ok
09:23:29.0259 0x6b560  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
09:23:29.0271 0x6b560  buttonconverter - ok
09:23:29.0277 0x6b560  [ 4C61113687EB66035A70A55EE9B7DB4A, 3339821A3853B90F3B468470493A813053D82014E2677E726C16E19AABE2A440 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
09:23:29.0292 0x6b560  CapImg - ok
09:23:29.0296 0x6b560  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
09:23:29.0310 0x6b560  cdfs - ok
09:23:29.0320 0x6b560  [ 7AD576CF28F1E7AEFC3D6E8279DF84F6, 1F7E26F9354B543881E940F5183086AC00684CDC0AB7A797E1F0AB21C4AD8716 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
09:23:29.0349 0x6b560  CDPSvc - ok
09:23:29.0358 0x6b560  [ 0415CA08674F64D63329CB51D4004685, 12F3AB9A263F2E131F4969E6CED2AE6DD7AF06C10AF02923256FF4C9E34698BF ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
09:23:29.0380 0x6b560  CDPUserSvc - ok
09:23:29.0388 0x6b560  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
09:23:29.0405 0x6b560  cdrom - ok
09:23:29.0412 0x6b560  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
09:23:29.0433 0x6b560  CertPropSvc - ok
09:23:29.0437 0x6b560  [ CF3FFDA7B06A62DC018AFF75B4749FF4, B9ECE0A37CA4A389114737EADF68334DBF6A77214E8794ADFC6F83AD42F90D56 ] chip1click      C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
09:23:29.0445 0x6b560  chip1click - detected UnsignedFile.Multi.Generic ( 1 )
09:23:29.0546 0x6b560  chip1click ( UnsignedFile.Multi.Generic ) - warning
09:23:29.0638 0x6b560  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
09:23:29.0656 0x6b560  cht4iscsi - ok
09:23:29.0696 0x6b560  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
09:23:29.0749 0x6b560  cht4vbd - ok
09:23:29.0756 0x6b560  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
09:23:29.0768 0x6b560  circlass - ok
09:23:29.0776 0x6b560  [ 09D0B94D3A06EFD1EB70189EC4B26DF7, 47E73C536C63F4C21E4ADBB122A152D3A291CF4EDD4CB4D07D09D14E1A9961F1 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
09:23:29.0794 0x6b560  CLFS - ok
09:23:29.0811 0x6b560  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
09:23:29.0837 0x6b560  ClipSVC - ok
09:23:29.0845 0x6b560  [ 6DAB146CFE7B5EE2A691F1139AD570E6, 9D252E7A3906F28A197A1F4243D59DA82FE51F526F39C55635D9BBE30AB5191A ] Cloud Station Backup VSS Service x64 C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
09:23:29.0857 0x6b560  Cloud Station Backup VSS Service x64 - ok
09:23:29.0865 0x6b560  [ 45D908483D6BDE0B618E0351EBB29973, 2B8F884663C8AB07F0CAE606C8BC3DEC9D961AC1EE1B78E7832CCF6164C431EF ] Cloud Station Drive VSS Service x64 C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
09:23:29.0875 0x6b560  Cloud Station Drive VSS Service x64 - ok
09:23:29.0880 0x6b560  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
09:23:29.0894 0x6b560  clreg - ok
09:23:29.0905 0x6b560  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
09:23:29.0918 0x6b560  CmBatt - ok
09:23:29.0931 0x6b560  [ 3E502EB1701CF54CF237B6250FBE38EA, E63F6F45D3990ACBCA96003F67C83697BA5B74B89F972C5E9CC45F90D05519FF ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
09:23:29.0955 0x6b560  CNG - ok
09:23:29.0959 0x6b560  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
09:23:29.0969 0x6b560  cnghwassist - ok
09:23:29.0979 0x6b560  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
09:23:29.0990 0x6b560  CompositeBus - ok
09:23:29.0993 0x6b560  COMSysApp - ok
09:23:29.0997 0x6b560  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
09:23:30.0008 0x6b560  condrv - ok
09:23:30.0023 0x6b560  [ 9CE94A05A5BA6A92013CAD1B924B1EC2, 19ECE2C607BAE5DCE7ED4AB46722E63EF834B219716F3A90AF661C02B58088C4 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
09:23:30.0050 0x6b560  CoreMessagingRegistrar - ok
09:23:30.0058 0x6b560  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
09:23:30.0078 0x6b560  CryptSvc - ok
09:23:30.0091 0x6b560  [ 03214883D52FAD46573233852344C72C, 63DCCDD895EB804D205ABB8EA381B34FB0879D09E4D0EB0B28F9B2BB1024BAB7 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
09:23:30.0121 0x6b560  CSC - ok
09:23:30.0136 0x6b560  [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService      C:\WINDOWS\System32\cscsvc.dll
09:23:30.0168 0x6b560  CscService - ok
09:23:30.0173 0x6b560  [ 68B1E0DA1BB1680494227E88CE821E2F, DE9AFCE4CC28F3484180D6A63FBBDA5B89F208E056BD17870C074094159ED6AF ] dam             C:\WINDOWS\system32\drivers\dam.sys
09:23:30.0182 0x6b560  dam - ok
09:23:30.0202 0x6b560  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
09:23:30.0244 0x6b560  DcomLaunch - ok
09:23:30.0251 0x6b560  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
09:23:30.0272 0x6b560  DcpSvc - ok
09:23:30.0285 0x6b560  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
09:23:30.0315 0x6b560  defragsvc - ok
09:23:30.0327 0x6b560  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
09:23:30.0352 0x6b560  DeviceAssociationService - ok
09:23:30.0357 0x6b560  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
09:23:30.0380 0x6b560  DeviceInstall - ok
09:23:30.0384 0x6b560  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
09:23:30.0396 0x6b560  DevQueryBroker - ok
09:23:30.0402 0x6b560  [ 7EAFDEF51136E8F2452CEBD8D084F108, 88609DCB578D14BEBF7CF3C4D300FE2440BA0CF95189969247AB516059E9C284 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
09:23:30.0416 0x6b560  Dfsc - ok
09:23:30.0429 0x6b560  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
09:23:30.0452 0x6b560  Dhcp - ok
09:23:30.0457 0x6b560  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
09:23:30.0474 0x6b560  diagnosticshub.standardcollector.service - ok
09:23:30.0509 0x6b560  [ 6079A6F6406C4FFB552F66384F25F919, 8B38645F1F4A8F72DF18373EDCD3828DDF8D4E2A406E42E654F21C0C1A5EB661 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
09:23:30.0586 0x6b560  DiagTrack - ok
09:23:30.0598 0x6b560  [ BB5B80616BD01A9C59BF1D52BA238EDA, 8168F38127EC955B25AD4EF61081D86473E4959F797F68055E6210080EFEFF9F ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
09:23:30.0611 0x6b560  DigitalWave.Update.Service - ok
09:23:30.0621 0x6b560  [ 861BF9D0F3B7AD653D514F32A0496DAD, 964C20FEA1619BB73E8D764EE35831B21C5010490F46BA739AB0F9C1ACDADDDC ] Disconnect Desktop Updater C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe
09:23:30.0635 0x6b560  Disconnect Desktop Updater - ok
09:23:30.0644 0x6b560  [ 5044AC5503227F576AA6EFD01BBCBDF8, 56D7ACFB9B2A3DCBE10A94EB10A4D55EBBECA1A5888A0546460AC2F383E20337 ] disconnect-openvpn C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\nssm.exe
09:23:30.0655 0x6b560  disconnect-openvpn - ok
09:23:30.0660 0x6b560  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
09:23:30.0670 0x6b560  disk - ok
09:23:30.0679 0x6b560  [ 53757B27986CDC970725FAE35F45CA11, 3B332C2FBD502BAD959DDD65C86FEAFA78DFDDF6405F130F2F26A8AF9424E21B ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
09:23:30.0709 0x6b560  DmEnrollmentSvc - ok
09:23:30.0714 0x6b560  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
09:23:30.0724 0x6b560  dmvsc - ok
09:23:30.0729 0x6b560  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
09:23:30.0748 0x6b560  dmwappushservice - ok
09:23:30.0756 0x6b560  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
09:23:30.0781 0x6b560  Dnscache - ok
09:23:30.0790 0x6b560  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
09:23:30.0808 0x6b560  dot3svc - ok
09:23:30.0814 0x6b560  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\WINDOWS\system32\dps.dll
09:23:30.0828 0x6b560  DPS - ok
09:23:30.0832 0x6b560  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
09:23:30.0840 0x6b560  drmkaud - ok
09:23:30.0847 0x6b560  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
09:23:30.0864 0x6b560  DsmSvc - ok
09:23:30.0870 0x6b560  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
09:23:30.0889 0x6b560  DsSvc - ok
09:23:30.0893 0x6b560  [ 679FF716052109392D870F6A6C4A3535, BEF1784448CCA4AF1D67ED68BD0C7CFE01A7719E98CACF92C2DCBFAA916DC57E ] dtlitescsibus   C:\WINDOWS\System32\drivers\dtlitescsibus.sys
09:23:30.0901 0x6b560  dtlitescsibus - ok
09:23:30.0905 0x6b560  [ E23FDD696839A4790682CA66C48D3F2F, F5F0721BDA751968224E52E75D0C309A3E084C430CD98E85A55AF622D16B9A44 ] dtliteusbbus    C:\WINDOWS\System32\drivers\dtliteusbbus.sys
09:23:30.0913 0x6b560  dtliteusbbus - ok
09:23:30.0954 0x6b560  [ A90C76FB62526DEB5A5557A8839841AB, 939BDA8A4F73E834A319D45C97B0892B0A44886A9191BA20D1121622BAE413FA ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
09:23:31.0014 0x6b560  DXGKrnl - ok
09:23:31.0022 0x6b560  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
09:23:31.0040 0x6b560  EapHost - ok
09:23:31.0096 0x6b560  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
09:23:31.0187 0x6b560  ebdrv - ok
09:23:31.0194 0x6b560  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] EFS             C:\WINDOWS\System32\lsass.exe
09:23:31.0210 0x6b560  EFS - ok
09:23:31.0215 0x6b560  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
09:23:31.0224 0x6b560  EhStorClass - ok
09:23:31.0230 0x6b560  [ 4D49B99DCACA1FC782A94DB596246504, 878B27A128093640830AB4C78973E1D896CF3AA918FA24FAB1029F0C9D1CB98B ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
09:23:31.0240 0x6b560  EhStorTcgDrv - ok
09:23:31.0246 0x6b560  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
09:23:31.0265 0x6b560  embeddedmode - ok
09:23:31.0274 0x6b560  [ B4264DEF962801CDB83C008DE30758D1, 57886688102BE727450BA45932044A5A389B5822A0C1C08C2AFFBA380F70C3F3 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
09:23:31.0301 0x6b560  EntAppSvc - ok
09:23:31.0304 0x6b560  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
09:23:31.0314 0x6b560  ErrDev - ok
09:23:31.0327 0x6b560  [ D7F2456FD9FD5EE822E14CA7144A3C04, 463720792F1C36762DC083B5E622F5AF55B2ECE684AFC229555D9A55290ACB06 ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
09:23:31.0345 0x6b560  ETD - ok
09:23:31.0357 0x6b560  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\WINDOWS\system32\es.dll
09:23:31.0385 0x6b560  EventSystem - ok
09:23:31.0394 0x6b560  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
09:23:31.0420 0x6b560  exfat - ok
09:23:31.0429 0x6b560  [ C077AA74EDDAF69985EB27597BCB342A, 8CE48D37E39A6DFA3C8E959CA92A49029100446DC40044EE009D55FB9CDE378A ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
09:23:31.0454 0x6b560  fastfat - ok
09:23:31.0469 0x6b560  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\WINDOWS\system32\fxssvc.exe
09:23:31.0506 0x6b560  Fax - ok
09:23:31.0510 0x6b560  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
09:23:31.0521 0x6b560  fdc - ok
09:23:31.0525 0x6b560  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
09:23:31.0541 0x6b560  fdPHost - ok
09:23:31.0545 0x6b560  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
09:23:31.0559 0x6b560  FDResPub - ok
09:23:31.0564 0x6b560  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
09:23:31.0582 0x6b560  fhsvc - ok
09:23:31.0587 0x6b560  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
09:23:31.0601 0x6b560  FileCrypt - ok
09:23:31.0605 0x6b560  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
09:23:31.0615 0x6b560  FileInfo - ok
09:23:31.0619 0x6b560  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
09:23:31.0633 0x6b560  Filetrace - ok
09:23:31.0642 0x6b560  [ 14096194A0FDD9D4110760C507D37BC3, 2BBB8104E32C38A5EF175267A7BC89A948443D4D1F3F52EEFC7C9ED15727F4CD ] file_tracker    C:\WINDOWS\system32\DRIVERS\file_tracker.sys
09:23:31.0655 0x6b560  file_tracker - ok
09:23:31.0658 0x6b560  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
09:23:31.0671 0x6b560  flpydisk - ok
09:23:31.0680 0x6b560  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
09:23:31.0696 0x6b560  FltMgr - ok
09:23:31.0703 0x6b560  [ 66FAC908C2342B1348745DC438A149CE, C66372966EEA40470489DE8995A51F388015007292566DF840B265123F84111C ] fltsrv          C:\WINDOWS\system32\DRIVERS\fltsrv.sys
09:23:31.0713 0x6b560  fltsrv - ok
09:23:31.0746 0x6b560  [ 289EFA0470B308F01BAF955DE81E0682, F88081AD427BD90B3085A07439D1BDBB4966A898D49B0ABEFF7829D68BE532A5 ] FontCache       C:\WINDOWS\system32\FntCache.dll
09:23:31.0810 0x6b560  FontCache - ok
09:23:31.0816 0x6b560  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:23:31.0830 0x6b560  FontCache3.0.0.0 - ok
09:23:31.0848 0x6b560  [ B6848AE7BF5BD5182075D948DF7588DC, 0245D35CA48451D0743347338EE2E8E8AB6C6FD8ABE0B91E7FE2830714D30BE0 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
09:23:31.0883 0x6b560  FrameServer - ok
09:23:31.0889 0x6b560  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
09:23:31.0900 0x6b560  FsDepends - ok
09:23:31.0903 0x6b560  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:23:31.0915 0x6b560  Fs_Rec - ok
09:23:31.0928 0x6b560  [ B719EAA1EC93586955B013BD7DD61356, 0D0D94CF33322EEC0AD08835D0314E578F9687F361CD436A2073A4D2C0D56C86 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
09:23:31.0952 0x6b560  fvevol - ok
09:23:31.0957 0x6b560  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
09:23:31.0968 0x6b560  gencounter - ok
09:23:31.0972 0x6b560  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
09:23:31.0984 0x6b560  genericusbfn - ok
09:23:31.0989 0x6b560  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
09:23:32.0001 0x6b560  GPIOClx0101 - ok
09:23:32.0027 0x6b560  [ C9316C91895057669386E620C89580E5, 5C7BF2C890E77AE3D401BB1F9F76B42D8A0ECD98118F17929FCD4097C768D90A ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
09:23:32.0085 0x6b560  gpsvc - ok
09:23:32.0089 0x6b560  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
09:23:32.0102 0x6b560  GpuEnergyDrv - ok
09:23:32.0107 0x6b560  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:23:32.0116 0x6b560  gupdate - ok
09:23:32.0121 0x6b560  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:23:32.0129 0x6b560  gupdatem - ok
09:23:32.0134 0x6b560  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
09:23:32.0147 0x6b560  HDAudBus - ok
09:23:32.0151 0x6b560  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
09:23:32.0159 0x6b560  HidBatt - ok
09:23:32.0164 0x6b560  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
09:23:32.0176 0x6b560  HidBth - ok
09:23:32.0180 0x6b560  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
09:23:32.0192 0x6b560  hidi2c - ok
09:23:32.0196 0x6b560  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
09:23:32.0207 0x6b560  hidinterrupt - ok
09:23:32.0210 0x6b560  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
09:23:32.0224 0x6b560  HidIr - ok
09:23:32.0228 0x6b560  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\WINDOWS\system32\hidserv.dll
09:23:32.0240 0x6b560  hidserv - ok
09:23:32.0243 0x6b560  [ 38DA94B6DD8022DA43810E4328608E54, ACE0A36143FF37BC42F136DB7317028540D1C0F21A5FD13F67E1A3DB2426A5EA ] HIDSwitch       C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
09:23:32.0251 0x6b560  HIDSwitch - ok
09:23:32.0255 0x6b560  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
09:23:32.0267 0x6b560  HidUsb - ok
09:23:32.0274 0x6b560  [ 44D54C8356588525D7AD0FDCFDDA0811, 46963ADBF14FA8A9B0E6564106ADEA49BBD4EBD9E43DF389CCD31F9B9BD080D9 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
09:23:32.0295 0x6b560  HomeGroupListener - ok
09:23:32.0306 0x6b560  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
09:23:32.0333 0x6b560  HomeGroupProvider - ok
09:23:32.0338 0x6b560  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
09:23:32.0347 0x6b560  HpSAMD - ok
09:23:32.0350 0x6b560  [ 02F1253476B7F5F818364443DFED3264, 645F51A6781E9DEB381694718EDEF38B02F5345ADCE8860EC2D9483F7C1C7CC2 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
09:23:32.0360 0x6b560  HPSupportSolutionsFrameworkService - ok
09:23:32.0379 0x6b560  [ 65E358D604267CBAACB74A2598BBE22B, A645E48641D638A58789B7948FC3DD5072179C0919B546A6DB08094FA9321A30 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
09:23:32.0412 0x6b560  HTTP - ok
09:23:32.0417 0x6b560  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
09:23:32.0429 0x6b560  HvHost - ok
09:23:32.0433 0x6b560  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
09:23:32.0442 0x6b560  hvservice - ok
09:23:32.0446 0x6b560  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
09:23:32.0456 0x6b560  hwpolicy - ok
09:23:32.0459 0x6b560  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
09:23:32.0473 0x6b560  hyperkbd - ok
09:23:32.0477 0x6b560  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
09:23:32.0492 0x6b560  i8042prt - ok
09:23:32.0495 0x6b560  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
09:23:32.0506 0x6b560  iagpio - ok
09:23:32.0511 0x6b560  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
09:23:32.0524 0x6b560  iai2c - ok
09:23:32.0528 0x6b560  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
09:23:32.0543 0x6b560  iaLPSS2i_GPIO2 - ok
09:23:32.0550 0x6b560  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
09:23:32.0561 0x6b560  iaLPSS2i_I2C - ok
09:23:32.0566 0x6b560  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
09:23:32.0574 0x6b560  iaLPSSi_GPIO - ok
09:23:32.0581 0x6b560  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
09:23:32.0599 0x6b560  iaLPSSi_I2C - ok
09:23:32.0629 0x6b560  [ FC44D4507741936BBBF0F8FFD1C8EEA1, 87B34F2E865A89CD455AD055E5C78B2BA332BE9F81336CE9AB08F4DDF5C4C743 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
09:23:32.0669 0x6b560  iaStorA - ok
09:23:32.0686 0x6b560  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
09:23:32.0712 0x6b560  iaStorAV - ok
09:23:32.0724 0x6b560  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
09:23:32.0745 0x6b560  iaStorV - ok
09:23:32.0757 0x6b560  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
09:23:32.0777 0x6b560  ibbus - ok
09:23:32.0781 0x6b560  [ 231ADCE77616144B8E3D29707B282C82, D2429E0CAABE3E3A50D62DEC6C9F8D13AC8786EB57D9075489425E623EC84165 ] ICCWDT          C:\WINDOWS\System32\drivers\ICCWDT.sys
09:23:32.0790 0x6b560  ICCWDT - ok
09:23:32.0797 0x6b560  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
09:23:32.0814 0x6b560  icssvc - ok
09:23:32.0833 0x6b560  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
09:23:32.0872 0x6b560  IKEEXT - ok
09:23:32.0876 0x6b560  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
09:23:32.0890 0x6b560  IndirectKmd - ok
09:23:32.0988 0x6b560  [ 9FCA186B88991BFD1BBBBC53059DC615, 91A1A13F0D3B64CD1961B558C3C4E6108719CB59ABFB21EBA2C5091C34E01C82 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
09:23:33.0088 0x6b560  IntcAzAudAddService - ok
09:23:33.0098 0x6b560  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
09:23:33.0108 0x6b560  intelide - ok
09:23:33.0111 0x6b560  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
09:23:33.0124 0x6b560  intelpep - ok
09:23:33.0129 0x6b560  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
09:23:33.0144 0x6b560  intelppm - ok
09:23:33.0148 0x6b560  [ 4A922CAB4AB5F29F1BECC9D95B4B7F05, 7C1006799E26A0B4DF49373A4D0509748C602588CFB3C1CBB409E335F5DF9593 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
09:23:33.0157 0x6b560  iorate - ok
09:23:33.0162 0x6b560  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:23:33.0174 0x6b560  IpFilterDriver - ok
09:23:33.0193 0x6b560  [ 89548E57FD0A7BC703541C69C0286B13, 261698B302DF5B80C57FC4257E0A0AABC8DEFFED16D8CD142AD8E7CB51AF2007 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
09:23:33.0239 0x6b560  iphlpsvc - ok
09:23:33.0244 0x6b560  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
09:23:33.0254 0x6b560  IPMIDRV - ok
09:23:33.0261 0x6b560  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
09:23:33.0276 0x6b560  IPNAT - ok
09:23:33.0290 0x6b560  [ EECB45F889E99174DA56FBDF37962D25, 12B407C45C9D0396FF3B5B118A863CBDEE0867034AE365F4CF5A8F66A4DB2003 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:23:33.0306 0x6b560  iPod Service - ok
09:23:33.0312 0x6b560  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
09:23:33.0328 0x6b560  irda - ok
09:23:33.0332 0x6b560  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
09:23:33.0342 0x6b560  IRENUM - ok
09:23:33.0346 0x6b560  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\WINDOWS\System32\irmon.dll
09:23:33.0360 0x6b560  irmon - ok
09:23:33.0364 0x6b560  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
09:23:33.0372 0x6b560  isapnp - ok
09:23:33.0380 0x6b560  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
09:23:33.0396 0x6b560  iScsiPrt - ok
09:23:33.0400 0x6b560  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
09:23:33.0409 0x6b560  kbdclass - ok
09:23:33.0414 0x6b560  [ 2D05785B0C58D90A34EA15032EADBBA9, 3E1238FF7F6ECA522761830FE7EA7587B704FCB3ECE8C6BF94CC17A640B678ED ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
09:23:33.0426 0x6b560  kbdhid - ok
09:23:33.0430 0x6b560  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
09:23:33.0445 0x6b560  kdnic - ok
09:23:33.0449 0x6b560  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] KeyIso          C:\WINDOWS\system32\lsass.exe
09:23:33.0463 0x6b560  KeyIso - ok
09:23:33.0469 0x6b560  [ 9FA1B5D84F596F0664F0465F302044DC, 47B41D3D6119B5B20C83AF84D315C4AB40B5534D687736A8B67BD985A3B232C1 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
09:23:33.0480 0x6b560  KSecDD - ok
09:23:33.0486 0x6b560  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
09:23:33.0498 0x6b560  KSecPkg - ok
09:23:33.0501 0x6b560  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
09:23:33.0520 0x6b560  ksthunk - ok
09:23:33.0531 0x6b560  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
09:23:33.0559 0x6b560  KtmRm - ok
09:23:33.0564 0x6b560  [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C             C:\WINDOWS\System32\drivers\L1C63x64.sys
09:23:33.0571 0x6b560  L1C - ok
09:23:33.0580 0x6b560  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
09:23:33.0603 0x6b560  LanmanServer - ok
09:23:33.0611 0x6b560  [ 752FE77F22592016A5EBBF399EC12E14, 231CF3E069FF64A4E8C81D0799A73924D864585B25382EFF8D1707F87747AC9E ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
09:23:33.0632 0x6b560  LanmanWorkstation - ok
09:23:33.0638 0x6b560  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
09:23:33.0649 0x6b560  lfsvc - ok
09:23:33.0653 0x6b560  [ F2E1302599E445F3E1A305123A92A8BC, 162D5C8045463931E8465544144F11567AA0F246AEAC3828A13284C283F01633 ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
09:23:33.0666 0x6b560  LicenseManager - ok
09:23:33.0669 0x6b560  [ 2223D781B2D1E16219C250520CE39C9F, 1EF801C20E52E0687E42BDB3E8822A76720061986C14BFB7C4DB99E522DBF806 ] LiveTuner2PM    C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner64.sys
09:23:33.0675 0x6b560  LiveTuner2PM - ok
09:23:33.0680 0x6b560  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
09:23:33.0691 0x6b560  lltdio - ok
09:23:33.0699 0x6b560  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
09:23:33.0724 0x6b560  lltdsvc - ok
09:23:33.0729 0x6b560  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
09:23:33.0742 0x6b560  lmhosts - ok
09:23:33.0748 0x6b560  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
09:23:33.0759 0x6b560  LSI_SAS - ok
09:23:33.0764 0x6b560  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
09:23:33.0775 0x6b560  LSI_SAS2i - ok
09:23:33.0780 0x6b560  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
09:23:33.0791 0x6b560  LSI_SAS3i - ok
09:23:33.0796 0x6b560  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
09:23:33.0806 0x6b560  LSI_SSS - ok
09:23:33.0820 0x6b560  [ 5570D03E2048AC7961BEF6FFEE3A2CA5, FD0232312D87015FA0B8062FA175A44410F8C1C9778145CCDD57BA1C23929C87 ] LSM             C:\WINDOWS\System32\lsm.dll
09:23:33.0849 0x6b560  LSM - ok
09:23:33.0855 0x6b560  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
09:23:33.0873 0x6b560  luafv - ok
09:23:34.0009 0x6b560  [ 3B08ABBD49CFA32A914F9A45A98CF8DC, 3AE9BC6441C9409A984AFFA36152F31A3608313D5F708106DEA7EEBB5B924679 ] m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe
09:23:34.0185 0x6b560  m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E - ok
09:23:34.0198 0x6b560  [ 60DC593BA44E433DF97EBC8940703D08, 253B6892D7FCBD647D6FA645670871A76A38CD379FCC1F66F1181949740C72EA ] ManyCam         C:\WINDOWS\system32\DRIVERS\mcvidrv.sys
09:23:34.0206 0x6b560  ManyCam - ok
09:23:34.0218 0x6b560  [ F0DB70EA6B32DA9E8D3DFE50206CF9C4, F2CE20E7019C029388A24326B149B0FBF17649F2BA805C96E9F6FB27EB4CB3CD ] ManyCam Service C:\ProgramData\ManyCam\Service\ManyCamService.exe
09:23:34.0241 0x6b560  ManyCam Service - ok
09:23:34.0245 0x6b560  [ 6D4111E1852A9F0BFC07BB69F3141841, 9BFF4517F26F1E9DF4DA6633B542EAA20A698B9397D2ED73134E7AEF306FBB15 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
09:23:34.0258 0x6b560  MapsBroker - ok
09:23:34.0261 0x6b560  MBAMSwissArmy - ok
09:23:34.0266 0x6b560  [ 7382E4A888A7D4333DFF8A30B6850EE9, 3F63680A96438DF841FD46F99DA9670520ED3295176820DEDC9D5C770CA659D0 ] mcaudrv_simple  C:\WINDOWS\system32\drivers\mcaudrv_x64.sys
09:23:34.0271 0x6b560  mcaudrv_simple - ok
09:23:34.0275 0x6b560  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
09:23:34.0284 0x6b560  megasas - ok
09:23:34.0296 0x6b560  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
09:23:34.0316 0x6b560  megasr - ok
09:23:34.0323 0x6b560  [ 8EC6459491D8508BBA5E3CEC5C930914, E01AEE2E6F569429BC5582AEB63A2CB288499A878B0806D21CC9D78F00E0B284 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
09:23:34.0337 0x6b560  MEIx64 - ok
09:23:34.0342 0x6b560  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
09:23:34.0355 0x6b560  MessagingService - ok
09:23:34.0372 0x6b560  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
09:23:34.0399 0x6b560  mlx4_bus - ok
09:23:34.0404 0x6b560  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
09:23:34.0415 0x6b560  MMCSS - ok
09:23:34.0493 0x6b560  [ DA4AFC1A1C967028A58D1F5528B3E50D, 3B688ED26031520CFDE619B17E431112A3B2D7034A5E990A20A9E22356223695 ] mmsminisrv      C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
09:23:34.0588 0x6b560  mmsminisrv - ok
09:23:34.0718 0x6b560  [ 759CF9A706BD7E68E4FD0D387535DC5C, A9B5065E33A074C8780CEB1AA5B20F8FC9A2443D38709869995D2F8EBF8549E1 ] mobile_backup_server C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
09:23:34.0874 0x6b560  mobile_backup_server - ok
09:23:34.0911 0x6b560  [ 34579C215DABFDEA96A8C1812D933CDE, CFCE4EED8ED6F4A37346E139986EFB99AF11408256E0BC65C09678A0CD73F021 ] mobile_backup_status_server C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
09:23:34.0944 0x6b560  mobile_backup_status_server - ok
09:23:34.0949 0x6b560  [ D842ADDB5911945D51F61A0B1C8F36E3, 5EB93A1FD2D2D9FAB6121356E1AB18F2ADE9550D3033274AF7CA8F7FD51E59ED ] Modem           C:\WINDOWS\system32\drivers\modem.sys
09:23:34.0962 0x6b560  Modem - ok
09:23:34.0965 0x6b560  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
09:23:34.0975 0x6b560  monitor - ok
09:23:34.0980 0x6b560  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
09:23:34.0989 0x6b560  mouclass - ok
09:23:34.0993 0x6b560  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
09:23:35.0004 0x6b560  mouhid - ok
09:23:35.0009 0x6b560  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
09:23:35.0019 0x6b560  mountmgr - ok
09:23:35.0024 0x6b560  [ A82AA5481A845F4AC0E5EE83904FBFED, 2E1640BCA51B1957815465E4DEE895FCD87C93EA80DDD3A80B5647B23D16FB67 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:23:35.0032 0x6b560  MozillaMaintenance - ok
09:23:35.0037 0x6b560  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
09:23:35.0052 0x6b560  mpsdrv - ok
09:23:35.0068 0x6b560  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
09:23:35.0106 0x6b560  MpsSvc - ok
09:23:35.0114 0x6b560  [ 50C2389CD04C5B8632E3DC2D733EF15D, 0F83A8A5F405BC6F401B5A75D45F6D07C61C0CA692D2A77C63E742622F5BF921 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
09:23:35.0133 0x6b560  MRxDAV - ok
09:23:35.0145 0x6b560  [ 4D5F17C23D25B5BDF7EB35A54F483C9B, 1A0AFB4151F8D5CB164A53A7851C618F3E4C1A4FF411BC8B0B6402124C311E03 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:23:35.0164 0x6b560  mrxsmb - ok
09:23:35.0172 0x6b560  [ 8F58AEAE00B39AC9AD93755E777B19D8, 335E4D9E9E81609BEAFA08376EE29C35DA6A1839FAFC37399B9066F03BFFFBC1 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
09:23:35.0191 0x6b560  mrxsmb10 - ok
09:23:35.0198 0x6b560  [ FC501F50E6214AF38D4B22220537187A, DACF1A76F98DDCB7F385BBDE2B522A23C32C9838B9CA5CECC9550BD9443DAEED ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
09:23:35.0213 0x6b560  mrxsmb20 - ok
09:23:35.0218 0x6b560  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
09:23:35.0232 0x6b560  MsBridge - ok
09:23:35.0238 0x6b560  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
09:23:35.0262 0x6b560  MSDTC - ok
09:23:35.0269 0x6b560  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
09:23:35.0288 0x6b560  Msfs - ok
09:23:35.0292 0x6b560  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
09:23:35.0305 0x6b560  msgpiowin32 - ok
09:23:35.0308 0x6b560  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
09:23:35.0320 0x6b560  mshidkmdf - ok
09:23:35.0324 0x6b560  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
09:23:35.0335 0x6b560  mshidumdf - ok
09:23:35.0339 0x6b560  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
09:23:35.0348 0x6b560  msisadrv - ok
09:23:35.0354 0x6b560  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
09:23:35.0376 0x6b560  MSiSCSI - ok
         

Alt 03.09.2016, 08:39   #5
powerzug
 
Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus - Standard

Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus



Log File TSKiller 2. Teil

Code:
ATTFilter
09:23:35.0379 0x6b560  msiserver - ok
09:23:35.0383 0x6b560  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
09:23:35.0400 0x6b560  MSKSSRV - ok
09:23:35.0405 0x6b560  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
09:23:35.0418 0x6b560  MsLldp - ok
09:23:35.0422 0x6b560  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
09:23:35.0438 0x6b560  MSPCLOCK - ok
09:23:35.0441 0x6b560  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
09:23:35.0461 0x6b560  MSPQM - ok
09:23:35.0470 0x6b560  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
09:23:35.0497 0x6b560  MsRPC - ok
09:23:35.0506 0x6b560  [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
09:23:35.0519 0x6b560  MsSecFlt - ok
09:23:35.0523 0x6b560  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
09:23:35.0534 0x6b560  mssmbios - ok
09:23:35.0538 0x6b560  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
09:23:35.0558 0x6b560  MSTEE - ok
09:23:35.0562 0x6b560  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
09:23:35.0578 0x6b560  MTConfig - ok
09:23:35.0585 0x6b560  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
09:23:35.0598 0x6b560  Mup - ok
09:23:35.0603 0x6b560  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
09:23:35.0614 0x6b560  mvumis - ok
09:23:35.0630 0x6b560  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
09:23:35.0663 0x6b560  NativeWifiP - ok
09:23:35.0682 0x6b560  [ 4DF6F43F761A600208F90A55D05F9B7E, AC93B4497FB428F7EC42DCF5956A2A61B951394E555BF6C89E55943E0B681586 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
09:23:35.0707 0x6b560  NAUpdate - ok
09:23:35.0715 0x6b560  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
09:23:35.0735 0x6b560  NcaSvc - ok
09:23:35.0744 0x6b560  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
09:23:35.0764 0x6b560  NcbService - ok
09:23:35.0769 0x6b560  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
09:23:35.0790 0x6b560  NcdAutoSetup - ok
09:23:35.0794 0x6b560  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
09:23:35.0804 0x6b560  ndfltr - ok
09:23:35.0827 0x6b560  [ 36DD2C614720EC2970CB5E870BA69D8D, 692BDA4201119E0561E17E7E1A72320DBECDE3F8E4E65FBEA1B2C1128E16508B ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
09:23:35.0860 0x6b560  NDIS - ok
09:23:35.0866 0x6b560  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
09:23:35.0878 0x6b560  NdisCap - ok
09:23:35.0884 0x6b560  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
09:23:35.0904 0x6b560  NdisImPlatform - ok
09:23:35.0908 0x6b560  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:23:35.0924 0x6b560  NdisTapi - ok
09:23:35.0929 0x6b560  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
09:23:35.0941 0x6b560  Ndisuio - ok
09:23:35.0946 0x6b560  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
09:23:35.0961 0x6b560  NdisVirtualBus - ok
09:23:35.0967 0x6b560  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
09:23:35.0993 0x6b560  NdisWan - ok
09:23:36.0006 0x6b560  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:23:36.0036 0x6b560  ndiswanlegacy - ok
09:23:36.0040 0x6b560  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
09:23:36.0061 0x6b560  ndproxy - ok
09:23:36.0067 0x6b560  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
09:23:36.0087 0x6b560  Ndu - ok
09:23:36.0091 0x6b560  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\WINDOWS\System32\drivers\netaapl64.sys
09:23:36.0103 0x6b560  Netaapl - ok
09:23:36.0108 0x6b560  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
09:23:36.0121 0x6b560  NetAdapterCx - ok
09:23:36.0125 0x6b560  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
09:23:36.0137 0x6b560  NetBIOS - ok
09:23:36.0145 0x6b560  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
09:23:36.0162 0x6b560  NetBT - ok
09:23:36.0166 0x6b560  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] Netlogon        C:\WINDOWS\system32\lsass.exe
09:23:36.0176 0x6b560  Netlogon - ok
09:23:36.0183 0x6b560  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
09:23:36.0205 0x6b560  Netman - ok
09:23:36.0219 0x6b560  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
09:23:36.0245 0x6b560  netprofm - ok
09:23:36.0253 0x6b560  [ 724EA060EF56BAB4DED8F731FA56279B, E07FFE11D7B5C94D6B56940C6423ACB85910F6E8789E788EC91EEEE1C02B247F ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
09:23:36.0273 0x6b560  NetSetupSvc - ok
09:23:36.0279 0x6b560  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:23:36.0295 0x6b560  NetTcpPortSharing - ok
09:23:36.0306 0x6b560  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
09:23:36.0327 0x6b560  NgcCtnrSvc - ok
09:23:36.0350 0x6b560  [ 2EC2F2E4C88BA9B72D1F6B92234BCD53, 4DC98EBE5A3B34ED654017F076F457970D3FBF749DC54A6533DAABDE85A7C4FE ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
09:23:36.0394 0x6b560  NgcSvc - ok
09:23:36.0404 0x6b560  [ 0B5083278F195C26FE9E0140AEAEDCBE, B4D505963D5EBA14EC80E6D0BB8B862D96D1D1C3A57F4744AEBA3FF4BFB1997A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
09:23:36.0433 0x6b560  NlaSvc - ok
09:23:36.0436 0x6b560  NPF - ok
09:23:36.0441 0x6b560  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
09:23:36.0457 0x6b560  Npfs - ok
09:23:36.0461 0x6b560  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
09:23:36.0471 0x6b560  npsvctrig - ok
09:23:36.0475 0x6b560  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\WINDOWS\system32\nsisvc.dll
09:23:36.0486 0x6b560  nsi - ok
09:23:36.0490 0x6b560  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
09:23:36.0501 0x6b560  nsiproxy - ok
09:23:36.0546 0x6b560  [ D1AF837A1555990602A51A3ED238EC80, 37F25AAC4431C665F014FF7EB2FBB395621581200CB5029D4C3F5040E9181F52 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
09:23:36.0606 0x6b560  NTFS - ok
09:23:36.0612 0x6b560  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
09:23:36.0624 0x6b560  Null - ok
09:23:36.0630 0x6b560  [ 1F99AD85DC4F9E322CDE2363378CD374, 5E80D10FF0BC46ECF6F1F2294F35A0A7FD76E6F0B4534FD45C9AA8C57AE97F68 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
09:23:36.0640 0x6b560  NVHDA - ok
09:23:36.0866 0x6b560  [ 113505A56DAE1354960B7FF9E30E9AEA, 8A172BA5A06BA4949847A8F349128609AB324B3582707BECB9E786222BFE58D3 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
09:23:37.0127 0x6b560  nvlddmkm - ok
09:23:37.0145 0x6b560  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
09:23:37.0156 0x6b560  nvraid - ok
09:23:37.0163 0x6b560  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
09:23:37.0178 0x6b560  nvstor - ok
09:23:37.0188 0x6b560  [ 4398DCC9BA21E1BE911A13BD18C63481, 251DF1EF6101AC071100665686811915C3B306055C3901BDA96F99612FD001B2 ] NvStUSB         C:\WINDOWS\System32\drivers\nvstusb.sys
09:23:37.0201 0x6b560  NvStUSB - ok
09:23:37.0227 0x6b560  [ 334AD0B00C21E84B4CE3E20682D308BF, D17BC6D1B26AA10A1A4622AB36E3CDCBF35A9B9CA07CEC6FF865951FB45C9D03 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
09:23:37.0257 0x6b560  nvsvc - ok
09:23:37.0269 0x6b560  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
09:23:37.0292 0x6b560  OneSyncSvc - ok
09:23:37.0301 0x6b560  [ E133C2D85CFF4EDD7FE8E8F0F8BE6CDB, 6C5E7D9C81A409E67C143CD3AED33BDDC3967FA4C9AB3B98560B7D3BF57D093D ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:23:37.0314 0x6b560  ose - ok
09:23:37.0325 0x6b560  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
09:23:37.0346 0x6b560  p2pimsvc - ok
09:23:37.0356 0x6b560  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
09:23:37.0378 0x6b560  p2psvc - ok
09:23:37.0383 0x6b560  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
09:23:37.0399 0x6b560  Parport - ok
09:23:37.0404 0x6b560  [ 64E0AA114871B2A37908E44A18F35A73, 2FB434EE48894C9B538349918B9B96FE9C6A76ADAC325EB9DA6E84D0B104D457 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
09:23:37.0417 0x6b560  partmgr - ok
09:23:37.0429 0x6b560  [ CE515B2C6E2EA50053A8862398646B38, C85D370E5250AFCF44796CE274B5A100C6829DC28BF1D4C6991EF61DE46FD10A ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
09:23:37.0449 0x6b560  PcaSvc - ok
09:23:37.0460 0x6b560  [ 55E45E0A89429AE9C62D728B9C4891C0, 729922C3488866C8D67F00E82C082F2E8E6F05180F4767AD30FC7E1FFE4946C5 ] pci             C:\WINDOWS\system32\drivers\pci.sys
09:23:37.0479 0x6b560  pci - ok
09:23:37.0483 0x6b560  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
09:23:37.0491 0x6b560  pciide - ok
09:23:37.0497 0x6b560  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
09:23:37.0508 0x6b560  pcmcia - ok
09:23:37.0513 0x6b560  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
09:23:37.0522 0x6b560  pcw - ok
09:23:37.0527 0x6b560  [ 2CCD68D8A6BBFF2DE0EC54F086C5F3BC, D3D5A56F0C1BEBA9A05CE82F4BBD011E40A15358C00A668F9614F7E002A65A08 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
09:23:37.0537 0x6b560  pdc - ok
09:23:37.0552 0x6b560  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
09:23:37.0584 0x6b560  PEAUTH - ok
09:23:37.0618 0x6b560  [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
09:23:37.0698 0x6b560  PeerDistSvc - ok
09:23:37.0705 0x6b560  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
09:23:37.0716 0x6b560  percsas2i - ok
09:23:37.0720 0x6b560  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
09:23:37.0729 0x6b560  percsas3i - ok
09:23:37.0741 0x6b560  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
09:23:37.0756 0x6b560  PerfHost - ok
09:23:37.0777 0x6b560  [ CFA4868B2932396D47BCC8E7350907C1, C757910212982F54CF9B2CFFCB632D58E3A07E468A2DA42CDF97BFB6A05823DE ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
09:23:37.0833 0x6b560  PhoneSvc - ok
09:23:37.0840 0x6b560  [ 06A31E2C90347128A1A25290568E152C, 7F0BC96C116A5C6B9796233CA975B1F6A73D554A533191F38295D60221E503C4 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
09:23:37.0859 0x6b560  PimIndexMaintenanceSvc - ok
09:23:37.0886 0x6b560  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\WINDOWS\system32\pla.dll
09:23:37.0941 0x6b560  pla - ok
09:23:37.0947 0x6b560  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
09:23:37.0970 0x6b560  PlugPlay - ok
09:23:37.0974 0x6b560  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
09:23:37.0986 0x6b560  PNRPAutoReg - ok
09:23:37.0995 0x6b560  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
09:23:38.0016 0x6b560  PNRPsvc - ok
09:23:38.0026 0x6b560  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
09:23:38.0055 0x6b560  PolicyAgent - ok
09:23:38.0062 0x6b560  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\WINDOWS\system32\umpo.dll
09:23:38.0080 0x6b560  Power - ok
09:23:38.0085 0x6b560  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
09:23:38.0104 0x6b560  PptpMiniport - ok
09:23:38.0162 0x6b560  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
09:23:38.0292 0x6b560  PrintNotify - ok
09:23:38.0298 0x6b560  [ 8AF0B69E2C3BC7996BE98D7C7DD0BA2C, 40C96109783DFB01CE2BA966AA29DE44326342823D83669A5632B7CE1565915B ] prl_virtual_hid C:\WINDOWS\System32\drivers\prl_virtual_hid.sys
09:23:38.0305 0x6b560  prl_virtual_hid - ok
09:23:38.0311 0x6b560  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\WINDOWS\System32\drivers\processr.sys
09:23:38.0324 0x6b560  Processor - ok
09:23:38.0334 0x6b560  [ B2DC3BA675F95343D55EC989FE303561, C53FCA036358B0B11BBE5348074FA24831CF67C9FEE31A3DC9CF88B6178CFBC8 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
09:23:38.0357 0x6b560  ProfSvc - ok
09:23:38.0364 0x6b560  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
09:23:38.0379 0x6b560  Psched - ok
09:23:38.0383 0x6b560  [ D8EB393983B644879DE0546122CC16DF, 4A11DDFB016B560E770660183AF1ADA4831D97DAEAF560E60259F81F2727CBFC ] ptun0901        C:\WINDOWS\System32\drivers\ptun0901.sys
09:23:38.0394 0x6b560  ptun0901 - ok
09:23:38.0401 0x6b560  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\WINDOWS\system32\qwave.dll
09:23:38.0419 0x6b560  QWAVE - ok
09:23:38.0423 0x6b560  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
09:23:38.0435 0x6b560  QWAVEdrv - ok
09:23:38.0438 0x6b560  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:23:38.0450 0x6b560  RasAcd - ok
09:23:38.0455 0x6b560  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
09:23:38.0473 0x6b560  RasAgileVpn - ok
09:23:38.0478 0x6b560  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
09:23:38.0492 0x6b560  RasAuto - ok
09:23:38.0496 0x6b560  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
09:23:38.0517 0x6b560  Rasl2tp - ok
09:23:38.0532 0x6b560  [ DF0702D6A190452E1BFA52F36E58640A, 37B7B8220CDE965F1232D883CEEEDDDB309ABA0ACBE38486E69B9052D39187C4 ] RasMan          C:\WINDOWS\System32\rasmans.dll
09:23:38.0579 0x6b560  RasMan - ok
09:23:38.0585 0x6b560  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:23:38.0602 0x6b560  RasPppoe - ok
09:23:38.0606 0x6b560  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
09:23:38.0626 0x6b560  RasSstp - ok
09:23:38.0638 0x6b560  [ 392CD98739F4A8F188A3CB34F6AB193E, C36D1CD8EEB57DB37A0A079DFC87120F948A8E3EE09973CCF5D613566B17EA10 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:23:38.0658 0x6b560  rdbss - ok
09:23:38.0664 0x6b560  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
09:23:38.0678 0x6b560  rdpbus - ok
09:23:38.0684 0x6b560  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
09:23:38.0703 0x6b560  RDPDR - ok
09:23:38.0710 0x6b560  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
09:23:38.0720 0x6b560  RdpVideoMiniport - ok
09:23:38.0729 0x6b560  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
09:23:38.0745 0x6b560  rdyboost - ok
09:23:38.0765 0x6b560  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
09:23:38.0802 0x6b560  ReFSv1 - ok
09:23:38.0818 0x6b560  [ FD2B3A645798A2EFB7FB61AC42AAA611, 8A121D361A73CA19AA87B1AD33B8020A99444BF4C8904944AD5913C5083859B8 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
09:23:38.0843 0x6b560  RemoteAccess - ok
09:23:38.0849 0x6b560  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
09:23:38.0869 0x6b560  RemoteRegistry - ok
09:23:38.0882 0x6b560  [ 94DCF20DF6170B557AFD386E37C128BC, 70FB7C7A7D2BFA95EACEEE38B39E1DCA93DA63AE1898C4F54956B9413C60EB88 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
09:23:38.0914 0x6b560  RetailDemo - ok
09:23:38.0921 0x6b560  [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
09:23:38.0941 0x6b560  RFCOMM - ok
09:23:38.0947 0x6b560  [ 068220E1B417556F4226E6A3CA0A1C24, 381DD82EF6EAEE83B5B3FA123D04A4D1EEB3407737683C22BBA787C39DCAFFE3 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
09:23:38.0968 0x6b560  RmSvc - ok
09:23:38.0972 0x6b560  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
09:23:38.0986 0x6b560  RpcEptMapper - ok
09:23:38.0989 0x6b560  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
09:23:39.0002 0x6b560  RpcLocator - ok
09:23:39.0019 0x6b560  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
09:23:39.0055 0x6b560  RpcSs - ok
09:23:39.0059 0x6b560  [ 2968DDD31BD48AA959FEEDF1AFDF8504, 47CFB7EB43234F4B3227DE9B38126BA584A2080BA504DA859683049C599D505C ] RrNetCapFilterDriver C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys
09:23:39.0066 0x6b560  RrNetCapFilterDriver - ok
09:23:39.0071 0x6b560  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
09:23:39.0084 0x6b560  rspndr - ok
09:23:39.0087 0x6b560  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
09:23:39.0098 0x6b560  s3cap - ok
09:23:39.0102 0x6b560  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] SamSs           C:\WINDOWS\system32\lsass.exe
09:23:39.0113 0x6b560  SamSs - ok
09:23:39.0127 0x6b560  [ E5F023E323CB9A7903ABF35C80E7F38B, 3E465E715FF0F27C2A1B4F221B16C8E5347FFB993F56AA2EAAC02A49297253C3 ] Samsung Link Service C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
09:23:39.0145 0x6b560  Samsung Link Service - ok
09:23:39.0151 0x6b560  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
09:23:39.0163 0x6b560  sbp2port - ok
09:23:39.0172 0x6b560  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
09:23:39.0194 0x6b560  SCardSvr - ok
09:23:39.0201 0x6b560  [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
09:23:39.0221 0x6b560  ScDeviceEnum - ok
09:23:39.0226 0x6b560  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
09:23:39.0240 0x6b560  scfilter - ok
09:23:39.0258 0x6b560  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
09:23:39.0302 0x6b560  Schedule - ok
09:23:39.0307 0x6b560  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
09:23:39.0319 0x6b560  scmbus - ok
09:23:39.0324 0x6b560  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\WINDOWS\System32\drivers\scmdisk0101.sys
09:23:39.0339 0x6b560  scmdisk0101 - ok
09:23:39.0347 0x6b560  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
09:23:39.0367 0x6b560  SCPolicySvc - ok
09:23:39.0374 0x6b560  [ FCBB8A17B4437B2CA8CC8DA8CB1D306E, 5FA762B1B6C8A45ED6F304A45B500038537ABD3DF6328F3C8E2BD43CBDEAB835 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
09:23:39.0391 0x6b560  sdbus - ok
09:23:39.0398 0x6b560  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
09:23:39.0413 0x6b560  SDRSVC - ok
09:23:39.0418 0x6b560  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
09:23:39.0428 0x6b560  sdstor - ok
09:23:39.0432 0x6b560  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
09:23:39.0444 0x6b560  seclogon - ok
09:23:39.0449 0x6b560  [ B605A44ACA1FCFF736235A4D7AEDA548, 48D8B5BC027CFE91AF7402C463327572181D4C1B1E2942F4D05792EED070B2DC ] SENS            C:\WINDOWS\System32\sens.dll
09:23:39.0467 0x6b560  SENS - ok
09:23:39.0471 0x6b560  Sense - ok
09:23:39.0497 0x6b560  [ 1CC993A041899B48D5DF4D3F4A4425FC, 8D138B3A92C0E181C865A37AD55EE2D55CC352ED9B60BF60BE0AC610F13F8FA1 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
09:23:39.0553 0x6b560  SensorDataService - ok
09:23:39.0565 0x6b560  [ 7BFD114F0F308CE29AEB8F16056D0658, 0CD3B3C69DCB3EAD8F8EF5C633911DD4F2C1167DC6FE28107EE38713A35A1F5C ] SensorService   C:\WINDOWS\system32\SensorService.dll
09:23:39.0589 0x6b560  SensorService - ok
09:23:39.0595 0x6b560  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
09:23:39.0611 0x6b560  SensrSvc - ok
09:23:39.0615 0x6b560  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
09:23:39.0624 0x6b560  SerCx - ok
09:23:39.0630 0x6b560  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
09:23:39.0642 0x6b560  SerCx2 - ok
09:23:39.0646 0x6b560  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
09:23:39.0656 0x6b560  Serenum - ok
09:23:39.0661 0x6b560  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
09:23:39.0675 0x6b560  Serial - ok
09:23:39.0678 0x6b560  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
09:23:39.0689 0x6b560  sermouse - ok
09:23:39.0703 0x6b560  [ D525D273BE5691BDACE72B07AB0D1E02, 9231BD2137E71B3D555CEBBA8811297F239FDA08BF573CA4741D03D76718B5B1 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
09:23:39.0729 0x6b560  SessionEnv - ok
09:23:39.0732 0x6b560  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
09:23:39.0742 0x6b560  sfloppy - ok
09:23:39.0756 0x6b560  [ 3D0069B8F0C2FB1B0F13DBDB57593DAD, 4CEC91BC45A51C4E445D2DD8A13AC97719D5AAC1DBA8EA9166D2A354E7857378 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
09:23:39.0790 0x6b560  SharedAccess - ok
09:23:39.0804 0x6b560  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:23:39.0841 0x6b560  ShellHWDetection - ok
09:23:39.0848 0x6b560  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
09:23:39.0864 0x6b560  shpamsvc - ok
09:23:39.0868 0x6b560  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
09:23:39.0877 0x6b560  SiSRaid2 - ok
09:23:39.0881 0x6b560  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
09:23:39.0891 0x6b560  SiSRaid4 - ok
09:23:39.0900 0x6b560  [ 6749AD471D1D44CBD1F30257C861F77B, D5A554F35E380948F13BFE0673B49F8FD8AE5A438BF3645857522E2560A58685 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
09:23:39.0914 0x6b560  SkypeUpdate - ok
09:23:39.0918 0x6b560  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost         C:\WINDOWS\System32\smphost.dll
09:23:39.0929 0x6b560  smphost - ok
09:23:39.0943 0x6b560  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
09:23:39.0974 0x6b560  SmsRouter - ok
09:23:39.0987 0x6b560  [ 47BBEA2DB493F8E0F3179FE47DA9801B, 29A891540B6E447A09CC52DD6D9A9512644D1D3029C2931121B9F485C8F42BF8 ] snapman         C:\WINDOWS\system32\DRIVERS\snapman.sys
09:23:39.0999 0x6b560  snapman - ok
09:23:40.0003 0x6b560  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
09:23:40.0017 0x6b560  SNMPTRAP - ok
09:23:40.0028 0x6b560  [ 3DB9C2950439B61A038BF83E697C7A14, 6BF5EA5D4A251CB982F336840A60EF4241A3FC7442E7CD4D7C82199F5BF8D4D2 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
09:23:40.0050 0x6b560  spaceport - ok
09:23:40.0056 0x6b560  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
09:23:40.0066 0x6b560  SpbCx - ok
09:23:40.0070 0x6b560  [ 85E915D043427BA7BCED955716A22ECD, 294A78F2F0DB60B2496D60D1692F3ADD5AFE0B103844BEEAFA6FBEE57EEA2B16 ] SpeedupService  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
09:23:40.0078 0x6b560  SpeedupService - ok
09:23:40.0096 0x6b560  [ DA5A9752A702E86AFC10F06115A8AF4C, 1EBF973AAEE0D851934CFD99BF6FC3B33D6EF5EDE95F81450D2EA18117172FC9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
09:23:40.0138 0x6b560  Spooler - ok
09:23:40.0234 0x6b560  [ DB386D52ABDCF0577B6921D02EEDC8B3, 523247781F230B7273248C2AB8262E63BBE55EFD2DE0DF9A40F5FA0DA7DD2AE6 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
09:23:40.0374 0x6b560  sppsvc - ok
09:23:40.0391 0x6b560  [ EDCDCD95B916DB156A903AC6256F0CCF, 4158EFE298235EDE2C34CE9F3978A4F3690379F14B21F917647EEAA0A8C1DE4A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
09:23:40.0414 0x6b560  srv - ok
09:23:40.0428 0x6b560  [ DF7147DE10921DBAAE9F9EEF94590E10, 2222BA441227056DA17194648B3AF49655650F7BBA9E4A9ACEF519E392099C6D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
09:23:40.0460 0x6b560  srv2 - ok
09:23:40.0468 0x6b560  [ 416D224AF7481A4179F018FB1F9A5B6B, 38159D7957A8091DFC5C32DCAC4DB07FDE14BBE4E75B4E61B4FBB332E3F9259D ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
09:23:40.0486 0x6b560  srvnet - ok
09:23:40.0494 0x6b560  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
09:23:40.0514 0x6b560  SSDPSRV - ok
09:23:40.0521 0x6b560  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
09:23:40.0541 0x6b560  SstpSvc - ok
09:23:40.0612 0x6b560  [ DF762D30EF0EE10E569C507BE75EAA6B, C23BA05E778CF1A547E7D3FE2226E0E68917570C56D5E703E599CAF2FD10BD17 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
09:23:40.0753 0x6b560  StateRepository - ok
09:23:40.0761 0x6b560  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
09:23:40.0771 0x6b560  stexstor - ok
09:23:40.0775 0x6b560  [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
09:23:40.0786 0x6b560  StillCam - ok
09:23:40.0801 0x6b560  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
09:23:40.0837 0x6b560  stisvc - ok
09:23:40.0843 0x6b560  [ 0FE3B9A9E40DE1029B0AC2368A3F765D, AB06795E456DB9CE4E5A91DD1C2638B4D474CE1C5DB4819D5EE17A337D74A231 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
09:23:40.0853 0x6b560  storahci - ok
09:23:40.0857 0x6b560  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
09:23:40.0867 0x6b560  storflt - ok
09:23:40.0871 0x6b560  [ B739FF1C1FAF9D0ADFBFB0FD59A5AB37, F128D872283AD1F91B56667DB885E7404D76B1CC72D6D71382C5DFA19AE433ED ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
09:23:40.0881 0x6b560  stornvme - ok
09:23:40.0886 0x6b560  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
09:23:40.0900 0x6b560  storqosflt - ok
09:23:40.0911 0x6b560  [ 6C982BC7E4DB161530A0D831718D7113, B0FAEACC91023031E53A161ECEFCF62764C96B8705E9089B4A7B4F7A2F3B6BAA ] StorSvc         C:\WINDOWS\system32\storsvc.dll
09:23:40.0938 0x6b560  StorSvc - ok
09:23:40.0942 0x6b560  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
09:23:40.0953 0x6b560  storufs - ok
09:23:40.0957 0x6b560  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
09:23:40.0966 0x6b560  storvsc - ok
09:23:40.0970 0x6b560  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\WINDOWS\system32\svsvc.dll
09:23:40.0985 0x6b560  svsvc - ok
09:23:40.0989 0x6b560  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
09:23:40.0997 0x6b560  swenum - ok
09:23:41.0008 0x6b560  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\WINDOWS\System32\swprv.dll
09:23:41.0039 0x6b560  swprv - ok
09:23:41.0199 0x6b560  [ B45170D4F669670FB31A11292AB8E314, E04C10D15D2FC0A4851DCCCC8AB93C64C89F8E2C73530083255854DA6D684229 ] syncagentsrv    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
09:23:41.0397 0x6b560  syncagentsrv - ok
09:23:41.0415 0x6b560  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
09:23:41.0427 0x6b560  Synth3dVsc - ok
09:23:41.0446 0x6b560  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\WINDOWS\system32\sysmain.dll
09:23:41.0497 0x6b560  SysMain - ok
09:23:41.0508 0x6b560  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
09:23:41.0532 0x6b560  SystemEventsBroker - ok
09:23:41.0539 0x6b560  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
09:23:41.0558 0x6b560  TabletInputService - ok
09:23:41.0562 0x6b560  [ 134B275751051C5D03F9ACCDC4F8CAAB, D50F96485AF6F26EA9A5A3A2ADEACC2DFD3B2ABCDAB88195B75CC72EAC543BE2 ] tap0901         C:\WINDOWS\System32\drivers\tap0901.sys
09:23:41.0573 0x6b560  tap0901 - ok
09:23:41.0578 0x6b560  [ E790E904BB06081F5A3DAFE87F20D06B, F09F574A134E87B9578B914ACD028AF49031CDC788989A073197774A49FFFD17 ] taphss6         C:\WINDOWS\System32\drivers\taphss6.sys
09:23:41.0586 0x6b560  taphss6 - ok
09:23:41.0596 0x6b560  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
09:23:41.0621 0x6b560  TapiSrv - ok
09:23:41.0626 0x6b560  [ E432A6F8725F29514144C0CB62CA5A96, 4476E0E26F9ED8E713F85B05B17A21291B8A7F2A91D7DAD17FAA3986CE3F4C22 ] tbhsd           C:\WINDOWS\system32\drivers\tbhsd.sys
09:23:41.0636 0x6b560  tbhsd - ok
09:23:41.0683 0x6b560  [ F84655A11FB61D4B0778525575775EA9, 0B7404963187E8CAAC1217C7BF0DAF787A04355CDF71091E1FE055FC46E21564 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
09:23:41.0749 0x6b560  Tcpip - ok
09:23:41.0795 0x6b560  [ F84655A11FB61D4B0778525575775EA9, 0B7404963187E8CAAC1217C7BF0DAF787A04355CDF71091E1FE055FC46E21564 ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
09:23:41.0862 0x6b560  Tcpip6 - ok
09:23:41.0871 0x6b560  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
09:23:41.0882 0x6b560  tcpipreg - ok
09:23:41.0890 0x6b560  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
09:23:41.0901 0x6b560  tdx - ok
09:23:42.0029 0x6b560  [ D778B8E00A5ABF6C27DDB74F382ACBE9, E874053B0DC603465F08559961E57D9D65AAFA0C8E525B606F91299BC1BE309B ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
09:23:42.0175 0x6b560  TeamViewer - ok
09:23:42.0187 0x6b560  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
09:23:42.0197 0x6b560  terminpt - ok
09:23:42.0219 0x6b560  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\WINDOWS\System32\termsrv.dll
09:23:42.0263 0x6b560  TermService - ok
09:23:42.0269 0x6b560  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
09:23:42.0288 0x6b560  Themes - ok
09:23:42.0315 0x6b560  [ 782F44534AD9DD88B12B6A77E18CE1B7, 700405046AE11C7DD8A89E7C5A8F595C6A7810D5DF521123FF571D40E6D80612 ] tib             C:\WINDOWS\system32\DRIVERS\tib.sys
09:23:42.0349 0x6b560  tib - ok
09:23:42.0356 0x6b560  [ A0BC8A10ECF59D52FDA727E7D4B3EC18, ACA640F33E8A889AD098A4308A7E7EBDDEC934EAC627B4AD635F77F9939AAC9A ] tib_mounter     C:\WINDOWS\system32\DRIVERS\tib_mounter.sys
09:23:42.0366 0x6b560  tib_mounter - ok
09:23:42.0374 0x6b560  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
09:23:42.0397 0x6b560  TieringEngineService - ok
09:23:42.0412 0x6b560  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
09:23:42.0443 0x6b560  tiledatamodelsvc - ok
09:23:42.0451 0x6b560  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
09:23:42.0470 0x6b560  TimeBrokerSvc - ok
09:23:42.0485 0x6b560  [ 14A19E7121FAFFB54251F5740B28AF16, 2EEDAEDE51CFA8EB5D7D2FBBC2B8B2E70D045AFD3F288221B756D9CF45185DC3 ] tnd             C:\WINDOWS\system32\DRIVERS\tnd.sys
09:23:42.0503 0x6b560  tnd - ok
09:23:42.0509 0x6b560  [ 45FFA5ED5E7EBA76EBEBCE08B824EA50, A526DB82A04B4092D22A053466A8D67742521CF68E77539F2567B556D3473E34 ] TotRec8         C:\WINDOWS\system32\drivers\TotRec8.sys
09:23:42.0517 0x6b560  TotRec8 - ok
09:23:42.0524 0x6b560  [ 798C8CB861EB09C5AFB77468E5449BBB, F6631E779159B99B097A59792D11713809CA493618B6A210A4BC905F16782094 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
09:23:42.0538 0x6b560  TPM - ok
09:23:42.0544 0x6b560  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
09:23:42.0560 0x6b560  TrkWks - ok
09:23:42.0565 0x6b560  [ AF343840E793BE63A9C646760BE8F2CD, 483FE55873A01DB7ACEC99B6823DAACC9EA7C67D36C6F12698113B31A7D5B8BE ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
09:23:42.0579 0x6b560  TrustedInstaller - ok
09:23:42.0585 0x6b560  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
09:23:42.0598 0x6b560  tsusbflt - ok
09:23:42.0602 0x6b560  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
09:23:42.0615 0x6b560  TsUsbGD - ok
09:23:42.0621 0x6b560  [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
09:23:42.0634 0x6b560  tsusbhub - ok
09:23:42.0642 0x6b560  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
09:23:42.0657 0x6b560  tunnel - ok
09:23:42.0662 0x6b560  [ 0F38FCE8C61CC14DE3718FAB5FFC0D3A, 527071956BDC0F2863DCDFEDD314DB5265A6AE525F810186F508E0D58A97D767 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
09:23:42.0678 0x6b560  tzautoupdate - ok
09:23:42.0683 0x6b560  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
09:23:42.0693 0x6b560  UASPStor - ok
09:23:42.0698 0x6b560  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
09:23:42.0714 0x6b560  UcmCx0101 - ok
09:23:42.0720 0x6b560  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
09:23:42.0734 0x6b560  UcmTcpciCx0101 - ok
09:23:42.0738 0x6b560  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
09:23:42.0751 0x6b560  UcmUcsi - ok
09:23:42.0757 0x6b560  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
09:23:42.0771 0x6b560  Ucx01000 - ok
09:23:42.0775 0x6b560  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
09:23:42.0786 0x6b560  UdeCx - ok
09:23:42.0795 0x6b560  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
09:23:42.0818 0x6b560  udfs - ok
09:23:42.0823 0x6b560  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
09:23:42.0834 0x6b560  UEFI - ok
09:23:42.0838 0x6b560  [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
09:23:42.0849 0x6b560  UevAgentDriver - ok
09:23:42.0872 0x6b560  [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\WINDOWS\system32\AgentService.exe
09:23:42.0924 0x6b560  UevAgentService - ok
09:23:42.0933 0x6b560  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
09:23:42.0948 0x6b560  Ufx01000 - ok
09:23:42.0954 0x6b560  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
09:23:42.0966 0x6b560  UfxChipidea - ok
09:23:42.0971 0x6b560  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
09:23:42.0985 0x6b560  ufxsynopsys - ok
09:23:42.0994 0x6b560  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
09:23:43.0009 0x6b560  UI0Detect - ok
09:23:43.0014 0x6b560  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
09:23:43.0025 0x6b560  umbus - ok
09:23:43.0029 0x6b560  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
09:23:43.0040 0x6b560  UmPass - ok
09:23:43.0049 0x6b560  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
09:23:43.0071 0x6b560  UmRdpService - ok
09:23:43.0094 0x6b560  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
09:23:43.0146 0x6b560  UnistoreSvc - ok
09:23:43.0161 0x6b560  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
09:23:43.0194 0x6b560  upnphost - ok
09:23:43.0198 0x6b560  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
09:23:43.0209 0x6b560  UrsChipidea - ok
09:23:43.0213 0x6b560  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
09:23:43.0221 0x6b560  UrsCx01000 - ok
09:23:43.0226 0x6b560  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
09:23:43.0235 0x6b560  UrsSynopsys - ok
09:23:43.0240 0x6b560  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
09:23:43.0256 0x6b560  USBAAPL64 - ok
09:23:43.0262 0x6b560  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
09:23:43.0275 0x6b560  usbccgp - ok
09:23:43.0281 0x6b560  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
09:23:43.0296 0x6b560  usbcir - ok
09:23:43.0303 0x6b560  [ 5F446E44B402B5FD12056EA57F929E42, 1EFE583AFBFD36E1CCD8F933A0476661BD213FA18FD4352066CA2F28C1D63C7E ] UsbClientService C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
09:23:43.0315 0x6b560  UsbClientService - ok
09:23:43.0320 0x6b560  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
09:23:43.0332 0x6b560  usbehci - ok
09:23:43.0344 0x6b560  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
09:23:43.0364 0x6b560  usbhub - ok
09:23:43.0377 0x6b560  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
09:23:43.0398 0x6b560  USBHUB3 - ok
09:23:43.0403 0x6b560  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
09:23:43.0414 0x6b560  usbohci - ok
09:23:43.0418 0x6b560  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
09:23:43.0431 0x6b560  usbprint - ok
09:23:43.0436 0x6b560  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
09:23:43.0448 0x6b560  usbser - ok
09:23:43.0462 0x6b560  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
09:23:43.0476 0x6b560  USBSTOR - ok
09:23:43.0480 0x6b560  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
09:23:43.0493 0x6b560  usbuhci - ok
09:23:43.0501 0x6b560  [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
09:23:43.0518 0x6b560  usbvideo - ok
09:23:43.0527 0x6b560  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
09:23:43.0544 0x6b560  USBXHCI - ok
09:23:43.0573 0x6b560  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
09:23:43.0634 0x6b560  UserDataSvc - ok
09:23:43.0658 0x6b560  [ 8F6DAAFDDDA27D83ACC8C7FF1536CAF6, 5E1B67A5B388CBB3B193C238546BAD4DC5F5DF54859E16607A60681E6D38FA73 ] UserManager     C:\WINDOWS\System32\usermgr.dll
09:23:43.0708 0x6b560  UserManager - ok
09:23:43.0722 0x6b560  [ C7CC4F8EA7FC1DE4221103B39360ABA0, 00B12186D731C3869022DCE763B243123D4E0B9BD0EA52AD9C95F9416F13FFD1 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
09:23:43.0763 0x6b560  UsoSvc - ok
09:23:43.0769 0x6b560  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
09:23:43.0779 0x6b560  VaultSvc - ok
09:23:43.0798 0x6b560  [ E0BDAB45FEB6A1931A67252CB1396198, BAB0834B9D4BFC48E64F04826D11786780F00CA5A3EA9B753B10A0373299EDE9 ] VBoxDrv         C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
09:23:43.0823 0x6b560  VBoxDrv - ok
09:23:43.0830 0x6b560  [ F429FED78CC80F85BD55CDA8403FD681, 581579E2616D4F69B068BC37C63DD0EC87AE28F1D011B9564EB7756A1FD22A9F ] VBoxNetAdp      C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys
09:23:43.0839 0x6b560  VBoxNetAdp - ok
09:23:43.0845 0x6b560  [ 9A0B657A56AFC4F7E9C00E130A45FC08, C7BA38E3EA8CC9B3417791F462A5287ECE07F297A4FAB79FA411C50AF70AF234 ] VBoxNetLwf      C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys
09:23:43.0854 0x6b560  VBoxNetLwf - ok
09:23:43.0861 0x6b560  [ A6E84BD62BE092FD417B37C1743026D6, F1DA6AC17B6EA296D64B1D7FF128A6905DC4A4E2EB176F38087A784BB4289ED3 ] VBoxUSB         C:\WINDOWS\System32\Drivers\VBoxUSB.sys
09:23:43.0870 0x6b560  VBoxUSB - ok
09:23:43.0876 0x6b560  [ 992352A818AA2E67E3724C056C7385D7, 0A0B4CFCC7AA5AE19B3864E5EC3FE4C1CA7D371BFE5E48047D2893576A601FD9 ] VBoxUSBMon      C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
09:23:43.0886 0x6b560  VBoxUSBMon - ok
09:23:43.0891 0x6b560  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
09:23:43.0901 0x6b560  vdrvroot - ok
09:23:43.0916 0x6b560  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds             C:\WINDOWS\System32\vds.exe
09:23:43.0949 0x6b560  vds - ok
09:23:43.0958 0x6b560  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
09:23:43.0971 0x6b560  VerifierExt - ok
09:23:43.0986 0x6b560  [ C12B4859FC255AA6B3021CF8BB14A11F, E95922351825D23ABCADD173E9256FC9AFFF28555DD1971CFF5666A2055958C5 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
09:23:44.0012 0x6b560  vhdmp - ok
09:23:44.0017 0x6b560  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
09:23:44.0030 0x6b560  vhf - ok
09:23:44.0040 0x6b560  [ 3F82D17D3D418CF298110A19F007F7A6, DA9646BBF2A94CB7330E46D9AF123E269CA03D2C733F58F95A3C648829EF3E8B ] virtual_file    C:\WINDOWS\system32\DRIVERS\virtual_file.sys
09:23:44.0052 0x6b560  virtual_file - ok
09:23:44.0057 0x6b560  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
09:23:44.0068 0x6b560  vmbus - ok
09:23:44.0072 0x6b560  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
09:23:44.0083 0x6b560  VMBusHID - ok
09:23:44.0088 0x6b560  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
09:23:44.0098 0x6b560  vmgid - ok
09:23:44.0107 0x6b560  [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
09:23:44.0126 0x6b560  vmicguestinterface - ok
09:23:44.0134 0x6b560  [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
09:23:44.0155 0x6b560  vmicheartbeat - ok
09:23:44.0162 0x6b560  [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
09:23:44.0181 0x6b560  vmickvpexchange - ok
09:23:44.0191 0x6b560  [ DC3172A6EB5DDB5EF94CB734CB7D4E63, 812971E0C2C18C876FFC9A46F1563801894C2EE9DD01CE1A641A0C68C0C1C6E2 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
09:23:44.0213 0x6b560  vmicrdv - ok
09:23:44.0222 0x6b560  [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
09:23:44.0240 0x6b560  vmicshutdown - ok
09:23:44.0247 0x6b560  [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
09:23:44.0266 0x6b560  vmictimesync - ok
09:23:44.0275 0x6b560  [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
09:23:44.0295 0x6b560  vmicvmsession - ok
09:23:44.0304 0x6b560  [ DC3172A6EB5DDB5EF94CB734CB7D4E63, 812971E0C2C18C876FFC9A46F1563801894C2EE9DD01CE1A641A0C68C0C1C6E2 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
09:23:44.0327 0x6b560  vmicvss - ok
09:23:44.0332 0x6b560  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
09:23:44.0344 0x6b560  volmgr - ok
09:23:44.0355 0x6b560  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
09:23:44.0370 0x6b560  volmgrx - ok
09:23:44.0381 0x6b560  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
09:23:44.0397 0x6b560  volsnap - ok
09:23:44.0402 0x6b560  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
09:23:44.0414 0x6b560  volume - ok
09:23:44.0419 0x6b560  [ 04BEC879AD7B3FDDD0339B19FECB0160, 8C92755DDB41AD7DDA1643D7F32FAA0FCA7E2C65C69611EB5EC1B3276EA8DBC7 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
09:23:44.0429 0x6b560  vpci - ok
09:23:44.0436 0x6b560  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
09:23:44.0447 0x6b560  vsmraid - ok
09:23:44.0474 0x6b560  [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS             C:\WINDOWS\system32\vssvc.exe
09:23:44.0535 0x6b560  VSS - ok
09:23:44.0548 0x6b560  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
09:23:44.0567 0x6b560  VSTXRAID - ok
09:23:44.0572 0x6b560  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
09:23:44.0587 0x6b560  vwifibus - ok
09:23:44.0593 0x6b560  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
09:23:44.0607 0x6b560  vwififlt - ok
09:23:44.0612 0x6b560  [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
09:23:44.0626 0x6b560  vwifimp - ok
09:23:44.0640 0x6b560  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\WINDOWS\system32\w32time.dll
09:23:44.0670 0x6b560  W32Time - ok
09:23:44.0675 0x6b560  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
09:23:44.0687 0x6b560  WacomPen - ok
09:23:44.0700 0x6b560  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\WINDOWS\system32\WalletService.dll
09:23:44.0729 0x6b560  WalletService - ok
09:23:44.0735 0x6b560  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:23:44.0753 0x6b560  wanarp - ok
09:23:44.0757 0x6b560  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:23:44.0777 0x6b560  wanarpv6 - ok
09:23:44.0809 0x6b560  [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine        C:\WINDOWS\system32\wbengine.exe
09:23:44.0872 0x6b560  wbengine - ok
09:23:44.0894 0x6b560  [ 6BE945D6DE02713BAD8627205CDF9F48, F6548EAF5D67DA4682D8B31E5B565606DEAAB9276B44F25F1A4203AB61B9400B ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
09:23:44.0932 0x6b560  WbioSrvc - ok
09:23:44.0939 0x6b560  [ CD24DEEA22152524CCFE859591D12A57, C60ACF77647E5D6EDC10BBBCF974DF264145123C8EDB6506AFA9C949EBA53D7F ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
09:23:44.0951 0x6b560  wcifs - ok
09:23:44.0967 0x6b560  [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
09:23:45.0006 0x6b560  Wcmsvc - ok
09:23:45.0018 0x6b560  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
09:23:45.0044 0x6b560  wcncsvc - ok
09:23:45.0049 0x6b560  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
09:23:45.0061 0x6b560  wcnfs - ok
09:23:45.0066 0x6b560  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
09:23:45.0078 0x6b560  WdBoot - ok
09:23:45.0097 0x6b560  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
09:23:45.0122 0x6b560  Wdf01000 - ok
09:23:45.0131 0x6b560  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
09:23:45.0149 0x6b560  WdFilter - ok
09:23:45.0154 0x6b560  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
09:23:45.0173 0x6b560  WdiServiceHost - ok
09:23:45.0178 0x6b560  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
09:23:45.0194 0x6b560  WdiSystemHost - ok
09:23:45.0210 0x6b560  [ 373DF27CD5D5E50FFA2A90FEE0C0D994, 09E6C6C690AEE1C1A9A84BBA87A934040B2A20F677E5F5B2D24F8433B61BD81E ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
09:23:45.0244 0x6b560  wdiwifi - ok
09:23:45.0251 0x6b560  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
09:23:45.0263 0x6b560  WdNisDrv - ok
09:23:45.0266 0x6b560  WdNisSvc - ok
09:23:45.0274 0x6b560  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\WINDOWS\System32\webclnt.dll
09:23:45.0296 0x6b560  WebClient - ok
09:23:45.0303 0x6b560  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
09:23:45.0323 0x6b560  Wecsvc - ok
09:23:45.0328 0x6b560  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
09:23:45.0343 0x6b560  WEPHOSTSVC - ok
09:23:45.0349 0x6b560  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
09:23:45.0371 0x6b560  wercplsupport - ok
09:23:45.0378 0x6b560  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
09:23:45.0398 0x6b560  WerSvc - ok
09:23:45.0405 0x6b560  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
09:23:45.0417 0x6b560  WFPLWFS - ok
09:23:45.0423 0x6b560  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
09:23:45.0438 0x6b560  WiaRpc - ok
09:23:45.0442 0x6b560  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
09:23:45.0453 0x6b560  WIMMount - ok
09:23:45.0456 0x6b560  WinDefend - ok
09:23:45.0467 0x6b560  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
09:23:45.0481 0x6b560  WindowsTrustedRT - ok
09:23:45.0486 0x6b560  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
09:23:45.0498 0x6b560  WindowsTrustedRTProxy - ok
09:23:45.0515 0x6b560  [ C9E7D91A044B77CBCB4121C06610A86C, 9FF039D67A5CE4732920EA4F1F5CFD9DE0AAADC34829A007EA697030D42D3623 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
09:23:45.0552 0x6b560  WinHttpAutoProxySvc - ok
09:23:45.0558 0x6b560  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
09:23:45.0569 0x6b560  WinMad - ok
09:23:45.0578 0x6b560  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
09:23:45.0596 0x6b560  Winmgmt - ok
09:23:45.0646 0x6b560  [ F86E9029774478D276E0AAB7D169896D, EDCB96F745E1F16BDFF70B140B38412096FA29A407157183223AE6111CBB4B38 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
09:23:45.0756 0x6b560  WinRM - ok
09:23:45.0770 0x6b560  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
09:23:45.0782 0x6b560  WINUSB - ok
09:23:45.0787 0x6b560  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
09:23:45.0798 0x6b560  WinVerbs - ok
09:23:45.0812 0x6b560  [ 4D694EDF85F1BFC463B15846D4E00A9B, 4ED44C0E22D2843121E4C8A58F97B526BB7D85C0D7A0BB4B1158A970258C791E ] wisvc           C:\WINDOWS\system32\flightsettings.dll
09:23:45.0843 0x6b560  wisvc - ok
09:23:45.0885 0x6b560  [ 0ECFEB0CABA7FEE6E14FAD5D6BF4777E, 7C8F69E1B04B5F7853D18216C91233B7DD53760281B295DA7D23024C0D4B378A ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
09:23:45.0976 0x6b560  WlanSvc - ok
09:23:46.0016 0x6b560  [ 7A98AF088E0B1A5EB98863B14F493716, 8B2F8D02AC0637C72859AF29C05C01D7D1C81C6A15CBE2D579F27F3254E66076 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
09:23:46.0110 0x6b560  wlidsvc - ok
09:23:46.0117 0x6b560  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
09:23:46.0129 0x6b560  WmiAcpi - ok
09:23:46.0137 0x6b560  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
09:23:46.0155 0x6b560  wmiApSrv - ok
09:23:46.0159 0x6b560  WMPNetworkSvc - ok
09:23:46.0168 0x6b560  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
09:23:46.0190 0x6b560  Wof - ok
09:23:46.0232 0x6b560  [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
09:23:46.0317 0x6b560  workfolderssvc - ok
09:23:46.0327 0x6b560  [ 79BC1B53D405EF546D3B809C6D1699ED, 9D68AC3B0AC24AE87F6152BF4B55E1EC19F2562602C04C3640C380B5B1E8FE76 ] WO_LiveService2 C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe
09:23:46.0341 0x6b560  WO_LiveService2 - ok
09:23:46.0347 0x6b560  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
09:23:46.0363 0x6b560  WPDBusEnum - ok
09:23:46.0369 0x6b560  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
09:23:46.0378 0x6b560  WpdUpFltr - ok
09:23:46.0387 0x6b560  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
09:23:46.0410 0x6b560  WpnService - ok
09:23:46.0415 0x6b560  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
09:23:46.0432 0x6b560  WpnUserService - ok
09:23:46.0440 0x6b560  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
09:23:46.0453 0x6b560  ws2ifsl - ok
09:23:46.0461 0x6b560  [ 519806FBCF00A0B17B8E03297DB0F551, 1911EA7168B06DBF3D36833120E4731437BF1ACC294C289B132C50280A40F548 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
09:23:46.0483 0x6b560  wscsvc - ok
09:23:46.0487 0x6b560  [ 696EC2EAA2A42A137CCBB9A84D6917C0, 424089F4F373962AF8357C5D4D43F35948989BE3F58EAD3690F565F4C1BBC66F ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
09:23:46.0503 0x6b560  WSDPrintDevice - ok
09:23:46.0510 0x6b560  [ 3AA0D972025DB9D298D2AB8513F51ABC, 5B610C6AB50517586740E22EDE739CBFF6D7E88E5F6706787FF86730880BACD3 ] WsDrvInst       C:\Program Files (x86)\Wondershare\TunesGo Retro\DriverInstall.exe
09:23:46.0521 0x6b560  WsDrvInst - ok
09:23:46.0525 0x6b560  WSearch - ok
09:23:46.0570 0x6b560  [ 3E63CC6D9F6EEACCCCA2837B812A96CD, 3B472BD0DACB07F0AA70373D20B0CF0241EAC48500B3ED6C6C8D13DD5947C43F ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
09:23:46.0667 0x6b560  wuauserv - ok
09:23:46.0675 0x6b560  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
09:23:46.0692 0x6b560  WudfPf - ok
09:23:46.0701 0x6b560  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
09:23:46.0721 0x6b560  WUDFRd - ok
09:23:46.0727 0x6b560  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
09:23:46.0745 0x6b560  wudfsvc - ok
09:23:46.0753 0x6b560  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:23:46.0774 0x6b560  WUDFWpdFs - ok
09:23:46.0780 0x6b560  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:23:46.0798 0x6b560  WUDFWpdMtp - ok
09:23:46.0826 0x6b560  [ 42DF36725C1B28EF40F94363BA9213ED, 87F7355FEF000326BFFC9ED24D6E32D05F36A549779A1D319603F94E6D8223FD ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
09:23:46.0887 0x6b560  WwanSvc - ok
09:23:46.0912 0x6b560  [ 38DDEB2AFE7D72B43DB116DACBFB97CD, 516368980793E22034298CA9C800D1AAD5B89979771182B74EB6E5FBC8BA1016 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
09:23:46.0968 0x6b560  XblAuthManager - ok
09:23:46.0994 0x6b560  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
09:23:47.0045 0x6b560  XblGameSave - ok
09:23:47.0063 0x6b560  [ 59335CEA021FB89E07AD5DB5D17F09D0, 33FEFD5798BFA306FBEDCC8F2D0D984B6546A61B5026E921A8AC0466ADF2B698 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
09:23:47.0083 0x6b560  xboxgip - ok
09:23:47.0106 0x6b560  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
09:23:47.0165 0x6b560  XboxNetApiSvc - ok
09:23:47.0172 0x6b560  [ 864F4209B03BE4267DDE09B067A165CA, C6751CB80940F320A742C38295E4FEEC85F99BE7D6C564AC5F5068E85A82421D ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
09:23:47.0186 0x6b560  xinputhid - ok
09:23:47.0199 0x6b560  [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
09:23:47.0215 0x6b560  ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
09:23:47.0255 0x6b560  Detect skipped due to KSN trusted
09:23:47.0255 0x6b560  ZAtheros Bt and Wlan Coex Agent - ok
09:23:47.0266 0x6b560  [ 77640C18D4130E84632A2B7EB3B7EA8E, 8C6133B93080737CAD3036BA0A484D11F997F54A4885261D4649C65A6BB37F19 ] {41E8078B-96D9-42DC-8789-A1CF102CD880} C:\Program Files (x86)\CyberLink\PowerDVD16\Common\NavFilter\000.fcl
09:23:47.0273 0x6b560  {41E8078B-96D9-42DC-8789-A1CF102CD880} - ok
09:23:47.0291 0x6b560  ================ Scan global ===============================
09:23:47.0296 0x6b560  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
09:23:47.0308 0x6b560  [ 1FEF9536BA2779E2F3CB524E34BAC715, 6387C7E2FD538EFD9AC19B622AEC81F6F924576FDAB6F003AF5B6CBD33F6A379 ] C:\WINDOWS\system32\winsrv.dll
09:23:47.0324 0x6b560  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
09:23:47.0340 0x6b560  [ 133390D061D94917125DC666DA67ECD0, 69D6FFF3E0A0C4D77A62B4D71E1E3A8D10D93C46782A1B05F0EC4B8919C384B9 ] C:\WINDOWS\system32\services.exe
09:23:47.0347 0x6b560  [ Global ] - ok
09:23:47.0348 0x6b560  ================ Scan MBR ==================================
09:23:47.0353 0x6b560  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:23:47.0376 0x6b560  \Device\Harddisk0\DR0 - ok
09:23:47.0378 0x6b560  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
09:23:47.0397 0x6b560  \Device\Harddisk1\DR1 - ok
09:23:47.0398 0x6b560  ================ Scan VBR ==================================
09:23:47.0400 0x6b560  [ D0210EBD38C9759A5E15873A8F694748 ] \Device\Harddisk0\DR0\Partition1
09:23:47.0400 0x6b560  \Device\Harddisk0\DR0\Partition1 - ok
09:23:47.0403 0x6b560  [ 6D4332CEB8E1E3FB69EFEFA758EBABCF ] \Device\Harddisk0\DR0\Partition2
09:23:47.0404 0x6b560  \Device\Harddisk0\DR0\Partition2 - ok
09:23:47.0407 0x6b560  [ 944A5071DD072FE9EDAA6FDB250DEC14 ] \Device\Harddisk1\DR1\Partition1
09:23:47.0408 0x6b560  \Device\Harddisk1\DR1\Partition1 - ok
09:23:47.0410 0x6b560  [ 01B3906E8E0FD4D7530C34D66E5E738F ] \Device\Harddisk1\DR1\Partition2
09:23:47.0411 0x6b560  \Device\Harddisk1\DR1\Partition2 - ok
09:23:47.0413 0x6b560  [ 8569A34794AB3CE7B60FB357FADFEA60 ] \Device\Harddisk1\DR1\Partition3
09:23:47.0413 0x6b560  \Device\Harddisk1\DR1\Partition3 - ok
09:23:47.0416 0x6b560  [ 71BC3AEA3C967FD4929C75F9AAE59798 ] \Device\Harddisk1\DR1\Partition4
09:23:47.0418 0x6b560  \Device\Harddisk1\DR1\Partition4 - ok
09:23:47.0420 0x6b560  [ 362FE74F7A7321792745D4FDC1F35C27 ] \Device\Harddisk1\DR1\Partition5
09:23:47.0421 0x6b560  \Device\Harddisk1\DR1\Partition5 - ok
09:23:47.0423 0x6b560  [ 11683F347371BB55F13112724A67F589 ] \Device\Harddisk1\DR1\Partition6
09:23:47.0423 0x6b560  \Device\Harddisk1\DR1\Partition6 - ok
09:23:47.0426 0x6b560  [ E536E1FEAB06E2AEE7F51DF6A00051B4 ] \Device\Harddisk1\DR1\Partition7
09:23:47.0426 0x6b560  \Device\Harddisk1\DR1\Partition7 - ok
09:23:47.0427 0x6b560  ================ Scan generic autorun ======================
09:23:47.0428 0x6b560  ETDCtrl - ok
09:23:47.0439 0x6b560  [ D159B3B505CEE62F8D10ECDA579BD606, 8FCC605CF54C2C9E9AE1BE2DDF6AF093D0A5288DE1EEFB9941EA0EC32DBD267F ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
09:23:47.0459 0x6b560  Acronis Scheduler2 Service - ok
09:23:47.0475 0x6b560  [ A7296BC11F8EC947C67951146FC6D5A3, C389A2A163256C0BAF9B061343D4F000313FEB6D1A36F6E4F9771271A9D9F43B ] C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
09:23:47.0496 0x6b560  Samsung Link - ok
09:23:47.0502 0x6b560  [ ADEA393B2B49EB25578702F4F5525E93, 8F0AB94BEA3751C566CBFF2F9A29495CCAC029DE3721107BBA892A418FD70581 ] C:\Program Files\iTunes\iTunesHelper.exe
09:23:47.0514 0x6b560  iTunesHelper - ok
09:23:47.0593 0x6b560  [ C1FD98DEC4C671B515E474D9389327E9, 5AB932EFFE99C000E57543597784BC00292B7B3864DB96D3F785FA2C5B9E4ABA ] C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe
09:23:47.0702 0x6b560  Ashampoo WinOptimizer Live-Tuner2 - ok
09:23:47.0792 0x6b560  [ 9929483D4AC95843BBA8863DDDB3169F, 8781DDEA432949D7BCE509A6FB125D65113E08F3C715CD731659E84230B32A1F ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
09:23:47.0898 0x6b560  TrueImageMonitor.exe - ok
09:23:47.0906 0x6b560  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
09:23:47.0915 0x6b560  HP Software Update - ok
09:23:47.0928 0x6b560  [ 2A26BDCD8313E545D7489BC39DC68988, B11858CE289FF38A58AA43C0128EF304911934E7A1E90C524640B6DB10FE21E8 ] C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe
09:23:47.0944 0x6b560  PowerDVD16Agent - ok
09:23:47.0958 0x6b560  [ 6EACC43D0542EF88226FB34B0B12EDB0, 6345E4B49D7F804F6DE042F981AB172822B6AB74C42209BEFB0582B019430884 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
09:23:47.0976 0x6b560  SunJavaUpdateSched - ok
09:23:47.0981 0x6b560  [ 798C9A56A5232139D8E9C493B5970BED, 985FB428D05EC52BB8C7D28FAD9C9A1DF5FFC10ABF6CB7FAF7545F6E6663F5A6 ] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
09:23:47.0988 0x6b560  ProductUpdater - detected UnsignedFile.Multi.Generic ( 1 )
09:23:48.0021 0x6b560  Detect skipped due to KSN trusted
09:23:48.0021 0x6b560  ProductUpdater - ok
09:23:48.0060 0x6b560  [ 12DDA5DE47461555B28954C6711399B4, 35AD5AD8C6E0479EC2FCEBEFA38E69227E5178B9B9D70E7891F9CEBE7491B80A ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
09:23:48.0109 0x6b560  Wondershare Helper Compact.exe - ok
09:23:48.0120 0x6b560  [ 367C0DDBB49D85EAC7BD70288305C566, D72547B7F7C6BAB702DA51E5257C146EAA01F8AA67DBA6B488E1136FF157A0A2 ] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
09:23:48.0134 0x6b560  AcronisTibMounterMonitor - ok
09:23:48.0135 0x6b560  Malwarebytes Anti-Exploit - ok
09:23:48.0187 0x6b560  [ B023DE11916C2B9048FC01B0AFE0EF66, A6E929CF62D9CE3A7E1909B64829A678C60BC94FAD4FDAA0178D28FC932F722B ] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
09:23:48.0250 0x6b560  KeePass 2 PreLoad - ok
09:23:48.0257 0x6b560  [ E127B5D81CE968CD3858AF6BDCADEC7C, AF426B8259E2801679A8E3FAE42B617D0DA1D4E834DF0F7B1FD93AB5E64CBE34 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
09:23:48.0265 0x6b560  Avira SystrayStartTrigger - ok
09:23:48.0267 0x6b560  [ 256F960FABA68B4F0298B43A680A982F, F8F4C5449B73256D75357CE572726D4D968BAD0FCFFF5576791FFBC07C565528 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe
09:23:48.0275 0x6b560  Avira System Speedup User Starter - ok
09:23:48.0297 0x6b560  [ ABE3CD91271DA8A9AFA62B9AF0E18F85, 59FCDEE6A0ECC300646CED15ECC80CEA0DB105C2C6140D8C9D8FAC9C13D92BEB ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
09:23:48.0317 0x6b560  avgnt - ok
09:23:48.0487 0x6b560  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:23:48.0691 0x6b560  OneDriveSetup - ok
09:23:48.0862 0x6b560  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:23:49.0050 0x6b560  OneDriveSetup - ok
09:23:49.0072 0x6b560  [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\hochs\AppData\Local\Microsoft\OneDrive\OneDrive.exe
09:23:49.0091 0x6b560  OneDrive - ok
09:23:49.0095 0x6b560  [ B8B49465436831BCAB9240153CC7E81E, 201C82AE84D15D39D087D62051E5547E982890ED344E73C77F8AE1302B1A495F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
09:23:49.0102 0x6b560  iCloudServices - ok
09:23:49.0124 0x6b560  [ DE2E1198B4D01AA71F35350BEECFA519, 51806EE62498D989B47781C716BF41797B922B070AE939EDBF971C666C324BB2 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
09:23:49.0153 0x6b560  AppleIEDAV - ok
09:23:49.0159 0x6b560  [ C4DA7E331F756620CD18FF925D2597C1, 0FBEA1A3D688263D7A9DC8E08E91AC8198CF1B37E781DFDE2603ECE3BD768415 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
09:23:49.0167 0x6b560  iCloudDrive - ok
09:23:49.0176 0x6b560  [ E70B52CB164F306F938712D50E6402D1, 51A53C8D4C623118B5189F2EDAC5F27853E1FE74FAA762CFEE2B6A5FD45932DC ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
09:23:49.0190 0x6b560  iCloudPhotos - ok
09:23:49.0191 0x6b560  Adobe Acrobat Synchronizer - ok
09:23:49.0241 0x6b560  [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
09:23:49.0298 0x6b560  HP Officejet 6700 (NET) - ok
09:23:49.0378 0x6b560  [ EE5509111E1E0A2ADDB394D97BDB4F26, 8E4633E819CB202A1882FAD4E977D24678800022BF71DFF6634B47EC60FB7FDC ] C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe
09:23:49.0474 0x6b560  AudialsNotifier - ok
09:23:49.0559 0x6b560  [ A4E63989975DB877275CA3C77A0B301E, 2F0C9F08A2113C7DA2EF4581271BE73ECFA9CBC54F7B181841E7FF765538E011 ] C:\Program Files (x86)\CounterPath\Bria 4\Bria4.exe
09:23:49.0666 0x6b560  Bria 4 - ok
09:23:49.0675 0x6b560  [ 72EC72C46C46D41CFB1C08418CE08725, 40DE136C69D8F3F2762C30F35E0F7B1BB62F099BA4F33401163EE13DE93F9BE5 ] C:\Users\hochs\AppData\Roaming\Yahoo Messenger\YMUpdater\YMUpdater.exe
09:23:49.0690 0x6b560  Yahoo Messenger Updater - ok
09:23:49.0692 0x6b560  Yahoo Messenger - ok
09:23:49.0852 0x6b560  [ 16FC969FA39003941452B3E7C8B35BDF, 875C881C54AB5D75DBBC7B9CA0D5E629417365DF53FDD4498A7DE657762F97F8 ] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
09:23:50.0152 0x6b560  Free Download Manager - detected UnsignedFile.Multi.Generic ( 1 )
09:23:50.0190 0x6b560  Detect skipped due to KSN trusted
09:23:50.0190 0x6b560  Free Download Manager - ok
09:23:50.0210 0x6b560  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
09:23:50.0243 0x6b560  SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
09:23:50.0276 0x6b560  Detect skipped due to KSN trusted
09:23:50.0276 0x6b560  SpybotPostWindows10UpgradeReInstall - ok
09:23:50.0280 0x6b560  [ F50F291B426BC96CBC756E6E3767289D, 66A918A6FB2DBFC8351317C074553B1ABDCA15FF934F91EBED9AB234819C2EA2 ] C:\Program Files (x86)\Sticky Password\stpass.exe
09:23:50.0287 0x6b560  StickyPassword - ok
09:23:50.0290 0x6b560  [ F50F291B426BC96CBC756E6E3767289D, 66A918A6FB2DBFC8351317C074553B1ABDCA15FF934F91EBED9AB234819C2EA2 ] C:\Program Files (x86)\Sticky Password\stpass.exe
09:23:50.0297 0x6b560  StickyPassword - ok
09:23:50.0445 0x6b560  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:23:50.0642 0x6b560  OneDriveSetup - ok
09:23:50.0660 0x6b560  [ 2781E6EF593909A8B73FE1AD397F778A, E892D6C57F8903E20129E75A9B877690229280FD8106B5C7F96173175EA1AC4E ] C:\Program Files (x86)\Windows Mail\wab.exe
09:23:50.0692 0x6b560  WAB Migrate - ok
09:23:50.0693 0x6b560  Waiting for KSN requests completion. In queue: 27
09:23:51.0703 0x6b560  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.19.163 ), 0x41000 ( enabled : updated )
09:23:51.0703 0x6b560  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.0 ), 0x60100 ( disabled : updated )
09:23:51.0706 0x6b560  Win FW state via NFP2: enabled ( trusted )
09:23:51.0776 0x6b560  ============================================================
09:23:51.0776 0x6b560  Scan finished
09:23:51.0776 0x6b560  ============================================================
09:23:51.0781 0x6b738  Detected object count: 1
09:23:51.0781 0x6b738  Actual detected object count: 1
09:24:36.0757 0x6b738  chip1click ( UnsignedFile.Multi.Generic ) - skipped by user
09:24:36.0757 0x6b738  chip1click ( UnsignedFile.Multi.Generic ) - User select action: Skip
         


Alt 07.09.2016, 13:15   #6
Deathkid535
/// Malwareteam
 
Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus - Standard

Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus



Hi,

Schritt # 1: MBAM

Lade dir, falls nicht schon vorhanden, Malwarebytes Anti-Malware herunter, installiere und starte es.
  • Gehe in die Einstellungen, unter Erkennung und Schutz und setze den Haken für Suche nach Rootkits
  • Wechsle ins Amaturenbrett und klicke auf Jetzt Scannen
  • Nachdem der Suchlauf abgeschlossen ist, verschiebe alle vorhandenen Funde in die Quarantäne.
  • Nachdem der PC neu gestartet hat, findest du unter dem Punkt Verlauf dein Logfile. Poste mir dieses hier.



Schritt # 2: AdwCleaner

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Schritt # 3: FRST

Und noch ein frisches FRST-Log bitte.



Schritt # 4: Bitte Posten
  • Das Log von MBAM
  • Das Log von AdwCleaner
  • Das frische FRST-Log
__________________
--> Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus

Alt 07.09.2016, 16:30   #7
powerzug
 
Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus - Standard

Hier das Log von MBAN



Lieber Dennis

Danke für deine Hilfe, hier das Log von MBAN :

Code:
ATTFilter
<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2016/09/07 16:49:35 +0200</date>
<logfile>mbam-log-2016-09-07 (16-49-14).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.2.1.1043</version>
<malware-database>v2016.09.07.06</malware-database>
<rootkit-database>v2016.08.15.01</rootkit-database>
<license>premium</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<hostname>DESKTOP-GBIJB17</hostname>
<ip>192.168.1.20</ip>
<osversion>Windows 10</osversion>
<arch>x64</arch>
<username>admin</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>428196</objects>
<time>333</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>0</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
</items>
</mbam-log>
         
Code:
ATTFilter
<?xml version="1.0" encoding="UTF-8" ?>
<logs>
   <record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:17.162743+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="eba49f95-1fe1-4b0c-b5b8-97b646a9390f" result="Starting" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:17.167747+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="85c85f3e-74cc-4b67-9086-15b22c866286" result="Started" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:17.182749+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="e02deb65-b4f8-4a65-bb59-c64a441b201a" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:18.063509+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="3e74c914-ad71-493f-8ed6-d2f5d755bbf5" result="Started" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="1" datetime="2016-09-07T16:49:33.425455+02:00" source="Manual" type="Update" username="SYSTEM" systemname="DESKTOP-GBIJB17" fromVersion="2016.2.12.1" last_modified_tag="f5959d8a-3754-40f5-9f47-0ba3dcc9d19f" name="Remediation Database" toVersion="2016.8.31.1"></record>
   <record severity="debug" LoggingEventType="1" datetime="2016-09-07T16:49:33.461983+02:00" source="Manual" type="Update" username="SYSTEM" systemname="DESKTOP-GBIJB17" fromVersion="2016.2.8.1" last_modified_tag="9394d191-8473-4287-94d7-9679fe061489" name="Rootkit Database" toVersion="2016.8.15.1"></record>
   <record severity="debug" LoggingEventType="1" datetime="2016-09-07T16:49:33.475657+02:00" source="Manual" type="Update" username="SYSTEM" systemname="DESKTOP-GBIJB17" fromVersion="2016.2.8.1" last_modified_tag="fe3f1cdb-beba-450d-ba81-1bf5e47973b4" name="IP Database" toVersion="2016.9.7.1"></record>
   <record severity="debug" LoggingEventType="1" datetime="2016-09-07T16:49:33.631273+02:00" source="Manual" type="Update" username="SYSTEM" systemname="DESKTOP-GBIJB17" fromVersion="2016.2.16.8" last_modified_tag="10fa6932-c2e8-4c54-b9fe-78cc90a6ee3f" name="Domain Database" toVersion="2016.9.7.3"></record>
   <record severity="debug" LoggingEventType="1" datetime="2016-09-07T16:49:35.857218+02:00" source="Manual" type="Update" username="SYSTEM" systemname="DESKTOP-GBIJB17" fromVersion="2016.2.16.6" last_modified_tag="d215d326-05f3-4de6-a9f5-84b1448d37bc" name="Malware Database" toVersion="2016.9.7.6"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:35.883253+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="6f5a4e8b-eff7-4343-84f3-f9b50979e8f6" result="Starting" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:35.889244+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="89034231-18b0-4c89-8dcb-9f755ab6a32c" result="Stopping" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:36.175099+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="d606d382-2517-47aa-b136-13517df998be" result="Stopped" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:40.437247+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="df4dde4f-f08a-4edf-b1bb-d8ca1f5af30e" result="Success" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:40.448243+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="bd4ce68e-70d6-4a8e-adee-07b8b2036355" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:49:41.933872+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="6a741642-f842-4485-8cc0-4484f4e1a671" result="Started" subtype="Malicious Website Protection"></record>
   <record severity="debug" scantype="threat" LoggingEventType="6" starttime="2016-09-07T16:49:35+02:00" datetime="2016-09-07T16:55:09.372561+02:00" source="Context" type="Scan" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="71da74eb-3a63-4e33-bfce-e4f0e9b43dc2" duration="333" malwaredetections="0" nonmalwaredetections="0" scanresult="completed"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:57:48.303397+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="ba6251ed-5892-483d-ba1e-a8d59b4b2ce0" result="Starting" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:57:48.309414+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="c8acf483-bd69-4ce9-b322-d66bf3de45ba" result="Started" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:57:48.326412+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="5a6e221b-62a3-48fe-8ad3-8010023a98ee" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-09-07T16:57:49.783248+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="DESKTOP-GBIJB17" last_modified_tag="3a457452-0e04-48c2-a92f-71e078bf3907" result="Started" subtype="Malicious Website Protection"></record>
</logs>
         
Hier das Log von Adw Cleaner :

Code:
ATTFilter
# AdwCleaner v6.010 - Bericht erstellt am 07/09/2016 um 17:06:12
# Aktualisiert am 12/08/2016 von ToolsLib
# Datenbank : 2016-09-06.1 [Server]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : admin - DESKTOP-GBIJB17
# Gestartet von : C:\Users\hochs\Downloads\AdwCleaner_6.010.exe
# Modus: Suchlauf
# Unterstützung : https://toolslib.net/forum



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Ordner Gefunden: C:\Program Files (x86)\Common Files\freemake shared


***** [ Dateien ] *****

Keine schädlichen Dateien gefunden.


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden: HKU\.DEFAULT\Software\OCS
Schlüssel Gefunden: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\Software\OCS
Schlüssel Gefunden: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\Software\INSTALLPATH\STATUS
Schlüssel Gefunden: HKU\S-1-5-21-2615813048-3284018108-3599952075-1004\Software\OCS
Schlüssel Gefunden: HKU\S-1-5-18\Software\OCS
Schlüssel Gefunden: HKCU\Software\OCS


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

\AdwCleaner\AdwCleaner[C1].txt - [13018 Bytes] - [08/08/2016 17:17:07]
\AdwCleaner\AdwCleaner[C2].txt - [2328 Bytes] - [16/08/2016 23:35:07]
\AdwCleaner\AdwCleaner[C3].txt - [1921 Bytes] - [28/08/2016 11:22:54]
\AdwCleaner\AdwCleaner[S1].txt - [12596 Bytes] - [08/08/2016 17:15:53]
\AdwCleaner\AdwCleaner[S2].txt - [2288 Bytes] - [16/08/2016 23:32:17]
\AdwCleaner\AdwCleaner[S3].txt - [2361 Bytes] - [16/08/2016 23:34:29]
\AdwCleaner\AdwCleaner[S4].txt - [1876 Bytes] - [28/08/2016 11:17:50]
\AdwCleaner\AdwCleaner[S5].txt - [1949 Bytes] - [28/08/2016 11:22:02]
\AdwCleaner\AdwCleaner[S6].txt - [2123 Bytes] - [07/09/2016 17:06:12]

########## EOF - \AdwCleaner\AdwCleaner[S6].txt - [2194 Bytes] ##########
         
Hier das Log von FRST :
[CODE]Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von hochs (ACHTUNG: der Benutzer ist kein Administrator) auf DESKTOP-GBIJB17 (07-09-2016 17:14:12)
Gestartet von C:\Users\hochs\Downloads
Geladene Profile: hochs (Verfügbare Profile: hochs & admin & Administrator)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

konnte nicht auf den Prozess zugreifen -> smss.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> wininit.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> services.exe
konnte nicht auf den Prozess zugreifen -> lsass.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> winlogon.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> dwm.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> dasHost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> nvvsvc.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> nvxdsync.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> spoolsv.exe
konnte nicht auf den Prozess zugreifen -> sched.exe
konnte nicht auf den Prozess zugreifen -> schedul2.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> AdminService.exe
konnte nicht auf den Prozess zugreifen -> Avira.VpnService.exe
konnte nicht auf den Prozess zugreifen -> Avira.SoftwareUpdater.ServiceHost.exe
konnte nicht auf den Prozess zugreifen -> avguard.exe
konnte nicht auf den Prozess zugreifen -> mDNSResponder.exe
konnte nicht auf den Prozess zugreifen -> Avira.ServiceHost.exe
konnte nicht auf den Prozess zugreifen -> chip 1-click installer.exe
konnte nicht auf den Prozess zugreifen -> BitBoxService.exe
konnte nicht auf den Prozess zugreifen -> vss-service-x64.exe
konnte nicht auf den Prozess zugreifen -> AGSService.exe
konnte nicht auf den Prozess zugreifen -> TeamViewer_Service.exe
konnte nicht auf den Prozess zugreifen -> app_updater.exe
konnte nicht auf den Prozess zugreifen -> Avira.SystemSpeedup.SpeedupService.exe
konnte nicht auf den Prozess zugreifen -> armsvc.exe
konnte nicht auf den Prozess zugreifen -> mbamscheduler.exe
konnte nicht auf den Prozess zugreifen -> afcdpsrv.exe
konnte nicht auf den Prozess zugreifen -> ManyCamService.exe
konnte nicht auf den Prozess zugreifen -> AllShareFrameworkManagerDMS.exe
konnte nicht auf den Prozess zugreifen -> Samsung Link.exe
konnte nicht auf den Prozess zugreifen -> Ath_CoexAgent.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> UsbClientService.exe
konnte nicht auf den Prozess zugreifen -> AppleMobileDeviceService.exe
konnte nicht auf den Prozess zugreifen -> Samsung Link.exe
konnte nicht auf den Prozess zugreifen -> vss-service-x64.exe
konnte nicht auf den Prozess zugreifen -> mms_mini.exe
konnte nicht auf den Prozess zugreifen -> AllShareFrameworkDMS.exe
konnte nicht auf den Prozess zugreifen -> conhost.exe
konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> avshadow.exe
konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe
konnte nicht auf den Prozess zugreifen -> avmailc7.exe
konnte nicht auf den Prozess zugreifen -> avwebg7.exe
konnte nicht auf den Prozess zugreifen -> GoogleUpdate.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(EJIE Technology) C:\Program Files (x86)\Clover\clover.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
konnte nicht auf den Prozess zugreifen -> iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
() C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe
(CounterPath) C:\Program Files (x86)\CounterPath\Bria 4\Bria4.exe
(Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe
(Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe
(Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe
(The CefSharp Authors) C:\Program Files (x86)\CounterPath\Bria 4\CefSharp.BrowserSubprocess.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(Alexander Miehlke Softwareentwicklung) C:\Program Files (x86)\TraXEx\TraXEx.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(AVM Software Inc.) C:\Program Files (x86)\Paltalk Messenger\paltalk.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
konnte nicht auf den Prozess zugreifen -> fontdrvhost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
konnte nicht auf den Prozess zugreifen -> HPSupportSolutionsFrameworkService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> mobile_backup_server.exe
konnte nicht auf den Prozess zugreifen -> mobile_backup_status_server.exe
konnte nicht auf den Prozess zugreifen -> syncagentsrv.exe
konnte nicht auf den Prozess zugreifen -> LiveTunerService.exe
konnte nicht auf den Prozess zugreifen -> NASvc.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
konnte nicht auf den Prozess zugreifen -> SearchProtocolHost.exe
konnte nicht auf den Prozess zugreifen -> SearchFilterHost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350232 2016-06-16] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [586352 2016-08-21] ()
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [615144 2016-03-09] (Samsung Electronics Co.,Ltd)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe [4164944 2016-07-01] (Ashampoo Development GmbH & Co. KG)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4657312 2016-08-21] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [PowerDVD16Agent] => C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe [525352 2016-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425352 2016-06-03] (Acronis International GmbH)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2779136 2016-06-11] (Dominik Reichl)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [18520 2016-08-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [830064 2016-09-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [DeleteOnReboot] => C:\Users\admin\AppData\Local\Temp\DeleteOnReboot.bat [100 2016-09-07] () <===== ACHTUNG
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Atheros Communications)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1084688 2016-04-21] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe [4535192 2016-06-09] ()
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Bria 4] => C:\Program Files (x86)\CounterPath\Bria 4\Bria4.exe [4734344 2016-07-11] (CounterPath)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Yahoo Messenger Updater] => C:\Users\hochs\AppData\Roaming\Yahoo Messenger\YMUpdater\YMUpdater.exe [115144 2016-08-18] (Yahoo!, Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Yahoo Messenger] => C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe [61315088 2016-08-18] (Yahoo! Inc)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Free Download Manager] => "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [64000 2016-08-10] (Lamantine Software a.s.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\MountPoints2: {3aefeae5-1f0f-11e6-9b9c-806e6f6e6963} - "E:\pcwstart.exe"
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2016-09-04]
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TraXEx 7.0.lnk [2016-09-01]
ShortcutTarget: TraXEx 7.0.lnk -> C:\Program Files (x86)\TraXEx\TraXEx.exe (Alexander Miehlke Softwareentwicklung)
Startup: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2016-08-14] ()
Startup: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2016-08-30]
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{312630d7-a3ea-4a35-adc2-e36214d724f3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{81c71945-0989-48f6-948e-0f58b3f79291}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9758ba7f-718c-4803-9b3d-86710972f7a9}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{fd990bb7-d9d2-4a29-aa70-f3b31832c661}: [DhcpNameServer] 10.143.14.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-06] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-06] (Oracle Corporation)
BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll [2014-01-23] (EJIE Technology)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-06] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-06] (Oracle Corporation)
BHO-x32: Kein Name -> {FFFFFEF0-5B30-21D4-945D-000000000000} -> C:\Program Files (x86)\Star Downloader\SDIEInt.dll [2006-02-26] ()
Toolbar: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)

Edge:
======
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.0.5.0_neutral__c1wakc4j0nefm []

FireFox:
========
FF ProfilePath: C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default
FF Homepage: hxxps://www.startpage.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-06] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-08-26] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-06] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-08-26] (LastPass)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-05-27] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-08-28] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-05-27] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Extension: (LastPass) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\extensions\support@lastpass.com [2016-08-26]
FF Extension: (SetupVPN) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\@setupvpncom.xpi [2016-09-02]
FF Extension: (Avira Browser Safety) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\abs@avira.com [2016-09-01]
FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2016-08-26]
FF Extension: (Avira SafeSearch Plus) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\safesearchplus2@avira.com [2016-09-01]
FF Extension: (Adblock Plus) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-26]
FF HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Firefox\Extensions: [{76dccd48-a276-11e5-8934-cd441d5d46b0}] - C:\Users\hochs\AppData\Roaming\Lamantine\Sticky Password\spAutofillMoz
FF Extension: (Sticky Password Autofill Engine) - C:\Users\hochs\AppData\Roaming\Lamantine\Sticky Password\spAutofillMoz [2016-09-02]
FF HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => nicht gefunden

Chrome:
=======
CHR HomePage: Default -> hxxps://startseite.com/
CHR DefaultSearchURL: Default -> hxxps://www.startpage.com/do/dsearch?query={searchTerms}&cat=web&pl=opensearch&language=deutsch
CHR DefaultSearchKeyword: Default -> https://startpage.com
CHR Profile: C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-15]
CHR Extension: (Google Drive) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-15]
CHR Extension: (WhatsChrome) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan [2016-08-07]
CHR Extension: (YouTube) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-15]
CHR Extension: (Porno-Blocker und Kindersicherung) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\cenggogncmgefhljmbhbjgfbfjbmpkml [2016-08-15]
CHR Extension: (Avira Browserschutz) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-02]
CHR Extension: (Google Docs Offline) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-15]
CHR Extension: (AdBlock) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-26]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-08-27]
CHR Extension: (Disconnect Search) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmobfennjmjnkdbklhcnnfbhfibedgkk [2016-09-02]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2016-09-02]
CHR Extension: (Disconnect) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2016-09-02]
CHR Extension: (Sticky Password Autofill Engine) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaafoaobjaplofpihlhbcbcjhmgnjplf [2016-09-02]
CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2016-06-23]
CHR Extension: (Chrono Download Manager) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2016-08-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-15]
CHR Extension: (Google Mail) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-15]
CHR Extension: (Chrome Media Router) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-03]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hmobfennjmjnkdbklhcnnfbhfibedgkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jeoacafpbcihiomhlakheieifhpjdfeo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1277688 2016-08-21] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6086744 2016-08-25] ()
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert]
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [989696 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1454720 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [253392 2016-08-26] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [26760 2016-08-23] (Avira Operations GmbH & Co. KG)
R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2016-06-20] (Sirrix AG) [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-08-29] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 Cloud Station Backup VSS Service x64; C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [287256 2016-07-04] ()
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287256 2016-07-04] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [391656 2016-07-22] (Digital Wave Ltd.)
S3 Disconnect Desktop Updater; C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe [358400 2015-09-23] (Disconnect)
S3 disconnect-openvpn; C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\nssm.exe [338944 2014-08-31] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R3 lmhosts; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 lmhosts; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E; C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe [8331360 2015-11-26] (Swisscom (Schweiz) AG)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4692840 2016-08-15] (Acronis International GmbH)
R2 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [7717528 2016-07-18] (Acronis International GmbH)
R2 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1516920 2016-08-21] ()
R2 NlaSvc; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 NlaSvc; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [623848 2016-03-09] (Samsung Electronics Co.,Ltd)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-17] (Microsoft Corporation)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [27632 2016-08-18] (Avira Operations GmbH & Co. KG)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9729272 2016-08-11] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248840 2016-03-18] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WO_LiveService2; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe [257872 2016-07-01] ()
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\TunesGo Retro\DriverInstall.exe [116368 2016-04-16] (Wondershare)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
S3 athr; C:\Windows\System32\drivers\athw10x.sys [4316456 2016-06-16] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-08-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-08-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-08-18] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-08-18] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-09] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-09] (Disc Soft Ltd)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [375136 2016-08-25] (Acronis International GmbH)
R2 LiveTuner2PM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner64.sys [14320 2014-03-20] ()
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-07] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 prl_virtual_hid; C:\Windows\System32\drivers\prl_virtual_hid.sys [19688 2015-09-18] ()
S3 ptun0901; C:\Windows\System32\drivers\ptun0901.sys [27136 2014-08-08] (The OpenVPN Project)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [34608 2016-06-09] (Audials AG)
S3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42064 2016-08-15] (Anchorfree Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1267544 2016-08-25] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [212320 2016-08-25] (Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [687968 2016-08-25] (Acronis International GmbH)
R3 TotRec8; C:\WINDOWS\system32\drivers\TotRec8.sys [125568 2015-10-20] (High Criteria inc.)
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [182480 2016-04-29] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135768 2016-04-28] (Oracle Corporation)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [331104 2016-08-25] (Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; C:\Program Files (x86)\CyberLink\PowerDVD16\Common\NavFilter\000.fcl [29624 2016-03-28] (CyberLink Corp.)
U3 DfSdkS; kein ImagePath
S3 NPF; system32\drivers\NPF.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-07 17:14 - 2016-09-07 17:14 - 00039554 _____ C:\Users\hochs\Downloads\FRST.txt
2016-09-07 17:12 - 2016-09-07 17:12 - 02397696 _____ (Farbar) C:\Users\hochs\Downloads\FRST64.exe
2016-09-07 17:03 - 2016-09-07 17:03 - 03826240 _____ C:\Users\hochs\Downloads\AdwCleaner_6.010.exe
2016-09-07 16:49 - 2016-09-07 16:57 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-07 16:49 - 2016-09-07 16:49 - 00001186 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-09-07 16:49 - 2016-09-07 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-09-07 16:49 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-07 16:49 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-07 16:49 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-07 16:47 - 2016-09-07 16:48 - 22851472 _____ (Malwarebytes ) C:\Users\hochs\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-05 20:21 - 2016-09-05 20:30 - 00000000 ____D C:\Users\hochs\Downloads\okindoft.mkv - hd-area.org
2016-09-05 18:43 - 2016-09-06 18:45 - 00000000 ____D C:\Users\hochs\Downloads\Overkill.Durch.die.Hoelle.zur.Ewigkeit.1980.German.720p.BluRay.x264-GMA - filecrypt.cc
2016-09-04 17:18 - 2016-09-04 17:20 - 00000000 ____D C:\Users\hochs\Downloads\Rampage.President.Down.German.2016.AC3.BDRip.x264-COiNCiDENCE - filecrypt.cc
2016-09-04 14:39 - 2016-09-04 14:44 - 00000000 ____D C:\Users\hochs\Downloads\Star.Trek.Beyond.2016.German.TS.V2.MD.XViD-MULTiPLEX - filecrypt.cc
2016-09-04 14:23 - 2015-12-18 19:48 - 00000000 ____D C:\Users\hochs\Downloads\SolveigMM Video Splitter 5.2.1512.16 Business Edition & Portable
2016-09-04 14:22 - 2016-09-04 14:23 - 67134548 _____ C:\Users\hochs\Downloads\SolveigMM_Video_Splitter_5.2.1512.16_Business_Edition_&_Portable.rar
2016-09-04 14:06 - 2016-09-04 14:29 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Solveig Multimedia
2016-09-04 14:06 - 2016-09-04 14:06 - 00000000 ____D C:\Users\hochs\Documents\Solveig Multimedia
2016-09-04 14:05 - 2016-09-04 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solveig Multimedia
2016-09-04 14:05 - 2016-09-04 14:24 - 00000000 ____D C:\Program Files (x86)\Solveig Multimedia
2016-09-04 14:05 - 2016-09-04 14:05 - 35725504 _____ (Solveig Multimedia ) C:\Users\hochs\Downloads\SolveigMM_AVI_Trimmer_5_0_1603_23.exe
2016-09-04 14:05 - 2016-09-04 14:05 - 00001417 _____ C:\Users\Public\Desktop\SolveigMM AVI Trimmer+.lnk
2016-09-04 13:57 - 2016-09-04 13:57 - 00000000 ____D C:\Users\hochs\AppData\Local\IsolatedStorage
2016-09-04 13:56 - 2016-09-04 13:56 - 00000000 ____D C:\Users\hochs\Documents\Haenlein-Software
2016-09-04 13:56 - 2016-09-04 13:56 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Haenlein-Software
2016-09-04 13:55 - 2016-09-04 13:55 - 29430176 _____ C:\Users\hochs\Downloads\Setup_DVR-Studio HD 3_3.21 (1).exe
2016-09-04 13:55 - 2016-09-04 13:55 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVR-Studio HD 3
2016-09-04 13:54 - 2016-09-04 13:55 - 00001180 _____ C:\Users\admin\Desktop\DVR-Studio HD 3.lnk
2016-09-04 13:54 - 2016-09-04 13:55 - 00000000 ____D C:\Program Files (x86)\DVR-Studio HD 3
2016-09-04 13:53 - 2016-09-04 13:53 - 29430176 _____ C:\Users\hochs\Downloads\Setup_DVR-Studio HD 3_3.21.exe
2016-09-04 13:15 - 2016-09-04 13:24 - 1430589050 _____ C:\Users\hochs\Downloads\Die_Mothman_Prophezeiungen_16.09.03_20-15_zdfneo_115_TVOON_DE.mpg.HD.avi
2016-09-04 13:10 - 2016-09-04 13:24 - 45314000 _____ C:\Users\hochs\Downloads\2016-09-03_20-15_Die-Mothman-Prophezeiungen_zdf-neo_hd.mp4
2016-09-04 13:09 - 2016-09-04 13:09 - 00002387 _____ C:\Users\admin\Desktop\MediathekView - CHIP Installer.lnk
2016-09-04 12:33 - 2016-09-04 12:33 - 00000000 ____D C:\Users\admin\AppData\Local\Free Download Manager
2016-09-04 12:31 - 2016-09-04 12:33 - 07070852 _____ C:\Users\hochs\Downloads\2016-09-03_20-15_Die-Mothman-Prophezeiungen_zdf-neo_hd.mp4.crdownload
2016-09-04 12:19 - 2016-09-04 12:32 - 3008565993 _____ C:\Users\hochs\Downloads\2016-09-03_20-15_Die-Mothman-Prophezeiungen_zdf-neo_hd.mp4.fdmdownload
2016-09-04 12:07 - 2016-09-04 12:08 - 00000000 ____D C:\Users\hochs\MediathekView
2016-09-04 11:58 - 2016-08-08 15:51 - 03065285 _____ C:\Users\admin\Downloads\MediathekView.jar
2016-09-04 11:58 - 2016-08-08 15:51 - 00057344 _____ C:\Users\admin\Downloads\MediathekView__Start.exe
2016-09-04 11:58 - 2016-08-08 15:51 - 00001470 _____ C:\Users\admin\Downloads\Hilfe___bitte_lesen.txt
2016-09-04 11:58 - 2016-08-08 15:51 - 00000364 _____ C:\Users\admin\Downloads\MediathekView__Mac_Start.command
2016-09-04 11:58 - 2016-08-08 15:51 - 00000325 _____ C:\Users\admin\Downloads\MediathekView__Linux.sh
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Windows
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Portable
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\lib
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Info
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Icons
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Copyright
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\bin
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Anleitung
2016-09-04 11:56 - 2016-09-04 11:56 - 01474568 _____ C:\Users\hochs\Downloads\MediathekView - CHIP-Installer.exe
2016-09-04 11:54 - 2016-09-04 11:54 - 39389109 _____ C:\Users\admin\Downloads\MediathekView_12.zip
2016-09-04 11:26 - 2016-09-04 11:26 - 00001124 _____ C:\Users\Public\Desktop\BeeThink SpyDetector 2.0.lnk
2016-09-04 11:26 - 2016-09-04 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeeThink SpyDetector 2.0
2016-09-04 11:26 - 2016-09-04 11:26 - 00000000 ____D C:\Program Files (x86)\BeeThink SpyDetector_2.0
2016-09-04 11:25 - 2016-09-04 11:25 - 01678787 _____ (BeeThink SoftWare, Inc. ) C:\Users\hochs\Downloads\BeeThink_SpyDetector2.0_setup.exe
2016-09-04 10:11 - 2016-09-04 10:11 - 00000000 ____D C:\Users\hochs\AppData\Roaming\DVDVideoSoft
2016-09-04 06:12 - 2016-09-04 06:12 - 01222600 _____ (AVM Software Inc.) C:\Users\hochs\Downloads\pal_install_r132144.exe
2016-09-04 06:12 - 2016-09-04 06:12 - 00002065 _____ C:\Users\admin\Desktop\Paltalk Messenger.lnk
2016-09-04 06:12 - 2016-09-04 06:12 - 00001186 _____ C:\Users\admin\Desktop\Upgrade to Paltalk Extreme.lnk
2016-09-04 06:12 - 2016-09-04 06:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\Paltalk
2016-09-04 06:12 - 2016-09-04 06:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
2016-09-04 06:12 - 2016-09-04 06:12 - 00000000 ____D C:\Program Files (x86)\Paltalk Messenger
2016-09-03 11:03 - 2016-09-03 11:31 - 00000000 ____D C:\Users\hochs\AppData\Roaming\WhatsApp
2016-09-03 11:00 - 2016-09-04 14:26 - 00372872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-03 09:22 - 2016-09-03 09:24 - 00312694 _____ C:\TDSSKiller.3.1.0.11_03.09.2016_09.22.54_log.txt
2016-09-03 09:21 - 2016-09-03 09:22 - 04747704 _____ (AO Kaspersky Lab) C:\Users\hochs\Downloads\tdsskiller.exe
2016-09-03 08:37 - 2016-09-03 08:37 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Yahoo!
2016-09-02 23:24 - 2016-09-02 23:24 - 00000000 ____D C:\Users\hochs\AppData\Roaming\HpUpdate
2016-09-02 18:50 - 2016-09-02 18:50 - 00000921 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-09-02 18:50 - 2016-09-02 18:50 - 00000873 _____ C:\Users\admin\Desktop\Start Tor Browser.lnk
2016-09-02 18:50 - 2016-09-02 18:50 - 00000000 ____D C:\Users\admin\Desktop\Tor Browser
2016-09-02 18:11 - 2016-09-02 18:37 - 00000000 ____D C:\Users\admin\AppData\Local\DisconnectDesktop
2016-09-02 18:11 - 2016-09-02 18:11 - 00001258 _____ C:\Users\admin\Desktop\Disconnect Desktop.lnk
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Mozilla
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disconnect Desktop
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Disconnect
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Local\Caphyon
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Program Files\TAP-Windows
2016-09-02 18:08 - 2016-09-02 18:10 - 71515456 _____ (Disconnect) C:\Users\hochs\Downloads\Disconnect+Desktop.exe
2016-09-02 13:58 - 2016-09-02 14:02 - 00000000 ____D C:\Users\hochs\Downloads\tpdhso
2016-09-02 12:12 - 2016-09-02 13:00 - 00000000 ___RD C:\Users\hochs\Downloads\Schrei.wenn.der.Tingler.kommt.1959.German.720p.BluRay.x264-iFPD
2016-09-02 12:12 - 2016-09-02 12:12 - 68821442 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part23.rar
2016-09-02 12:12 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part22.rar
2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part21.rar
2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part20.rar
2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part19.rar
2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part18.rar
2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part17.rar
2016-09-02 12:11 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part16.rar
2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part15.rar
2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part14.rar
2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part13.rar
2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part12.rar
2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part11.rar
2016-09-02 12:10 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part10.rar
2016-09-02 12:10 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part09.rar
2016-09-02 12:10 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part08.rar
2016-09-02 12:09 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part07.rar
2016-09-02 12:09 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part06.rar
2016-09-02 12:09 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part05.rar
2016-09-02 12:09 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part03.rar
2016-09-02 12:09 - 2016-09-02 12:09 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part04.rar
2016-09-02 12:09 - 2016-09-02 12:09 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part02.rar
2016-09-02 12:08 - 2016-09-02 12:09 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part01.rar
2016-09-02 12:05 - 2016-09-02 12:05 - 00006896 _____ C:\Users\hochs\Downloads\29e105b4b84827c1a7694d1a138117dd9c84549f.dlc
2016-09-02 10:30 - 2016-09-02 10:31 - 91468472 _____ (Adobe Systems Incorporated) C:\Users\hochs\Downloads\AcroRdrDC1501720050_de_DE.exe
2016-09-02 10:29 - 2016-09-02 10:29 - 00134646 _____ C:\Users\hochs\Downloads\Offerte P-2017 Urs Hochstrasser neu.pdf
2016-09-02 09:16 - 2016-09-02 09:16 - 00000000 ____D C:\Users\admin\AppData\Local\Avira
2016-09-02 09:15 - 2016-09-02 09:15 - 00002398 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ___RD C:\Users\admin\OneDrive
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\Documents\Bluetooth Folder
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Roaming\SAMSUNG
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Roaming\Atheros
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Roaming\Apple Computer
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\Wondershare
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\CyberLink
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\Clover
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\BMExplorer
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\.swt
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-02 09:14 - 2016-09-02 09:16 - 00000000 ____D C:\Users\admin\AppData\Local\Packages
2016-09-02 09:14 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\ConnectedDevicesPlatform
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Roaming\Adobe
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\VirtualStore
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\TileDataLayer
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\Publishers
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\Google
2016-09-02 03:32 - 2016-09-02 03:32 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Lamantine
2016-09-02 03:30 - 2016-09-07 02:50 - 00000000 ___SD C:\Users\hochs\Documents\Sticky Passwords
2016-09-02 03:29 - 2016-09-02 03:29 - 00001176 _____ C:\Users\Public\Desktop\Sticky Password.lnk
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ___SD C:\Users\admin\Documents\Sticky Passwords
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ____D C:\Users\admin\AppData\Local\PeerDistRepub
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Password
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ____D C:\Program Files (x86)\Sticky Password
2016-09-02 03:28 - 2016-09-02 03:29 - 30170336 _____ (Lamantine Software ) C:\Users\hochs\Downloads\StickyPassword_rev808116.exe
2016-09-02 03:25 - 2016-09-02 09:19 - 00000000 ____D C:\Users\admin
2016-09-02 03:25 - 2016-09-02 03:25 - 00000020 ___SH C:\Users\admin\ntuser.ini
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Vorlagen
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Startmenü
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Netzwerkumgebung
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Lokale Einstellungen
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Eigene Dateien
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Druckumgebung
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Documents\Eigene Videos
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Documents\Eigene Musik
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Documents\Eigene Bilder
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\AppData\Local\Verlauf
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\AppData\Local\Anwendungsdaten
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Anwendungsdaten
2016-09-01 18:18 - 2016-09-01 18:18 - 00000000 ____D C:\Users\hochs\AppData\Local\AviraSpeedup
2016-09-01 18:16 - 2014-05-25 02:36 - 00015360 _____ C:\WINDOWS\system32\SppExtComObjHook.dll
2016-09-01 18:14 - 2014-08-08 18:31 - 00027136 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\ptun0901.sys
2016-09-01 16:24 - 2016-09-01 16:24 - 00002741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002674 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002654 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-09-01 16:24 - 2016-09-01 16:24 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-09-01 16:24 - 2016-09-01 16:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Users\hochs\AppData\Local\Microsoft Help
2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Program Files\Microsoft Office
2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-09-01 16:20 - 2016-09-01 16:20 - 00000000 __RHD C:\MSOCache
2016-09-01 16:16 - 2016-09-01 16:19 - 00000000 ____D C:\Users\hochs\Downloads\86updajulfg3s5d4f
2016-09-01 16:11 - 2016-09-01 16:11 - 00002429 _____ C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira Scout.lnk
2016-09-01 16:11 - 2016-09-01 16:11 - 00002421 _____ C:\Users\hochs\Desktop\Avira Scout.lnk
2016-09-01 16:11 - 2016-09-01 16:11 - 00000000 ____D C:\Users\hochs\AppData\Local\Package Cache
2016-09-01 16:09 - 2016-09-01 17:09 - 00000000 ____D C:\Program Files (x86)\KMSPico
2016-09-01 16:04 - 2016-09-01 17:37 - 00000000 ___HD C:\Users\hochs\Downloads\.ptmp121163
2016-09-01 15:42 - 2016-09-01 15:48 - 00000000 ____D C:\Users\hochs\Downloads\Der.Gendarm.vom.Broadway.1965.GERMAN.DL.720p.HDTV.x264-CDD - filecrypt.cc
2016-09-01 15:23 - 2016-09-01 16:11 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Avira
2016-09-01 15:23 - 2016-09-01 15:23 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-09-01 15:21 - 2016-08-18 15:52 - 00154392 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-09-01 15:21 - 2016-08-18 15:52 - 00144664 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-09-01 15:21 - 2016-08-18 15:52 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-09-01 15:21 - 2016-08-18 15:52 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-09-01 15:10 - 2016-09-01 15:11 - 225639816 _____ C:\Users\hochs\Downloads\avira_antivirus_de-de.exe
2016-09-01 14:44 - 2016-09-01 14:44 - 224665032 _____ C:\Users\hochs\Downloads\avira_internet_security_de(1).exe
2016-09-01 14:43 - 2016-09-01 14:43 - 224665032 _____ C:\Users\hochs\Downloads\avira_internet_security_de.exe
2016-09-01 14:38 - 2016-09-01 14:38 - 00002162 _____ C:\Users\Public\Desktop\Avira Software Updater.lnk
2016-09-01 14:30 - 2016-09-01 14:30 - 04439864 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_de_av_57c81f542973f__ws.exe
2016-09-01 14:28 - 2016-09-01 14:28 - 02983904 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_registry_cleaner_de(1).exe
2016-09-01 14:19 - 2016-09-01 14:20 - 00001370 _____ C:\Users\hochs\Desktop\shutdown.bat.lnk
2016-09-01 14:17 - 2016-09-01 14:17 - 02983904 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_registry_cleaner_de.exe
2016-09-01 14:17 - 2016-09-01 14:17 - 00000289 _____ C:\Users\hochs\Desktop\Wie installiere ich erneut mein Avira Antivirus Produkt - Avira Answers.URL
2016-09-01 14:12 - 2016-09-01 14:13 - 04439864 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_de_av_3021944647_ciukpe49j82kusl080x2_wd.exe
2016-09-01 14:09 - 2016-09-01 14:09 - 04439864 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_de_issudl_3010720132__ws.exe
2016-09-01 14:03 - 2016-09-01 16:11 - 00000000 ____D C:\Users\hochs\AppData\Local\Avira
2016-09-01 13:53 - 2016-09-01 13:53 - 00001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira Phantom VPN.lnk
2016-09-01 13:53 - 2016-09-01 13:53 - 00001124 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2016-09-01 13:51 - 2016-09-07 17:08 - 00000000 ____D C:\Users\Public\Speedup Sessions
2016-09-01 13:51 - 2016-09-06 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-01 13:51 - 2016-09-01 15:21 - 00000000 ____D C:\ProgramData\Avira
2016-09-01 13:51 - 2016-09-01 15:21 - 00000000 ____D C:\Program Files (x86)\Avira
2016-09-01 13:51 - 2016-09-01 13:51 - 04439864 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_de_atss0_3021944647_tuea2maioyrais5w1baz_wd.exe
2016-09-01 13:51 - 2016-09-01 13:51 - 00001298 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-09-01 13:51 - 2016-09-01 13:51 - 00001227 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2016-09-01 13:40 - 2016-09-01 13:40 - 00028335 _____ C:\ProgramData\1472729999.bdinstall.bin
2016-09-01 13:14 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\Kirschblueten.und.rote.Bohnen.2015.German.1080p.BluRay.x264-CONTRiBUTiON - filecrypt.cc
2016-09-01 13:12 - 2016-09-01 13:12 - 00238909 _____ C:\ProgramData\1472728277.bdinstall.bin
2016-09-01 12:45 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\Schweinskopf.Al.Dente.2016.TS.MD.German.XViD-SLiMER - filecrypt.cc
2016-09-01 11:22 - 2016-09-01 11:22 - 00000000 ____D C:\Users\hochs\AppData\Roaming\QuickScan
2016-09-01 11:15 - 2016-09-01 11:16 - 80334050 _____ C:\Users\hochs\Downloads\openatv-5.3-vusolose-20160901_usb.zip
2016-09-01 08:39 - 2016-09-01 08:39 - 01065376 _____ (Google Inc.) C:\Users\hochs\Downloads\ChromeSetup.exe
2016-09-01 08:39 - 2016-09-01 08:39 - 00002351 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-01 08:39 - 2016-09-01 08:39 - 00002339 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-01 08:37 - 2016-09-01 08:37 - 00000826 _____ C:\Users\hochs\Downloads\Preferences.xml
2016-09-01 08:35 - 2016-09-02 10:31 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-09-01 08:35 - 2016-09-01 08:35 - 00002135 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-09-01 08:35 - 2016-09-01 08:35 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-09-01 08:32 - 2016-09-01 08:32 - 00071464 _____ C:\Users\hochs\Downloads\2016_08_31-1-Kontoauszug.pdf
2016-09-01 07:19 - 2016-09-01 07:19 - 00004944 _____ C:\Users\hochs\Downloads\DISKSTATION216_20160901.dss
2016-09-01 02:29 - 2016-08-27 14:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-01 02:29 - 2016-08-27 11:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-01 02:29 - 2016-08-27 07:12 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-01 02:29 - 2016-08-27 07:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-01 02:29 - 2016-08-27 06:58 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-01 02:29 - 2016-08-27 06:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-01 02:29 - 2016-08-27 06:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-01 02:29 - 2016-08-27 06:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-01 02:29 - 2016-08-27 06:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-01 02:29 - 2016-08-27 06:38 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-01 02:29 - 2016-08-27 06:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-01 02:29 - 2016-08-27 06:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-01 02:29 - 2016-08-27 06:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-01 02:29 - 2016-08-20 08:26 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-01 02:29 - 2016-08-20 08:13 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-01 02:29 - 2016-08-20 08:06 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-01 02:29 - 2016-08-20 08:06 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-01 02:29 - 2016-08-20 08:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-01 02:29 - 2016-08-20 08:05 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-01 02:29 - 2016-08-20 08:04 - 07814488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-01 02:29 - 2016-08-20 08:04 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-01 02:29 - 2016-08-20 08:04 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-01 02:29 - 2016-08-20 08:03 - 02257248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-01 02:29 - 2016-08-20 08:03 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-01 02:29 - 2016-08-20 07:52 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 01279328 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-01 02:29 - 2016-08-20 07:52 - 00658776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-01 02:29 - 2016-08-20 07:52 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

Alt 07.09.2016, 16:31   #8
powerzug
 
Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus - Standard

Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus



FRST Log Teil 2
Code:
ATTFilter
2016-09-01 02:29 - 2016-08-20 07:52 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-01 02:29 - 2016-08-20 07:51 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-01 02:29 - 2016-08-20 07:50 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-01 02:29 - 2016-08-20 07:50 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-01 02:29 - 2016-08-20 07:50 - 01099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-01 02:29 - 2016-08-20 07:50 - 00987992 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-01 02:29 - 2016-08-20 07:50 - 00942424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-01 02:29 - 2016-08-20 07:50 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-01 02:29 - 2016-08-20 07:50 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-01 02:29 - 2016-08-20 07:50 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-01 02:29 - 2016-08-20 07:50 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-01 02:29 - 2016-08-20 07:47 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-01 02:29 - 2016-08-20 07:47 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-01 02:29 - 2016-08-20 07:47 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-01 02:29 - 2016-08-20 07:46 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-01 02:29 - 2016-08-20 07:43 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-01 02:29 - 2016-08-20 07:42 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-01 02:29 - 2016-08-20 07:34 - 01430200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-01 02:29 - 2016-08-20 07:34 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-01 02:29 - 2016-08-20 07:34 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-01 02:29 - 2016-08-20 07:33 - 05722312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-01 02:29 - 2016-08-20 07:33 - 00852824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-01 02:29 - 2016-08-20 07:32 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-01 02:29 - 2016-08-20 07:32 - 00846552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-01 02:29 - 2016-08-20 07:29 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-01 02:29 - 2016-08-20 07:29 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-01 02:29 - 2016-08-20 07:29 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-01 02:29 - 2016-08-20 07:25 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-01 02:29 - 2016-08-20 07:22 - 22571008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-01 02:29 - 2016-08-20 07:22 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-01 02:29 - 2016-08-20 07:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-01 02:29 - 2016-08-20 07:21 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-01 02:29 - 2016-08-20 07:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-01 02:29 - 2016-08-20 07:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-01 02:29 - 2016-08-20 07:21 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-01 02:29 - 2016-08-20 07:21 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-01 02:29 - 2016-08-20 07:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-01 02:29 - 2016-08-20 07:20 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-01 02:29 - 2016-08-20 07:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-01 02:29 - 2016-08-20 07:20 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-01 02:29 - 2016-08-20 07:20 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-01 02:29 - 2016-08-20 07:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-01 02:29 - 2016-08-20 07:19 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-01 02:29 - 2016-08-20 07:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-01 02:29 - 2016-08-20 07:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-01 02:29 - 2016-08-20 07:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-01 02:29 - 2016-08-20 07:18 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-09-01 02:29 - 2016-08-20 07:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-01 02:29 - 2016-08-20 07:17 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-09-01 02:29 - 2016-08-20 07:17 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-01 02:29 - 2016-08-20 07:17 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-01 02:29 - 2016-08-20 07:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-01 02:29 - 2016-08-20 07:16 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-01 02:29 - 2016-08-20 07:16 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-01 02:29 - 2016-08-20 07:16 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-01 02:29 - 2016-08-20 07:15 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-01 02:29 - 2016-08-20 07:15 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-01 02:29 - 2016-08-20 07:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-01 02:29 - 2016-08-20 07:15 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-01 02:29 - 2016-08-20 07:15 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-09-01 02:29 - 2016-08-20 07:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-01 02:29 - 2016-08-20 07:14 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-01 02:29 - 2016-08-20 07:14 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-01 02:29 - 2016-08-20 07:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-01 02:29 - 2016-08-20 07:14 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-01 02:29 - 2016-08-20 07:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-01 02:29 - 2016-08-20 07:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-01 02:29 - 2016-08-20 07:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-01 02:29 - 2016-08-20 07:13 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-01 02:29 - 2016-08-20 07:13 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-01 02:29 - 2016-08-20 07:13 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-01 02:29 - 2016-08-20 07:12 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-01 02:29 - 2016-08-20 07:12 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-01 02:29 - 2016-08-20 07:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-01 02:29 - 2016-08-20 07:12 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-01 02:29 - 2016-08-20 07:12 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-01 02:29 - 2016-08-20 07:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-01 02:29 - 2016-08-20 07:12 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-01 02:29 - 2016-08-20 07:11 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-09-01 02:29 - 2016-08-20 07:11 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-01 02:29 - 2016-08-20 07:11 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-01 02:29 - 2016-08-20 07:11 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-01 02:29 - 2016-08-20 07:11 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-01 02:29 - 2016-08-20 07:10 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-01 02:29 - 2016-08-20 07:10 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-01 02:29 - 2016-08-20 07:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-01 02:29 - 2016-08-20 07:09 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-01 02:29 - 2016-08-20 07:09 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-01 02:29 - 2016-08-20 07:09 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-01 02:29 - 2016-08-20 07:09 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-01 02:29 - 2016-08-20 07:08 - 01906176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-01 02:29 - 2016-08-20 07:08 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-01 02:29 - 2016-08-20 07:08 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-01 02:29 - 2016-08-20 07:08 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-01 02:29 - 2016-08-20 07:08 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-01 02:29 - 2016-08-20 07:08 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-01 02:29 - 2016-08-20 07:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-01 02:29 - 2016-08-20 07:06 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-01 02:29 - 2016-08-20 07:06 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-01 02:29 - 2016-08-20 07:05 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-01 02:29 - 2016-08-20 07:05 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-01 02:29 - 2016-08-20 07:04 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-01 02:29 - 2016-08-20 07:04 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-01 02:29 - 2016-08-20 07:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-01 02:29 - 2016-08-20 07:04 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-01 02:29 - 2016-08-20 07:04 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-01 02:29 - 2016-08-20 07:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-01 02:29 - 2016-08-20 07:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-01 02:29 - 2016-08-20 07:03 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-01 02:29 - 2016-08-20 07:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-01 02:29 - 2016-08-20 07:03 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-01 02:29 - 2016-08-20 07:03 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-01 02:29 - 2016-08-20 07:02 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-01 02:29 - 2016-08-20 07:01 - 04612096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-01 02:29 - 2016-08-20 07:01 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-01 02:29 - 2016-08-20 07:01 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-01 02:29 - 2016-08-20 07:00 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-01 02:29 - 2016-08-20 07:00 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-01 02:29 - 2016-08-20 07:00 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-01 02:29 - 2016-08-20 07:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-01 02:29 - 2016-08-20 06:58 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-01 02:29 - 2016-08-20 06:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-01 02:29 - 2016-08-20 06:57 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-01 02:29 - 2016-08-20 06:57 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-01 02:29 - 2016-08-20 06:57 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-01 02:29 - 2016-08-20 06:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-01 02:29 - 2016-08-20 06:55 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-01 02:29 - 2016-08-20 06:55 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-01 02:29 - 2016-08-20 06:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-01 02:29 - 2016-08-20 06:53 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-01 02:29 - 2016-08-20 06:53 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-01 02:29 - 2016-08-20 06:53 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-01 02:29 - 2016-08-20 06:52 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-01 02:29 - 2016-08-20 06:51 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-01 02:29 - 2016-08-20 06:51 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-01 02:29 - 2016-08-20 06:51 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-01 02:29 - 2016-08-20 06:50 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-01 02:29 - 2016-08-20 06:49 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-01 02:29 - 2016-08-20 06:46 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-01 02:29 - 2016-08-19 03:33 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-09-01 02:09 - 2016-09-01 02:08 - 00000390 _____ C:\Users\hochs\Desktop\product-file-76929a54-3505-4045-9b2f-a770f169c5dc-20160901-0208.bin
2016-09-01 02:08 - 2016-09-01 02:08 - 00000390 _____ C:\Users\hochs\Downloads\product-file-76929a54-3505-4045-9b2f-a770f169c5dc-20160901-0208.bin
2016-09-01 01:36 - 2016-09-01 01:37 - 08780008 _____ C:\Users\hochs\Downloads\TVCSUTSetup_V1.0.0.2.exe
2016-09-01 01:03 - 2016-09-01 01:03 - 00001154 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-09-01 01:03 - 2016-09-01 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-09-01 01:02 - 2016-09-01 01:02 - 30533688 _____ C:\Users\hochs\Downloads\vlc-2.2.4-win32.exe
2016-09-01 01:02 - 2016-09-01 01:02 - 30533688 _____ C:\Users\hochs\Downloads\vlc-2.2.4-win32(1).exe
2016-09-01 01:01 - 2016-09-01 01:17 - 00000000 ____D C:\Users\hochs\AppData\Roaming\dvblinkplayer
2016-09-01 01:00 - 2016-09-01 01:01 - 00001401 _____ C:\Users\Public\Desktop\DVBLink Viewer.lnk
2016-09-01 01:00 - 2016-09-01 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVBLink
2016-09-01 01:00 - 2016-09-01 01:00 - 00000000 ____D C:\Program Files (x86)\DVBLogic
2016-09-01 00:26 - 2016-09-01 00:26 - 00002081 _____ C:\Users\Public\Desktop\TraXEx-Schredder.lnk
2016-09-01 00:26 - 2016-09-01 00:26 - 00002059 _____ C:\Users\Public\Desktop\TraXEx-Löschautomat.lnk
2016-09-01 00:26 - 2016-09-01 00:26 - 00002051 _____ C:\Users\Public\Desktop\TraXEx 7.0.lnk
2016-09-01 00:26 - 2016-09-01 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TraXEx 7.0
2016-09-01 00:24 - 2016-09-01 00:24 - 05425856 _____ (Alexander Miehlke Softwareentwicklung ) C:\Users\hochs\Downloads\traxex70.exe
2016-08-31 14:48 - 2016-08-31 14:52 - 1301259155 _____ C:\Users\hochs\Downloads\Mama Macht S Moeglich.mp4
2016-08-31 14:46 - 2016-08-31 14:46 - 00000000 ____D C:\Users\hochs\Downloads\Ein Fall für zwei - Tod eines Leibwächters
2016-08-31 14:41 - 2016-08-31 14:46 - 2414733861 _____ C:\Users\hochs\Downloads\2016-08-26_14.40_ZDFneo_Ein-Fall-fuer-zwei_Schlechte-Karten.mp4
2016-08-31 14:41 - 2016-08-31 14:46 - 2414650592 _____ C:\Users\hochs\Downloads\Ein-Fall-fuer-zwei_Tod-eines-Leibwaechters.mp4
2016-08-31 14:25 - 2016-08-31 14:34 - 2557520455 _____ C:\Users\hochs\Downloads\Besondere Schwere Der Schuld.mp4
2016-08-31 14:25 - 2016-08-31 14:30 - 1626838601 _____ C:\Users\hochs\Downloads\Female Body Inspectors.mp4
2016-08-31 11:44 - 2016-08-31 11:44 - 00241560 _____ C:\Users\hochs\Downloads\160831_WS_P+PRIO+5_SI_1__25172425.pdf
2016-08-31 08:32 - 2016-09-01 10:06 - 00000402 _____ C:\Users\hochs\Downloads\mailpv.cfg
2016-08-31 07:48 - 2016-06-26 12:52 - 00015574 _____ C:\Users\hochs\Downloads\mailpv.chm
2016-08-31 07:48 - 2016-06-26 12:52 - 00010952 _____ C:\Users\hochs\Downloads\readme.txt
2016-08-31 06:32 - 2016-08-31 07:22 - 00000600 _____ C:\Users\hochs\AppData\Roaming\winscp.rnd
2016-08-31 06:10 - 2016-08-31 06:11 - 93009920 _____ C:\Users\hochs\Desktop\PlexMediaServer-1.0.3.2461-35f0caa-x86.spk
2016-08-31 05:48 - 2016-08-31 05:48 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-08-30 20:54 - 2016-08-30 20:54 - 00000270 _____ C:\Users\hochs\Downloads\blank.tif
2016-08-30 19:22 - 2016-08-30 19:22 - 00000151 _____ C:\Users\hochs\Downloads\stream (2).m3u
2016-08-30 19:21 - 2016-08-30 19:21 - 00000151 _____ C:\Users\hochs\Downloads\stream.m3u
2016-08-30 19:21 - 2016-08-30 19:21 - 00000151 _____ C:\Users\hochs\Downloads\stream (1).m3u
2016-08-30 18:28 - 2016-08-30 18:29 - 00000000 ____D C:\Users\hochs\AppData\Local\CloudStation
2016-08-30 18:28 - 2016-08-30 18:28 - 00001368 _____ C:\Users\Public\Desktop\Synology Cloud Station Drive.lnk
2016-08-30 18:25 - 2016-08-30 18:27 - 00000000 ____D C:\Users\hochs\AppData\Local\CloudStationBackup
2016-08-30 18:25 - 2016-08-30 18:25 - 00001410 _____ C:\Users\Public\Desktop\Synology Cloud Station Backup.lnk
2016-08-30 18:25 - 2016-08-30 18:25 - 00000042 ____H C:\Users\hochs\.uuid
2016-08-30 14:17 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\Open.Road.Wohin.wird.der.Weg.sie.fuehren.2013.German.DL.1080p.BluRay.x264-CONTRiBUTiON - hd-area.org
2016-08-30 13:53 - 2016-08-30 13:54 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Paltalk
2016-08-30 13:53 - 2016-08-30 13:53 - 00002065 _____ C:\Users\hochs\Desktop\Paltalk Messenger.lnk
2016-08-30 13:53 - 2016-08-30 13:53 - 00001186 _____ C:\Users\hochs\Desktop\Upgrade to Paltalk Extreme.lnk
2016-08-30 13:53 - 2016-08-30 13:53 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
2016-08-30 09:18 - 2016-08-30 09:19 - 00313742 _____ C:\TDSSKiller.3.1.0.11_30.08.2016_09.18.51_log.txt
2016-08-30 09:18 - 2016-08-30 09:18 - 04747704 _____ (AO Kaspersky Lab) C:\Users\hochs\Desktop\tdsskiller.exe
2016-08-30 02:57 - 2016-08-30 18:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology
2016-08-30 02:57 - 2016-08-30 18:28 - 00000000 ____D C:\Program Files (x86)\Synology
2016-08-30 02:57 - 2016-08-30 02:57 - 00001248 _____ C:\Users\Public\Desktop\Synology Assistant.lnk
2016-08-30 02:57 - 2016-08-30 02:57 - 00000000 ____D C:\ProgramData\Synology
2016-08-30 02:22 - 2016-09-01 16:49 - 00000000 ____D C:\Users\hochs\Downloads\AdobeAcrobatXIPro11 0 17ISOPentiumXForce
2016-08-30 02:17 - 2016-08-30 02:22 - 00000000 ____D C:\Users\hochs\Downloads\share-online.biz
2016-08-30 01:23 - 2016-08-30 01:23 - 00531368 _____ (Simon Tatham) C:\Users\hochs\Downloads\putty.exe
2016-08-30 01:23 - 2016-08-30 01:23 - 00334760 _____ (Simon Tatham) C:\Users\hochs\Downloads\puttytel.exe
2016-08-29 18:31 - 2016-08-29 18:32 - 00000000 ___RD C:\Users\hochs\Downloads\Guernica.German.2016.AC3.DVDRiP.x264-SAViOUR
2016-08-29 17:14 - 2016-08-29 17:14 - 00000000 ____D C:\Users\hochs\Desktop\Unpacked
2016-08-29 16:39 - 2016-08-29 18:33 - 00003637 _____ C:\Users\hochs\Downloads\Load.ini
2016-08-29 16:39 - 2016-08-29 16:41 - 00000000 ____D C:\Users\hochs\Downloads\Data
2016-08-29 16:36 - 2016-08-29 18:30 - 00000000 ____D C:\Users\hochs\AppData\Roaming\PeaZip
2016-08-29 16:35 - 2016-08-29 16:36 - 04806656 _____ (CandiSoft) C:\Users\hochs\Downloads\Load.exe
2016-08-29 16:35 - 2016-08-29 16:36 - 00221176 _____ (Alexander Roshal) C:\Users\hochs\Downloads\unrar.dll
2016-08-29 16:35 - 2016-08-29 16:36 - 00128000 _____ C:\Users\hochs\Downloads\reconnect.s3db
2016-08-29 16:35 - 2016-08-29 16:35 - 17498429 _____ C:\Users\hochs\Downloads\CandiSoft_Load_0.7.5.zip
2016-08-29 16:35 - 2015-06-05 22:39 - 02732032 _____ (CandiSoft) C:\Users\hochs\Downloads\Update.exe
2016-08-29 16:35 - 2015-06-05 22:39 - 01359872 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\hochs\Downloads\libeay32.dll
2016-08-29 16:35 - 2015-06-05 22:39 - 00355328 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\hochs\Downloads\ssleay32.dll
2016-08-29 16:35 - 2015-01-14 01:54 - 00344064 _____ C:\Users\hochs\Downloads\sqlite3.dll
2016-08-29 16:01 - 2016-09-06 18:29 - 00000000 ____D C:\Users\hochs\AppData\Roaming\KeePass
2016-08-29 16:00 - 2016-08-29 16:00 - 00000000 ____D C:\Users\hochs\AppData\Roaming\WinRAR
2016-08-29 15:58 - 2016-08-29 16:06 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
2016-08-29 15:58 - 2016-08-29 15:58 - 00001201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2016-08-29 15:58 - 2016-08-29 15:58 - 00001189 _____ C:\Users\hochs\Desktop\KeePass 2.lnk
2016-08-29 10:28 - 2016-09-07 16:57 - 00000000 ____D C:\Users\hochs\Downloads\www.m-kraehenmann.ch
2016-08-29 10:09 - 2016-09-02 04:01 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Kodi
2016-08-29 09:57 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\Jason.Bourne.TS.LD.German.x264-PsO - filecrypt.cc
2016-08-28 19:46 - 2016-08-28 19:46 - 00000000 ____D C:\Users\hochs\AppData\Roaming\PDAppFlex
2016-08-28 19:03 - 2016-08-28 19:03 - 00000000 ____D C:\Users\hochs\AppData\Local\enchant
2016-08-28 18:15 - 2016-08-28 18:15 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Hewlett-Packard
2016-08-28 18:11 - 2016-09-04 13:55 - 00000000 ____D C:\Users\hochs\AppData\Roaming\HexChat
2016-08-28 18:11 - 2016-08-28 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HexChat
2016-08-28 18:11 - 2016-08-28 18:11 - 00000000 ____D C:\Program Files\HexChat
2016-08-28 16:49 - 2016-08-28 16:49 - 00000000 ____D C:\Users\hochs\AppData\Roaming\TeamViewer
2016-08-28 14:02 - 2016-08-31 07:27 - 00519917 _____ C:\WINDOWS\system32\Drivers\etc\hosts.hitmanpro
2016-08-28 13:48 - 2016-08-28 13:48 - 00490651 _____ C:\Users\hochs\AppData\Local\census.cache
2016-08-28 13:48 - 2016-08-28 13:48 - 00187693 _____ C:\Users\hochs\AppData\Local\ars.cache
2016-08-28 13:46 - 2016-09-06 18:47 - 00000000 ____D C:\Users\hochs\AppData\Roaming\vlc
2016-08-28 13:41 - 2016-08-28 13:41 - 00000000 ____D C:\Users\hochs\AppData\Local\Macromedia
2016-08-28 13:29 - 2016-08-28 13:29 - 00000036 _____ C:\Users\hochs\AppData\Local\housecall.guid.cache
2016-08-28 13:29 - 2016-08-28 13:29 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Macromedia
2016-08-28 13:22 - 2016-08-31 11:42 - 00000000 ____D C:\Users\hochs\AppData\Roaming\DMCache
2016-08-28 12:08 - 2016-08-28 12:08 - 00000000 ____D C:\Program Files (x86)\ESET
2016-08-28 11:25 - 2016-09-01 08:40 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Adobe
2016-08-28 11:19 - 2016-08-28 11:19 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Atheros
2016-08-28 11:05 - 2016-09-01 13:36 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-08-28 10:48 - 2016-09-07 17:14 - 00000000 ____D C:\FRST
2016-08-28 10:13 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part6.rar
2016-08-28 10:13 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part5.rar
2016-08-28 10:13 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part4.rar
2016-08-28 10:13 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part3.rar
2016-08-28 10:13 - 2016-08-28 10:13 - 54107190 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part7.rar
2016-08-28 10:12 - 2016-08-28 10:14 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part1.rar
2016-08-28 10:12 - 2016-08-28 10:13 - 157286400 _____ C:\Users\hochs\Downloads\CAAINUGENVGANCCRG.part2.rar
2016-08-28 10:07 - 2016-08-28 10:07 - 00002756 _____ C:\Users\hochs\Downloads\333179792d081560db7da4895d27228227acbdda.dlc
2016-08-28 09:58 - 2016-08-28 09:58 - 00001347 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box.lnk
2016-08-28 09:58 - 2016-08-28 09:58 - 00001335 _____ C:\Users\Public\Desktop\Browser in the Box.lnk
2016-08-28 09:58 - 2016-08-28 09:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box
2016-08-28 09:57 - 2016-08-28 09:57 - 00000000 ____D C:\ProgramData\Sirrix AG
2016-08-28 09:57 - 2016-08-28 09:57 - 00000000 ____D C:\Program Files (x86)\Sirrix AG
2016-08-28 09:55 - 2016-08-28 09:55 - 00000000 ____D C:\Program Files\Oracle
2016-08-28 09:41 - 2016-08-28 09:41 - 00000000 ____D C:\Program Files\Common Files\AV
2016-08-28 09:41 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-08-28 09:39 - 2016-09-01 16:10 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-28 09:39 - 2016-09-01 15:23 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-28 03:09 - 2016-08-06 06:17 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-08-28 03:09 - 2016-08-06 06:08 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-28 03:09 - 2016-08-06 06:08 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-28 03:09 - 2016-08-06 06:08 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-08-28 03:09 - 2016-08-06 06:04 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-08-28 03:09 - 2016-08-06 06:03 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-28 03:09 - 2016-08-06 06:03 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-08-28 03:09 - 2016-08-06 06:03 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-08-28 03:09 - 2016-08-06 06:03 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-08-28 03:09 - 2016-08-06 06:03 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-08-28 03:09 - 2016-08-06 06:02 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-28 03:09 - 2016-08-06 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-08-28 03:09 - 2016-08-06 05:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-08-28 03:09 - 2016-08-06 05:48 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-08-28 03:09 - 2016-08-06 05:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-08-28 03:09 - 2016-08-06 05:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-08-28 03:09 - 2016-08-06 05:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-08-28 03:09 - 2016-08-06 05:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-08-28 03:09 - 2016-08-06 05:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-08-28 03:09 - 2016-08-06 05:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-08-28 03:09 - 2016-08-06 05:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-08-28 03:09 - 2016-08-06 05:44 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-08-28 03:09 - 2016-08-06 05:44 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-08-28 03:09 - 2016-08-06 05:41 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-28 03:09 - 2016-08-06 05:41 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-08-28 03:09 - 2016-08-06 05:41 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-08-28 03:09 - 2016-08-06 05:40 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-28 03:09 - 2016-08-06 05:39 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-08-28 03:09 - 2016-08-06 05:37 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-28 03:09 - 2016-08-06 05:31 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-28 03:09 - 2016-08-06 05:30 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-28 03:09 - 2016-08-06 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-08-28 03:09 - 2016-08-06 05:28 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-08-28 03:09 - 2016-08-06 05:28 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-08-28 03:09 - 2016-08-06 05:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-08-28 03:09 - 2016-08-06 05:26 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-08-28 03:09 - 2016-08-06 05:26 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-28 03:09 - 2016-08-06 05:25 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-28 03:09 - 2016-08-06 05:24 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-28 03:09 - 2016-08-06 05:23 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-08-28 03:09 - 2016-08-06 05:21 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-28 03:09 - 2016-08-05 11:10 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-08-28 03:09 - 2016-08-05 10:29 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-08-28 03:09 - 2016-08-05 10:23 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-08-28 03:09 - 2016-08-05 10:20 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-08-28 03:09 - 2016-08-05 10:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-08-28 03:08 - 2016-08-06 06:33 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-08-28 03:08 - 2016-08-06 06:31 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-28 03:08 - 2016-08-06 06:31 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-08-28 03:08 - 2016-08-06 06:29 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-08-28 03:08 - 2016-08-06 06:29 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-08-28 03:08 - 2016-08-06 06:26 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-08-28 03:08 - 2016-08-06 06:23 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-28 03:08 - 2016-08-06 06:18 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-28 03:08 - 2016-08-06 06:18 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-28 03:08 - 2016-08-06 06:18 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-08-28 03:08 - 2016-08-06 06:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-28 03:08 - 2016-08-06 06:17 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-08-28 03:08 - 2016-08-06 06:17 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-28 03:08 - 2016-08-06 06:16 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-28 03:08 - 2016-08-06 06:15 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-08-28 03:08 - 2016-08-06 06:13 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-28 03:08 - 2016-08-06 06:13 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-28 03:08 - 2016-08-06 06:13 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-08-28 03:08 - 2016-08-06 06:13 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-08-28 03:08 - 2016-08-06 06:13 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-28 03:08 - 2016-08-06 06:13 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-08-28 03:08 - 2016-08-06 06:09 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-28 03:08 - 2016-08-06 06:08 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-28 03:08 - 2016-08-06 06:08 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-08-28 03:08 - 2016-08-06 06:08 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-28 03:08 - 2016-08-06 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-08-28 03:08 - 2016-08-06 05:48 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-08-28 03:08 - 2016-08-06 05:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-08-28 03:08 - 2016-08-06 05:48 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-08-28 03:08 - 2016-08-06 05:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-28 03:08 - 2016-08-06 05:47 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-08-28 03:08 - 2016-08-06 05:47 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-08-28 03:08 - 2016-08-06 05:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-08-28 03:08 - 2016-08-06 05:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-08-28 03:08 - 2016-08-06 05:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-08-28 03:08 - 2016-08-06 05:46 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-08-28 03:08 - 2016-08-06 05:46 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-08-28 03:08 - 2016-08-06 05:46 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-08-28 03:08 - 2016-08-06 05:46 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-28 03:08 - 2016-08-06 05:45 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-08-28 03:08 - 2016-08-06 05:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-08-28 03:08 - 2016-08-06 05:45 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-08-28 03:08 - 2016-08-06 05:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-08-28 03:08 - 2016-08-06 05:44 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2016-08-28 03:08 - 2016-08-06 05:44 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-08-28 03:08 - 2016-08-06 05:43 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-08-28 03:08 - 2016-08-06 05:43 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-08-28 03:08 - 2016-08-06 05:43 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-28 03:08 - 2016-08-06 05:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-08-28 03:08 - 2016-08-06 05:42 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-28 03:08 - 2016-08-06 05:41 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-08-28 03:08 - 2016-08-06 05:41 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-08-28 03:08 - 2016-08-06 05:41 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-08-28 03:08 - 2016-08-06 05:41 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-08-28 03:08 - 2016-08-06 05:41 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-08-28 03:08 - 2016-08-06 05:40 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-28 03:08 - 2016-08-06 05:40 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-08-28 03:08 - 2016-08-06 05:40 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-08-28 03:08 - 2016-08-06 05:40 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-08-28 03:08 - 2016-08-06 05:39 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-08-28 03:08 - 2016-08-06 05:39 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-08-28 03:08 - 2016-08-06 05:39 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-08-28 03:08 - 2016-08-06 05:38 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-28 03:08 - 2016-08-06 05:38 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-28 03:08 - 2016-08-06 05:36 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-08-28 03:08 - 2016-08-06 05:33 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-08-28 03:08 - 2016-08-06 05:33 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-08-28 03:08 - 2016-08-06 05:31 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-28 03:08 - 2016-08-06 05:31 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-08-28 03:08 - 2016-08-06 05:31 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-08-28 03:08 - 2016-08-06 05:31 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-08-28 03:08 - 2016-08-06 05:30 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-28 03:08 - 2016-08-06 05:29 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-28 03:08 - 2016-08-06 05:29 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-08-28 03:08 - 2016-08-06 05:29 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-08-28 03:08 - 2016-08-06 05:29 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-08-28 03:08 - 2016-08-06 05:26 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-28 03:08 - 2016-08-06 05:25 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-08-28 03:08 - 2016-08-06 05:24 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-28 03:08 - 2016-08-06 05:23 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-08-28 03:08 - 2016-08-06 05:23 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-28 03:08 - 2016-08-06 05:23 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-28 03:08 - 2016-08-06 05:23 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-28 03:08 - 2016-08-06 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-08-28 03:08 - 2016-08-06 05:23 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-28 03:08 - 2016-08-06 05:23 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-08-28 03:08 - 2016-08-06 05:19 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-08-28 03:08 - 2016-08-06 05:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-28 03:08 - 2016-08-05 11:14 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-08-28 03:08 - 2016-08-05 11:12 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-28 03:08 - 2016-08-05 11:05 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-08-28 03:08 - 2016-08-05 10:28 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-08-28 03:08 - 2016-08-05 10:22 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-08-28 03:08 - 2016-08-05 10:20 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-08-28 03:08 - 2016-08-05 10:08 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-08-28 02:26 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\home_made_pro_am_pussy_4_720p.mp4 - hd-area.org
2016-08-28 02:23 - 2016-08-28 02:23 - 00002992 _____ C:\Users\hochs\Downloads\dad82ff837cf7d22a95974c8353b6eeba7879229.dlc
2016-08-28 02:23 - 2016-08-28 02:23 - 00002992 _____ C:\Users\hochs\Downloads\dad82ff837cf7d22a95974c8353b6eeba7879229 (3).dlc
2016-08-28 02:23 - 2016-08-28 02:23 - 00002992 _____ C:\Users\hochs\Downloads\dad82ff837cf7d22a95974c8353b6eeba7879229 (2).dlc
2016-08-28 02:23 - 2016-08-28 02:23 - 00002992 _____ C:\Users\hochs\Downloads\dad82ff837cf7d22a95974c8353b6eeba7879229 (1).dlc
2016-08-28 02:22 - 2016-08-28 02:22 - 00013755 _____ C:\Users\hochs\Downloads\helper.html
2016-08-28 01:41 - 2016-09-01 00:22 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-08-28 01:41 - 2016-08-31 11:44 - 00000000 ____D C:\Users\hochs\AppData\Roaming\IDM
2016-08-28 01:41 - 2016-08-31 07:05 - 00000000 ____D C:\Users\hochs\Downloads\Video
2016-08-28 01:41 - 2016-08-29 16:00 - 00000000 ____D C:\Users\hochs\Downloads\Compressed
2016-08-28 01:41 - 2016-08-28 01:44 - 00001093 _____ C:\Users\hochs\Desktop\Internet Download Manager.lnk
2016-08-28 01:41 - 2016-08-28 01:41 - 00000000 ____D C:\ProgramData\IDM
2016-08-28 01:41 - 2016-08-28 01:41 - 00000000 _____ C:\Users\hochs\Downloads\Download.htm
2016-08-28 01:39 - 2016-08-28 01:41 - 06895345 _____ (Tonec Inc.) C:\Users\hochs\Downloads\IDM_Pre.exe
2016-08-28 01:39 - 2016-08-28 01:39 - 06895345 _____ (Tonec Inc.) C:\Users\hochs\Downloads\IDM_Pre (1).exe
2016-08-28 01:38 - 2016-08-28 01:38 - 00000000 _____ C:\Users\hochs\Downloads\da9e.tmp
2016-08-28 01:35 - 2016-08-28 01:35 - 00000000 ____D C:\Users\hochs\Downloads\Internet Download Manager 6 25 Build 25 Pre-Activated
2016-08-28 01:29 - 2016-08-28 01:29 - 00000196 _____ C:\Users\hochs\Downloads\a6dbb02e-c968-40a7-899f-d43a357ae8b4.htm
2016-08-28 01:26 - 2016-08-28 01:26 - 03875576 _____ C:\Users\hochs\Downloads\Nicht bestätigt 790328.crdownload
2016-08-28 01:26 - 2016-08-28 01:26 - 03875576 _____ C:\Users\hochs\Downloads\Nicht bestätigt 72968.crdownload
2016-08-28 01:25 - 2016-08-28 01:25 - 03875576 _____ C:\Users\hochs\Downloads\Nicht bestätigt 426776.crdownload
2016-08-28 01:20 - 2016-08-28 01:20 - 00004440 _____ C:\Users\hochs\Downloads\e7b3c70dacfd72a5689c890d8fbb75d688f8b75d.dlc
2016-08-28 01:20 - 2016-08-28 01:20 - 00004440 _____ C:\Users\hochs\Downloads\e7b3c70dacfd72a5689c890d8fbb75d688f8b75d (3).dlc
2016-08-28 01:20 - 2016-08-28 01:20 - 00004440 _____ C:\Users\hochs\Downloads\e7b3c70dacfd72a5689c890d8fbb75d688f8b75d (2).dlc
2016-08-28 01:20 - 2016-08-28 01:20 - 00004440 _____ C:\Users\hochs\Downloads\e7b3c70dacfd72a5689c890d8fbb75d688f8b75d (1).dlc
2016-08-28 01:15 - 2016-09-04 12:32 - 00000000 ____D C:\Users\hochs\AppData\Local\Free Download Manager
2016-08-27 20:41 - 2016-08-27 20:42 - 00000000 ____D C:\Users\hochs\Downloads\Cuban.Fury.Echte.Maenner.tanzen.German.2014.AC3.BDRip.x264-FRACTAL
2016-08-27 20:39 - 2016-08-27 20:39 - 00003480 _____ C:\Users\hochs\Downloads\5b1f9ae276247c172704601f80fd4f7e6cdb3388 (1).dlc
2016-08-27 20:38 - 2016-08-27 20:38 - 00003480 _____ C:\Users\hochs\Downloads\5b1f9ae276247c172704601f80fd4f7e6cdb3388.dlc
2016-08-27 20:37 - 2016-08-27 20:37 - 00001918 _____ C:\Users\Public\Desktop\Star Downloader.lnk
2016-08-27 20:37 - 2016-08-27 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Downloader
2016-08-27 20:37 - 2016-08-27 20:37 - 00000000 ____D C:\Program Files (x86)\Star Downloader
2016-08-27 20:36 - 2016-08-27 20:37 - 02452082 _____ (Star Downloader) C:\Users\hochs\Downloads\sdfree.exe
2016-08-27 20:32 - 2016-09-04 14:46 - 00000000 ____D C:\Users\hochs\Downloads\Star Trek Beyond (2016)
2016-08-27 20:11 - 2016-08-27 20:11 - 00001348 _____ C:\Users\hochs\Desktop\4K Video Downloader.lnk
2016-08-27 20:11 - 2016-08-27 20:11 - 00000000 ____D C:\Users\hochs\AppData\Local\4kdownload.com
2016-08-27 20:11 - 2016-08-27 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2016-08-27 20:11 - 2016-08-27 20:11 - 00000000 ____D C:\Program Files (x86)\4KDownload
2016-08-27 20:10 - 2016-08-27 20:11 - 31335352 _____ (Open Media LLC ) C:\Users\hochs\Downloads\4kvideodownloader_4.1.exe
2016-08-27 20:04 - 2016-08-27 20:04 - 00003113 _____ C:\Users\hochs\Downloads\ardmediathek.host
2016-08-27 19:52 - 2016-08-27 19:52 - 00003149 _____ C:\Users\hochs\Downloads\zdfmediathek.host
2016-08-27 11:56 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\The.Mechanic.2.Resurrection.2016.TS.MD.German.x264-PS - filecrypt.cc
2016-08-27 09:14 - 2016-08-27 09:14 - 00000838 _____ C:\Users\hochs\Documents\psr7.lic
2016-08-27 09:13 - 2016-08-27 09:55 - 00548864 _____ C:\Users\hochs\Documents\Passwort.ps7
2016-08-27 09:07 - 2016-08-27 09:07 - 00001214 _____ C:\Users\Public\Desktop\Password Safe 7.lnk
2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\Users\hochs\Downloads\Bitdefender Safepay
2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Password Safe and Repository 7
2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\ProgramData\InstallMate
2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\Program Files (x86)\Password Safe and Repository 7
2016-08-27 08:47 - 2016-08-27 08:47 - 00418464 _____ C:\Users\hochs\Downloads\SecureSafe-Recovery-Code.pdf
2016-08-27 08:08 - 2016-08-27 08:08 - 00001542 _____ C:\Users\Public\Desktop\Ein-Klick-Optimierung (WO14).lnk
2016-08-27 08:08 - 2016-08-27 08:08 - 00001314 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 14.lnk
2016-08-27 08:08 - 2016-08-27 08:08 - 00000214 _____ C:\Users\Public\Desktop\My Software Deals.url
2016-08-27 08:08 - 2016-08-27 08:08 - 00000000 ____D C:\ProgramData\Ashampoo
2016-08-27 08:07 - 2016-08-27 08:08 - 28473112 _____ (Ashampoo GmbH & Co. KG ) C:\Users\hochs\Downloads\ashampoo_winoptimizer_14_e14.00.02_sm.exe
2016-08-27 05:34 - 2015-11-11 13:56 - 00043618 ____N C:\Users\hochs\Downloads\qualcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_630.dll
2016-08-27 05:34 - 2015-11-11 13:56 - 00029361 ____N C:\Users\hochs\Downloads\manual_installation_guidequalcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_630.pdf
2016-08-27 05:34 - 2015-11-11 13:56 - 00005159 ____N C:\Users\hochs\Downloads\qualcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_6301.sys
2016-08-27 05:34 - 2015-11-11 13:56 - 00003638 ____N C:\Users\hochs\Downloads\READ-ME.txt
2016-08-27 05:34 - 2015-11-11 13:56 - 00001474 ____N C:\Users\hochs\Downloads\qualcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_630.cat
2016-08-27 05:33 - 2016-08-27 05:33 - 00031404 _____ C:\Users\hochs\Downloads\qualcomm_atheros_ar8171_8175_pci_e_gigabit_ethernet_controller_ndis_630_driver.zip
2016-08-27 04:55 - 2016-08-27 04:55 - 00981592 _____ (SlimWare Utilities, Inc.) C:\Users\hochs\Downloads\SlimDrivers-setup.exe
2016-08-27 04:40 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\lhd-hwahrheit-1080p.mkv - hd-area.org
2016-08-27 04:21 - 2016-08-27 04:49 - 00000000 ____D C:\Users\hochs\Downloads\Nichts.mehr.wie.vorher.German.2013.AC3.DVDRip.x264-iMPERiUM - filecrypt.cc
2016-08-26 18:00 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\Wie.Klaut.Man.Eine.Million.German.DL.1966.HDTV.720p.x264.AC3-msd - hd-area.org
2016-08-26 17:50 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\Dafranosuri
2016-08-26 16:31 - 2016-08-26 16:31 - 00001158 _____ C:\Users\Public\Desktop\My LastPass Vault.lnk
2016-08-26 16:31 - 2016-08-26 16:31 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2016-08-26 16:31 - 2016-08-26 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2016-08-26 16:30 - 2016-08-26 16:31 - 00000000 ____D C:\Program Files (x86)\LastPass
2016-08-26 16:03 - 2016-09-04 14:28 - 00000000 ____D C:\Users\hochs\AppData\LocalLow\LastPass
2016-08-26 15:57 - 2016-08-26 15:57 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Mozilla
2016-08-26 11:43 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\Crouching.Tiger.Hidden.Dragon.Sword.of.Destiny.2016.German.Dubbed.DL.2160p.WEB-DL.x264-NIMA4K
2016-08-25 19:45 - 2016-08-26 11:41 - 00000000 ____D C:\Users\hochs\Downloads\Made.in.France.2015.German.1080p.BluRay.x264-ROOR - filecrypt.cc
2016-08-25 18:26 - 2016-08-25 18:26 - 00331104 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file2355.sys
2016-08-25 18:26 - 2016-08-25 18:26 - 00181088 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2263.sys
2016-08-25 18:26 - 2016-08-25 18:26 - 00000000 ____D C:\ProgramData\Acronis Mobile Backup Data
2016-08-24 04:24 - 2016-08-24 04:24 - 00142170 _____ C:\Users\hochs\Documents\Invoice_9636875_3300331493042016.pdf
2016-08-24 04:23 - 2016-08-24 04:23 - 00071918 _____ C:\Users\hochs\Documents\Details_9636875_3300765375082016_10000149531615.pdf
2016-08-24 04:17 - 2016-08-24 04:27 - 204759040 _____ C:\Users\hochs\Documents\DSM_DS214+_8451.pat
2016-08-23 19:03 - 2016-08-24 20:04 - 00000000 ____D C:\Users\hochs\Downloads\xan-The.Ardennes-avc.mkv - hd-area.org
2016-08-23 18:53 - 2016-08-24 20:03 - 00000000 ____D C:\Users\hochs\Downloads\kilotwobravo180.mkv - hd-area.org
2016-08-23 18:47 - 2016-08-23 18:51 - 00000000 ____D C:\Users\hochs\Downloads\The.Confirmation.2016.German.AC3.DVDRip.x264-MULTiPLEX - filecrypt.cc
2016-08-23 18:31 - 2016-08-23 18:31 - 00000000 ____D C:\Users\hochs\AppData\Local\Deployment
2016-08-22 20:18 - 2016-08-22 20:32 - 00000000 ____D C:\Users\hochs\Downloads\Riff.Piraten.1939.German.DL.1080p.BluRay.x264-CONTRiBUTiON - filecrypt.cc
2016-08-22 19:57 - 2016-08-22 19:57 - 00002126 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-08-22 19:57 - 2016-08-22 19:57 - 00002124 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-08-22 19:57 - 2016-08-22 19:57 - 00002114 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-08-22 19:57 - 2016-08-22 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-08-22 19:32 - 2016-08-22 19:32 - 00000000 ____D C:\Snort
2016-08-22 19:30 - 2016-08-22 19:30 - 00000000 ____D C:\ProgramData\AVAST Software
2016-08-21 16:07 - 2016-08-22 20:17 - 00000000 ____D C:\Users\hochs\Downloads\Der.Wert.des.Menschen.German.2015.DL.PAL.DVDR-SAViOUR - filecrypt.cc
2016-08-21 15:59 - 2016-08-22 20:17 - 00000000 ____D C:\Users\hochs\Downloads\Nick.Knattertons.Abenteuer.Der.Raub.der.Gloria.Nylon.1959.German.BDRip.x264-MONOBiLD - filecrypt.cc
2016-08-21 13:45 - 2016-08-21 13:45 - 00000000 ____D C:\Users\hochs\Downloads\Unterschrift
2016-08-21 04:04 - 2016-08-21 04:04 - 00000000 ____D C:\ProgramData\Wondershare
2016-08-21 04:03 - 2016-08-21 04:03 - 00000000 ____D C:\Users\hochs\AppData\Local\CrashRpt
2016-08-21 04:03 - 2016-08-21 04:03 - 00000000 ____D C:\Users\hochs\AppData\Local\BMExplorer
2016-08-20 19:13 - 2016-08-22 20:17 - 00000000 ____D C:\Users\hochs\Downloads\Suicide.Squad.TS.MD.GERMAN.x264-KarlsKrone - filecrypt.cc
2016-08-20 15:12 - 2016-08-20 15:12 - 00000000 ____D C:\Users\hochs\AppData\Local\PeerDistRepub
2016-08-20 14:01 - 2016-08-30 02:39 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iStripper
2016-08-20 10:41 - 2016-08-20 10:41 - 00000000 ____D C:\Users\hochs\AppData\Local\Remove_Empty_Directories
2016-08-20 10:36 - 2016-08-20 10:36 - 00001179 _____ C:\Users\Public\Desktop\Remove Empty Directories.lnk
2016-08-20 10:36 - 2016-08-20 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remove Empty Directories
2016-08-20 10:36 - 2016-08-20 10:36 - 00000000 ____D C:\Program Files (x86)\Remove Empty Directories
2016-08-19 22:36 - 2016-08-20 07:39 - 00001150 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-19 22:36 - 2016-08-20 07:39 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-18 18:24 - 2016-09-07 17:07 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Yahoo Messenger
2016-08-18 18:24 - 2016-08-18 18:24 - 00002381 _____ C:\Users\hochs\Desktop\Yahoo Messenger.lnk
2016-08-18 18:24 - 2016-08-18 18:24 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yahoo! Inc
2016-08-18 18:24 - 2016-08-18 18:24 - 00000000 ____D C:\Users\hochs\AppData\Local\yahoomessenger
2016-08-18 00:10 - 2016-08-18 00:10 - 00002449 ____R C:\WINDOWS\RouterControl_Uninstall.in
2016-08-18 00:10 - 2009-05-19 13:49 - 00330344 _____ (Mirko Böer) C:\WINDOWS\RCoUn.EXE
2016-08-17 18:30 - 2016-09-01 00:26 - 00000000 ____D C:\Program Files (x86)\TraXEx
2016-08-17 00:17 - 2016-08-17 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-08-17 00:17 - 2016-08-17 00:17 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-08-17 00:17 - 2016-08-17 00:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-08-15 11:40 - 2016-08-15 11:40 - 00042064 _____ (Anchorfree Inc.) C:\WINDOWS\system32\Drivers\taphss6.sys
2016-08-15 03:42 - 2016-08-15 03:43 - 00000000 ____D C:\ProgramData\F-Secure
2016-08-15 03:42 - 2016-08-15 03:42 - 00000000 ____D C:\Users\hochs\AppData\Local\F-Secure
2016-08-14 16:05 - 2016-08-14 16:05 - 08981510 _____ C:\Users\hochs\Documents\DESKTOP-GBIJB17.arn
2016-08-14 15:56 - 2016-08-14 15:56 - 00000022 ___SH C:\Users\hochs\AppData\Roaming\App1755 Conf_DB.ind
2016-08-14 15:56 - 2016-08-14 15:56 - 00000022 ___SH C:\Users\hochs\AppData\Roaming\0BF913075E33065.xrd
2016-08-14 15:37 - 2016-08-30 02:39 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2016-08-14 15:37 - 2016-08-14 15:49 - 00000000 ____D C:\ProgramData\WindSolutions
2016-08-14 15:18 - 2016-08-14 15:18 - 00001428 _____ C:\Users\Public\Desktop\Wondershare TunesGo Retro.lnk
2016-08-14 15:18 - 2016-08-14 15:18 - 00000000 ____D C:\Users\hochs\AppData\Local\Wondershare
2016-08-14 15:18 - 2016-08-14 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2016-08-14 15:17 - 2016-08-14 15:17 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-08-14 14:29 - 2016-08-14 14:29 - 00002266 _____ C:\Users\Public\Desktop\Xilisoft Video Converter Ultimate.lnk
2016-08-14 14:29 - 2016-08-14 14:29 - 00000000 ____D C:\ProgramData\Xilisoft
2016-08-14 14:29 - 2016-08-14 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2016-08-14 14:29 - 2016-08-14 14:29 - 00000000 ____D C:\Program Files (x86)\Xilisoft
2016-08-14 14:22 - 2016-08-14 14:23 - 00000000 ____D C:\ProgramData\Freemake
2016-08-14 14:22 - 2016-08-14 14:22 - 00001408 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2016-08-14 14:22 - 2016-08-14 14:22 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2016-08-14 14:22 - 2016-08-14 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2016-08-14 14:22 - 2016-08-14 14:22 - 00000000 ____D C:\Program Files (x86)\Freemake
2016-08-14 13:35 - 2016-08-14 13:35 - 00000000 ____D C:\Users\hochs\Documents\Benutzerdefinierte Office-Vorlagen
2016-08-14 12:55 - 2016-08-14 12:55 - 00000000 ____D C:\Users\hochs\AppData\Local\CrashReportClient
2016-08-14 12:21 - 2016-08-14 12:21 - 00000000 ____D C:\Program Files\Epic Games
2016-08-14 12:19 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-08-14 12:19 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-08-14 12:19 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-08-14 12:19 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-08-14 12:19 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-08-14 12:19 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-08-14 12:19 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-08-14 12:18 - 2016-08-14 12:20 - 00002617 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2016-08-14 12:18 - 2016-08-14 12:20 - 00002605 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2016-08-14 12:18 - 2016-08-14 12:19 - 00000000 ____D C:\ProgramData\Epic
2016-08-14 12:18 - 2016-08-14 12:18 - 00000000 ____D C:\Users\hochs\AppData\Local\UnrealEngine
2016-08-14 12:18 - 2016-08-14 12:18 - 00000000 ____D C:\Users\hochs\AppData\Local\EpicGamesLauncher
2016-08-14 12:18 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-08-13 23:41 - 2016-08-13 23:41 - 00000000 ____D C:\Program Files\CMAK
2016-08-13 23:41 - 2016-08-13 23:41 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-08-13 10:03 - 2016-08-13 10:03 - 00000000 ___HD C:\$Windows.~WS
2016-08-12 22:02 - 2016-08-12 22:02 - 00001961 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2016-08-12 22:02 - 2016-08-12 22:02 - 00001949 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2016-08-12 22:02 - 2016-08-12 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2016-08-12 22:02 - 2016-08-12 22:02 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2016-08-12 21:20 - 2016-08-12 21:20 - 00000000 ____D C:\Users\hochs\AppData\Local\Disc_Soft_Ltd
2016-08-10 05:51 - 2016-08-02 10:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-10 05:51 - 2016-08-02 10:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-10 05:51 - 2016-08-02 09:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 05:51 - 2016-08-02 06:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 05:51 - 2016-07-22 03:32 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-10 05:51 - 2016-07-22 03:25 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-10 05:51 - 2016-07-22 03:18 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-10 05:51 - 2016-07-22 03:18 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-10 05:51 - 2016-07-22 03:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-10 05:51 - 2016-07-22 02:32 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-10 05:51 - 2016-07-22 02:31 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-09 20:38 - 2016-08-09 20:38 - 00047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2016-08-09 20:38 - 2016-08-09 20:38 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2016-08-09 20:38 - 2016-08-09 20:38 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-08-09 20:09 - 2016-08-09 20:09 - 00002315 _____ C:\Users\hochs\Desktop\RT 7 Lite (64-Bit).lnk
2016-08-09 20:09 - 2016-08-09 20:09 - 00000000 ____D C:\WINDOWS\system32\RT 7 Lite
2016-08-09 20:09 - 2016-08-09 20:09 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockers Team
2016-08-09 20:09 - 2016-08-09 20:09 - 00000000 ____D C:\Program Files\Rockers Team
2016-08-08 17:27 - 2016-08-08 17:27 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2016-08-08 17:15 - 2016-09-07 17:06 - 00000000 ____D C:\AdwCleaner

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-07 17:13 - 2016-07-17 00:51 - 02126288 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-07 17:13 - 2016-07-17 00:51 - 00543366 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-07 17:13 - 2016-05-20 20:58 - 04458916 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-07 17:07 - 2016-08-07 14:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-07 17:07 - 2016-05-20 21:29 - 00000000 ___RD C:\Users\hochs\iCloudDrive
2016-09-07 17:06 - 2016-06-03 03:46 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-09-07 16:55 - 2016-06-23 07:03 - 00000000 ____D C:\Users\hochs\Documents\Outlook-Dateien
2016-09-07 16:49 - 2016-06-11 01:57 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-09-07 07:27 - 2016-08-07 14:17 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-07 01:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-06 19:39 - 2016-05-20 21:32 - 00000000 ____D C:\Users\hochs\AppData\Local\JDownloader 2.0
2016-09-05 18:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-09-04 14:26 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-09-04 14:26 - 2016-05-20 20:53 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-04 14:25 - 2016-07-17 00:56 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-09-04 13:54 - 2016-05-21 09:20 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-04 13:27 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-04 12:07 - 2016-08-07 14:19 - 00000000 ____D C:\Users\hochs
2016-09-04 11:59 - 2016-07-24 16:54 - 00000000 ____D C:\Users\hochs\.mediathek3
2016-09-04 11:38 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-04 11:38 - 2016-05-20 20:53 - 00000000 ____D C:\Users\hochs\AppData\Local\Packages
2016-09-04 05:15 - 2016-07-24 21:14 - 00000000 ____D C:\Users\hochs\AppData\Local\Glance
2016-09-02 13:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-02 09:15 - 2016-05-31 18:39 - 00000000 ____D C:\ProgramData\Atheros
2016-09-02 03:24 - 2016-05-22 18:12 - 00000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForhochs.job
2016-09-01 16:26 - 2016-07-30 11:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-01 16:24 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-01 16:24 - 2016-05-20 21:41 - 00000000 ____D C:\WINDOWS\ShellNew
2016-09-01 16:24 - 2016-05-20 21:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-01 16:23 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-01 16:23 - 2016-05-20 21:41 - 00000167 _____ C:\WINDOWS\win.ini
2016-09-01 14:28 - 2016-06-11 05:17 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-09-01 13:39 - 2016-06-22 12:03 - 00000000 ____D C:\Program Files\PeerBlock
2016-09-01 13:35 - 2016-08-07 09:03 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-09-01 13:11 - 2016-05-20 21:27 - 00075803 _____ C:\bdlog.txt
2016-09-01 10:18 - 2016-08-07 09:09 - 00001051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-09-01 10:18 - 2016-08-07 09:09 - 00001039 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-09-01 08:40 - 2016-05-21 05:50 - 00000000 ____D C:\Users\hochs\AppData\LocalLow\Adobe
2016-09-01 08:40 - 2016-05-21 05:48 - 00000000 ____D C:\Users\hochs\AppData\Local\Adobe
2016-09-01 08:39 - 2016-05-20 20:55 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-01 02:26 - 2016-07-16 13:43 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-09-01 02:26 - 2016-07-16 13:43 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-09-01 02:26 - 2016-07-16 13:43 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-01 02:26 - 2016-07-16 13:43 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-01 02:26 - 2016-07-16 13:42 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-09-01 02:26 - 2016-07-16 13:42 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-01 02:26 - 2016-07-16 13:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-09-01 02:26 - 2016-07-16 13:42 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-01 02:26 - 2016-07-16 13:42 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-01 02:26 - 2016-07-16 13:42 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-01 02:26 - 2016-07-16 13:42 - 00079544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-01 02:26 - 2016-07-16 13:42 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-01 02:26 - 2016-07-16 13:42 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-01 02:26 - 2016-07-16 13:42 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-01 01:03 - 2016-05-21 06:57 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-08-31 17:43 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-31 06:34 - 2016-05-29 18:43 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2016-08-31 06:34 - 2016-05-29 18:43 - 00001161 _____ C:\Users\Public\Desktop\WinSCP.lnk
2016-08-31 06:34 - 2016-05-29 18:43 - 00000000 ____D C:\Program Files (x86)\WinSCP
2016-08-30 02:29 - 2016-05-21 05:47 - 00000000 ____D C:\ProgramData\Adobe
2016-08-29 16:36 - 2015-01-14 01:54 - 00000000 ____D C:\Users\hochs\Downloads\Plugins
2016-08-28 14:02 - 2016-05-21 05:48 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-08-27 08:08 - 2016-05-29 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-08-27 08:08 - 2016-05-29 19:27 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2016-08-27 04:28 - 2016-07-30 11:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-26 16:05 - 2016-07-30 11:57 - 00000000 ____D C:\Users\hochs\AppData\Local\Mozilla
2016-08-26 15:57 - 2016-07-30 11:57 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-26 15:57 - 2016-07-30 11:57 - 00001231 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-26 07:43 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-08-26 07:43 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-08-25 18:39 - 2016-05-20 21:00 - 00000000 ____D C:\ProgramData\Acronis
2016-08-25 18:26 - 2016-05-20 21:01 - 01267544 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00687968 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00375136 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00368480 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00331104 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00212320 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00181088 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00001297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2016-08-25 18:26 - 2016-05-20 21:01 - 00001285 _____ C:\Users\Public\Desktop\Acronis True Image.lnk
2016-08-25 18:22 - 2016-05-20 21:26 - 00000000 ____D C:\Users\hochs\AppData\Local\Apple
2016-08-24 03:38 - 2016-07-16 13:43 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-23 18:31 - 2016-05-28 10:47 - 00000000 ____D C:\Users\hochs\AppData\Local\Apps\2.0
2016-08-22 19:57 - 2016-05-20 20:55 - 00000000 ____D C:\Users\hochs\AppData\Local\Google
2016-08-21 16:04 - 2016-05-20 21:27 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Apple Computer
2016-08-21 04:03 - 2016-05-20 21:27 - 00000000 ____D C:\Users\hochs\AppData\Local\Apple Computer
2016-08-20 18:43 - 2016-05-27 07:02 - 00001390 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2016-08-20 18:43 - 2016-05-27 07:02 - 00001329 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-08-20 18:43 - 2016-05-27 07:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-08-20 18:43 - 2016-05-27 07:02 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-08-20 16:20 - 2016-05-20 20:55 - 00000000 ____D C:\Users\hochs\AppData\Local\MicrosoftEdge
2016-08-20 10:41 - 2016-08-06 09:27 - 00000000 ____D C:\xampp2
2016-08-20 10:41 - 2016-08-06 09:16 - 00000000 ____D C:\xampp
2016-08-20 10:40 - 2016-07-15 20:16 - 00000000 ____D C:\Users\hochs\AppData\Local\PrivaZer
2016-08-20 10:37 - 2016-08-06 08:57 - 00000000 ____D C:\Users\hochs\.mythtv
2016-08-20 10:37 - 2016-05-20 20:53 - 00000000 ____D C:\Users\hochs\AppData\Local\Comms
2016-08-20 07:37 - 2016-08-06 09:19 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-08-18 18:26 - 2016-08-06 11:42 - 00000000 ____D C:\Users\hochs\AppData\Local\SquirrelTemp
2016-08-17 01:11 - 2016-08-07 15:17 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-15 04:20 - 2016-07-09 04:00 - 00002126 _____ C:\Users\hochs\Desktop\cnlabSpeedTest.lnk
2016-08-15 04:20 - 2016-07-09 04:00 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\cnlab AG
2016-08-15 04:20 - 2016-07-09 04:00 - 00000000 ____D C:\Users\hochs\AppData\Local\cnlabSpeedTest
2016-08-14 12:18 - 2016-07-31 00:49 - 00000000 ____D C:\Program Files (x86)\Epic Games
2016-08-12 23:17 - 2016-05-21 10:19 - 00000000 ____D C:\Users\hochs\.VirtualBox
2016-08-12 23:00 - 2016-05-21 10:19 - 00000000 ____D C:\Users\hochs\VirtualBox VMs
2016-08-09 20:48 - 2016-08-07 14:26 - 00002563 _____ C:\WINDOWS\diagwrn.xml
2016-08-09 20:48 - 2016-08-07 14:26 - 00001908 _____ C:\WINDOWS\diagerr.xml
2016-08-08 20:28 - 2016-08-07 13:51 - 00000000 ____D C:\Windows10Upgrade
2016-08-08 17:17 - 2016-07-05 19:50 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2016-08-08 17:17 - 2016-06-22 12:27 - 00000000 ____D C:\ProgramData\Lavasoft
2016-08-08 17:17 - 2016-06-22 12:27 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2016-08-08 16:59 - 2016-08-07 14:29 - 00000000 ____D C:\Users\hochs\AppData\Local\ConnectedDevicesPlatform
2016-08-08 04:48 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-03-26 13:48 - 2015-03-26 13:48 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2016-08-14 15:56 - 2016-08-14 15:56 - 0000022 ___SH () C:\Users\hochs\AppData\Roaming\0BF913075E33065.xrd
2016-08-14 15:56 - 2016-08-14 15:56 - 0000022 ___SH () C:\Users\hochs\AppData\Roaming\App1755 Conf_DB.ind
2016-08-31 06:32 - 2016-08-31 07:22 - 0000600 _____ () C:\Users\hochs\AppData\Roaming\winscp.rnd
2016-08-28 13:48 - 2016-08-28 13:48 - 0187693 _____ () C:\Users\hochs\AppData\Local\ars.cache
2016-08-28 13:48 - 2016-08-28 13:48 - 0490651 _____ () C:\Users\hochs\AppData\Local\census.cache
2016-08-28 13:29 - 2016-08-28 13:29 - 0000036 _____ () C:\Users\hochs\AppData\Local\housecall.guid.cache
2016-09-01 13:12 - 2016-09-01 13:12 - 0238909 _____ () C:\ProgramData\1472728277.bdinstall.bin
2016-09-01 13:40 - 2016-09-01 13:40 - 0028335 _____ () C:\ProgramData\1472729999.bdinstall.bin
2016-05-21 06:09 - 2016-05-21 06:09 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0003439 _____ () C:\ProgramData\cfGH0330.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002297 _____ () C:\ProgramData\cfSB1580.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002244 _____ () C:\ProgramData\cfSB1590.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002595 _____ () C:\ProgramData\cfSB1600.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002595 _____ () C:\ProgramData\cfSB1610.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002244 _____ () C:\ProgramData\cfSB1700.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0003582 _____ () C:\ProgramData\cfSB1710.ini
2016-08-07 14:18 - 2016-08-07 14:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-01-26 00:34 - 2016-01-26 00:34 - 0057587 _____ () C:\ProgramData\SBXH7.cfg

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\admin\AppData\Local\Temp\DeleteOnReboot.bat


Einige Dateien in TEMP:
====================
C:\Users\admin\AppData\Local\Temp\avgnt.exe
C:\Users\admin\AppData\Local\Temp\gi34UBJM.exe
C:\Users\admin\AppData\Local\Temp\libeay32.dll
C:\Users\admin\AppData\Local\Temp\msvcr120.dll
C:\Users\admin\AppData\Local\Temp\sqlite3.dll
C:\Users\hochs\AppData\Local\Temp\avgnt.exe
C:\Users\hochs\AppData\Local\Temp\kernel32.dll
C:\Users\hochs\AppData\Local\Temp\proxy_vole1797863368897694260.dll
C:\Users\hochs\AppData\Local\Temp\proxy_vole2240034186095844922.dll
C:\Users\hochs\AppData\Local\Temp\proxy_vole7998053034528165035.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. der Benutzer ist kein Administrator

==================== Ende von FRST.txt ============================
         

Alt 07.09.2016, 16:45   #9
powerzug
 
Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus - Standard

Log von FRST 1. Teil



Log von FRST 1. Teil

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von hochs (ACHTUNG: der Benutzer ist kein Administrator) auf DESKTOP-GBIJB17 (07-09-2016 17:14:12)
Gestartet von C:\Users\hochs\Downloads
Geladene Profile: hochs (Verfügbare Profile: hochs & admin & Administrator)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

konnte nicht auf den Prozess zugreifen -> smss.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> wininit.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> services.exe
konnte nicht auf den Prozess zugreifen -> lsass.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> winlogon.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> dwm.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> dasHost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> nvvsvc.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> nvxdsync.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> spoolsv.exe
konnte nicht auf den Prozess zugreifen -> sched.exe
konnte nicht auf den Prozess zugreifen -> schedul2.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> AdminService.exe
konnte nicht auf den Prozess zugreifen -> Avira.VpnService.exe
konnte nicht auf den Prozess zugreifen -> Avira.SoftwareUpdater.ServiceHost.exe
konnte nicht auf den Prozess zugreifen -> avguard.exe
konnte nicht auf den Prozess zugreifen -> mDNSResponder.exe
konnte nicht auf den Prozess zugreifen -> Avira.ServiceHost.exe
konnte nicht auf den Prozess zugreifen -> chip 1-click installer.exe
konnte nicht auf den Prozess zugreifen -> BitBoxService.exe
konnte nicht auf den Prozess zugreifen -> vss-service-x64.exe
konnte nicht auf den Prozess zugreifen -> AGSService.exe
konnte nicht auf den Prozess zugreifen -> TeamViewer_Service.exe
konnte nicht auf den Prozess zugreifen -> app_updater.exe
konnte nicht auf den Prozess zugreifen -> Avira.SystemSpeedup.SpeedupService.exe
konnte nicht auf den Prozess zugreifen -> armsvc.exe
konnte nicht auf den Prozess zugreifen -> mbamscheduler.exe
konnte nicht auf den Prozess zugreifen -> afcdpsrv.exe
konnte nicht auf den Prozess zugreifen -> ManyCamService.exe
konnte nicht auf den Prozess zugreifen -> AllShareFrameworkManagerDMS.exe
konnte nicht auf den Prozess zugreifen -> Samsung Link.exe
konnte nicht auf den Prozess zugreifen -> Ath_CoexAgent.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> UsbClientService.exe
konnte nicht auf den Prozess zugreifen -> AppleMobileDeviceService.exe
konnte nicht auf den Prozess zugreifen -> Samsung Link.exe
konnte nicht auf den Prozess zugreifen -> vss-service-x64.exe
konnte nicht auf den Prozess zugreifen -> mms_mini.exe
konnte nicht auf den Prozess zugreifen -> AllShareFrameworkDMS.exe
konnte nicht auf den Prozess zugreifen -> conhost.exe
konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> avshadow.exe
konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe
konnte nicht auf den Prozess zugreifen -> avmailc7.exe
konnte nicht auf den Prozess zugreifen -> avwebg7.exe
konnte nicht auf den Prozess zugreifen -> GoogleUpdate.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(EJIE Technology) C:\Program Files (x86)\Clover\clover.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
konnte nicht auf den Prozess zugreifen -> iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
() C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe
(CounterPath) C:\Program Files (x86)\CounterPath\Bria 4\Bria4.exe
(Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe
(Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe
(Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe
(The CefSharp Authors) C:\Program Files (x86)\CounterPath\Bria 4\CefSharp.BrowserSubprocess.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(Alexander Miehlke Softwareentwicklung) C:\Program Files (x86)\TraXEx\TraXEx.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(AVM Software Inc.) C:\Program Files (x86)\Paltalk Messenger\paltalk.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
konnte nicht auf den Prozess zugreifen -> fontdrvhost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
konnte nicht auf den Prozess zugreifen -> HPSupportSolutionsFrameworkService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> mobile_backup_server.exe
konnte nicht auf den Prozess zugreifen -> mobile_backup_status_server.exe
konnte nicht auf den Prozess zugreifen -> syncagentsrv.exe
konnte nicht auf den Prozess zugreifen -> LiveTunerService.exe
konnte nicht auf den Prozess zugreifen -> NASvc.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
konnte nicht auf den Prozess zugreifen -> SearchProtocolHost.exe
konnte nicht auf den Prozess zugreifen -> SearchFilterHost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350232 2016-06-16] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [586352 2016-08-21] ()
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [615144 2016-03-09] (Samsung Electronics Co.,Ltd)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe [4164944 2016-07-01] (Ashampoo Development GmbH & Co. KG)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4657312 2016-08-21] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [PowerDVD16Agent] => C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe [525352 2016-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425352 2016-06-03] (Acronis International GmbH)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2779136 2016-06-11] (Dominik Reichl)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [18520 2016-08-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [830064 2016-09-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [DeleteOnReboot] => C:\Users\admin\AppData\Local\Temp\DeleteOnReboot.bat [100 2016-09-07] () <===== ACHTUNG
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Atheros Communications)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1084688 2016-04-21] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe [4535192 2016-06-09] ()
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Bria 4] => C:\Program Files (x86)\CounterPath\Bria 4\Bria4.exe [4734344 2016-07-11] (CounterPath)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Yahoo Messenger Updater] => C:\Users\hochs\AppData\Roaming\Yahoo Messenger\YMUpdater\YMUpdater.exe [115144 2016-08-18] (Yahoo!, Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Yahoo Messenger] => C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe [61315088 2016-08-18] (Yahoo! Inc)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Free Download Manager] => "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [64000 2016-08-10] (Lamantine Software a.s.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\MountPoints2: {3aefeae5-1f0f-11e6-9b9c-806e6f6e6963} - "E:\pcwstart.exe" 
ShellIconOverlayIdentifiers: [   01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [   02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [   03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [   04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [   05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-30] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2016-09-04]
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TraXEx 7.0.lnk [2016-09-01]
ShortcutTarget: TraXEx 7.0.lnk -> C:\Program Files (x86)\TraXEx\TraXEx.exe (Alexander Miehlke Softwareentwicklung)
Startup: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2016-08-14] ()
Startup: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2016-08-30]
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{312630d7-a3ea-4a35-adc2-e36214d724f3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{81c71945-0989-48f6-948e-0f58b3f79291}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9758ba7f-718c-4803-9b3d-86710972f7a9}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{fd990bb7-d9d2-4a29-aa70-f3b31832c661}: [DhcpNameServer] 10.143.14.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-06] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-06] (Oracle Corporation)
BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll [2014-01-23] (EJIE Technology)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-06] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-06] (Oracle Corporation)
BHO-x32: Kein Name -> {FFFFFEF0-5B30-21D4-945D-000000000000} -> C:\Program Files (x86)\Star Downloader\SDIEInt.dll [2006-02-26] ()
Toolbar: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Keine Datei
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)

Edge: 
======
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.0.5.0_neutral__c1wakc4j0nefm []

FireFox:
========
FF ProfilePath: C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default
FF Homepage: hxxps://www.startpage.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-06] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-08-26] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-06] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-08-26] (LastPass)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-05-27] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-08-28] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-05-27] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Extension: (LastPass) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\extensions\support@lastpass.com [2016-08-26]
FF Extension: (SetupVPN) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\@setupvpncom.xpi [2016-09-02]
FF Extension: (Avira Browser Safety) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\abs@avira.com [2016-09-01]
FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2016-08-26]
FF Extension: (Avira SafeSearch Plus) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\safesearchplus2@avira.com [2016-09-01]
FF Extension: (Adblock Plus) - C:\Users\hochs\AppData\Roaming\Mozilla\Firefox\Profiles\52oxieul.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-26]
FF HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Firefox\Extensions: [{76dccd48-a276-11e5-8934-cd441d5d46b0}] - C:\Users\hochs\AppData\Roaming\Lamantine\Sticky Password\spAutofillMoz
FF Extension: (Sticky Password Autofill Engine) - C:\Users\hochs\AppData\Roaming\Lamantine\Sticky Password\spAutofillMoz [2016-09-02]
FF HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => nicht gefunden

Chrome: 
=======
CHR HomePage: Default -> hxxps://startseite.com/
CHR DefaultSearchURL: Default -> hxxps://www.startpage.com/do/dsearch?query={searchTerms}&cat=web&pl=opensearch&language=deutsch
CHR DefaultSearchKeyword: Default -> https://startpage.com
CHR Profile: C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-15]
CHR Extension: (Google Drive) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-15]
CHR Extension: (WhatsChrome) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan [2016-08-07]
CHR Extension: (YouTube) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-15]
CHR Extension: (Porno-Blocker und Kindersicherung) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\cenggogncmgefhljmbhbjgfbfjbmpkml [2016-08-15]
CHR Extension: (Avira Browserschutz) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-02]
CHR Extension: (Google Docs Offline) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-15]
CHR Extension: (AdBlock) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-26]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-08-27]
CHR Extension: (Disconnect Search) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmobfennjmjnkdbklhcnnfbhfibedgkk [2016-09-02]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2016-09-02]
CHR Extension: (Disconnect) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2016-09-02]
CHR Extension: (Sticky Password Autofill Engine) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaafoaobjaplofpihlhbcbcjhmgnjplf [2016-09-02]
CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2016-06-23]
CHR Extension: (Chrono Download Manager) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2016-08-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-15]
CHR Extension: (Google Mail) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-15]
CHR Extension: (Chrome Media Router) - C:\Users\hochs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-03]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hmobfennjmjnkdbklhcnnfbhfibedgkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jeoacafpbcihiomhlakheieifhpjdfeo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1277688 2016-08-21] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6086744 2016-08-25] ()
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert]
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [989696 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1454720 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [253392 2016-08-26] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [26760 2016-08-23] (Avira Operations GmbH & Co. KG)
R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2016-06-20] (Sirrix AG) [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-08-29] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 Cloud Station Backup VSS Service x64; C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [287256 2016-07-04] ()
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287256 2016-07-04] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [391656 2016-07-22] (Digital Wave Ltd.)
S3 Disconnect Desktop Updater; C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe [358400 2015-09-23] (Disconnect)
S3 disconnect-openvpn; C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\nssm.exe [338944 2014-08-31] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R3 lmhosts; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 lmhosts; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E; C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe [8331360 2015-11-26] (Swisscom (Schweiz) AG)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4692840 2016-08-15] (Acronis International GmbH)
R2 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [7717528 2016-07-18] (Acronis International GmbH)
R2 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1516920 2016-08-21] ()
R2 NlaSvc; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 NlaSvc; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [623848 2016-03-09] (Samsung Electronics Co.,Ltd)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-17] (Microsoft Corporation)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [27632 2016-08-18] (Avira Operations GmbH & Co. KG)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9729272 2016-08-11] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248840 2016-03-18] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WO_LiveService2; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe [257872 2016-07-01] ()
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\TunesGo Retro\DriverInstall.exe [116368 2016-04-16] (Wondershare)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
S3 athr; C:\Windows\System32\drivers\athw10x.sys [4316456 2016-06-16] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-08-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-08-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-08-18] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-08-18] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-09] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-09] (Disc Soft Ltd)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [375136 2016-08-25] (Acronis International GmbH)
R2 LiveTuner2PM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner64.sys [14320 2014-03-20] ()
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-07] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 prl_virtual_hid; C:\Windows\System32\drivers\prl_virtual_hid.sys [19688 2015-09-18] ()
S3 ptun0901; C:\Windows\System32\drivers\ptun0901.sys [27136 2014-08-08] (The OpenVPN Project)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [34608 2016-06-09] (Audials AG)
S3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42064 2016-08-15] (Anchorfree Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1267544 2016-08-25] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [212320 2016-08-25] (Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [687968 2016-08-25] (Acronis International GmbH)
R3 TotRec8; C:\WINDOWS\system32\drivers\TotRec8.sys [125568 2015-10-20] (High Criteria inc.)
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [182480 2016-04-29] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135768 2016-04-28] (Oracle Corporation)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [331104 2016-08-25] (Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; C:\Program Files (x86)\CyberLink\PowerDVD16\Common\NavFilter\000.fcl [29624 2016-03-28] (CyberLink Corp.)
U3 DfSdkS; kein ImagePath
S3 NPF; system32\drivers\NPF.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-07 17:14 - 2016-09-07 17:14 - 00039554 _____ C:\Users\hochs\Downloads\FRST.txt
2016-09-07 17:12 - 2016-09-07 17:12 - 02397696 _____ (Farbar) C:\Users\hochs\Downloads\FRST64.exe
2016-09-07 17:03 - 2016-09-07 17:03 - 03826240 _____ C:\Users\hochs\Downloads\AdwCleaner_6.010.exe
2016-09-07 16:49 - 2016-09-07 16:57 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-07 16:49 - 2016-09-07 16:49 - 00001186 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-09-07 16:49 - 2016-09-07 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-09-07 16:49 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-07 16:49 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-07 16:49 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-07 16:47 - 2016-09-07 16:48 - 22851472 _____ (Malwarebytes ) C:\Users\hochs\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-05 20:21 - 2016-09-05 20:30 - 00000000 ____D C:\Users\hochs\Downloads\okindoft.mkv - hd-area.org
2016-09-05 18:43 - 2016-09-06 18:45 - 00000000 ____D C:\Users\hochs\Downloads\Overkill.Durch.die.Hoelle.zur.Ewigkeit.1980.German.720p.BluRay.x264-GMA - filecrypt.cc
2016-09-04 17:18 - 2016-09-04 17:20 - 00000000 ____D C:\Users\hochs\Downloads\Rampage.President.Down.German.2016.AC3.BDRip.x264-COiNCiDENCE - filecrypt.cc
2016-09-04 14:39 - 2016-09-04 14:44 - 00000000 ____D C:\Users\hochs\Downloads\Star.Trek.Beyond.2016.German.TS.V2.MD.XViD-MULTiPLEX - filecrypt.cc
2016-09-04 14:23 - 2015-12-18 19:48 - 00000000 ____D C:\Users\hochs\Downloads\SolveigMM Video Splitter 5.2.1512.16 Business Edition & Portable
2016-09-04 14:22 - 2016-09-04 14:23 - 67134548 _____ C:\Users\hochs\Downloads\SolveigMM_Video_Splitter_5.2.1512.16_Business_Edition_&_Portable.rar
2016-09-04 14:06 - 2016-09-04 14:29 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Solveig Multimedia
2016-09-04 14:06 - 2016-09-04 14:06 - 00000000 ____D C:\Users\hochs\Documents\Solveig Multimedia
2016-09-04 14:05 - 2016-09-04 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solveig Multimedia
2016-09-04 14:05 - 2016-09-04 14:24 - 00000000 ____D C:\Program Files (x86)\Solveig Multimedia
2016-09-04 14:05 - 2016-09-04 14:05 - 35725504 _____ (Solveig Multimedia ) C:\Users\hochs\Downloads\SolveigMM_AVI_Trimmer_5_0_1603_23.exe
2016-09-04 14:05 - 2016-09-04 14:05 - 00001417 _____ C:\Users\Public\Desktop\SolveigMM AVI Trimmer+.lnk
2016-09-04 13:57 - 2016-09-04 13:57 - 00000000 ____D C:\Users\hochs\AppData\Local\IsolatedStorage
2016-09-04 13:56 - 2016-09-04 13:56 - 00000000 ____D C:\Users\hochs\Documents\Haenlein-Software
2016-09-04 13:56 - 2016-09-04 13:56 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Haenlein-Software
2016-09-04 13:55 - 2016-09-04 13:55 - 29430176 _____ C:\Users\hochs\Downloads\Setup_DVR-Studio HD 3_3.21 (1).exe
2016-09-04 13:55 - 2016-09-04 13:55 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVR-Studio HD 3
2016-09-04 13:54 - 2016-09-04 13:55 - 00001180 _____ C:\Users\admin\Desktop\DVR-Studio HD 3.lnk
2016-09-04 13:54 - 2016-09-04 13:55 - 00000000 ____D C:\Program Files (x86)\DVR-Studio HD 3
2016-09-04 13:53 - 2016-09-04 13:53 - 29430176 _____ C:\Users\hochs\Downloads\Setup_DVR-Studio HD 3_3.21.exe
2016-09-04 13:15 - 2016-09-04 13:24 - 1430589050 _____ C:\Users\hochs\Downloads\Die_Mothman_Prophezeiungen_16.09.03_20-15_zdfneo_115_TVOON_DE.mpg.HD.avi
2016-09-04 13:10 - 2016-09-04 13:24 - 45314000 _____ C:\Users\hochs\Downloads\2016-09-03_20-15_Die-Mothman-Prophezeiungen_zdf-neo_hd.mp4
2016-09-04 13:09 - 2016-09-04 13:09 - 00002387 _____ C:\Users\admin\Desktop\MediathekView - CHIP Installer.lnk
2016-09-04 12:33 - 2016-09-04 12:33 - 00000000 ____D C:\Users\admin\AppData\Local\Free Download Manager
2016-09-04 12:31 - 2016-09-04 12:33 - 07070852 _____ C:\Users\hochs\Downloads\2016-09-03_20-15_Die-Mothman-Prophezeiungen_zdf-neo_hd.mp4.crdownload
2016-09-04 12:19 - 2016-09-04 12:32 - 3008565993 _____ C:\Users\hochs\Downloads\2016-09-03_20-15_Die-Mothman-Prophezeiungen_zdf-neo_hd.mp4.fdmdownload
2016-09-04 12:07 - 2016-09-04 12:08 - 00000000 ____D C:\Users\hochs\MediathekView
2016-09-04 11:58 - 2016-08-08 15:51 - 03065285 _____ C:\Users\admin\Downloads\MediathekView.jar
2016-09-04 11:58 - 2016-08-08 15:51 - 00057344 _____ C:\Users\admin\Downloads\MediathekView__Start.exe
2016-09-04 11:58 - 2016-08-08 15:51 - 00001470 _____ C:\Users\admin\Downloads\Hilfe___bitte_lesen.txt
2016-09-04 11:58 - 2016-08-08 15:51 - 00000364 _____ C:\Users\admin\Downloads\MediathekView__Mac_Start.command
2016-09-04 11:58 - 2016-08-08 15:51 - 00000325 _____ C:\Users\admin\Downloads\MediathekView__Linux.sh
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Windows
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Portable
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\lib
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Info
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Icons
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Copyright
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\bin
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Anleitung
2016-09-04 11:56 - 2016-09-04 11:56 - 01474568 _____ C:\Users\hochs\Downloads\MediathekView - CHIP-Installer.exe
2016-09-04 11:54 - 2016-09-04 11:54 - 39389109 _____ C:\Users\admin\Downloads\MediathekView_12.zip
2016-09-04 11:26 - 2016-09-04 11:26 - 00001124 _____ C:\Users\Public\Desktop\BeeThink SpyDetector 2.0.lnk
2016-09-04 11:26 - 2016-09-04 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeeThink SpyDetector 2.0
2016-09-04 11:26 - 2016-09-04 11:26 - 00000000 ____D C:\Program Files (x86)\BeeThink SpyDetector_2.0
2016-09-04 11:25 - 2016-09-04 11:25 - 01678787 _____ (BeeThink SoftWare, Inc. ) C:\Users\hochs\Downloads\BeeThink_SpyDetector2.0_setup.exe
2016-09-04 10:11 - 2016-09-04 10:11 - 00000000 ____D C:\Users\hochs\AppData\Roaming\DVDVideoSoft
2016-09-04 06:12 - 2016-09-04 06:12 - 01222600 _____ (AVM Software Inc.) C:\Users\hochs\Downloads\pal_install_r132144.exe
2016-09-04 06:12 - 2016-09-04 06:12 - 00002065 _____ C:\Users\admin\Desktop\Paltalk Messenger.lnk
2016-09-04 06:12 - 2016-09-04 06:12 - 00001186 _____ C:\Users\admin\Desktop\Upgrade to Paltalk Extreme.lnk
2016-09-04 06:12 - 2016-09-04 06:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\Paltalk
2016-09-04 06:12 - 2016-09-04 06:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
2016-09-04 06:12 - 2016-09-04 06:12 - 00000000 ____D C:\Program Files (x86)\Paltalk Messenger
2016-09-03 11:03 - 2016-09-03 11:31 - 00000000 ____D C:\Users\hochs\AppData\Roaming\WhatsApp
2016-09-03 11:00 - 2016-09-04 14:26 - 00372872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-03 09:22 - 2016-09-03 09:24 - 00312694 _____ C:\TDSSKiller.3.1.0.11_03.09.2016_09.22.54_log.txt
2016-09-03 09:21 - 2016-09-03 09:22 - 04747704 _____ (AO Kaspersky Lab) C:\Users\hochs\Downloads\tdsskiller.exe
2016-09-03 08:37 - 2016-09-03 08:37 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Yahoo!
2016-09-02 23:24 - 2016-09-02 23:24 - 00000000 ____D C:\Users\hochs\AppData\Roaming\HpUpdate
2016-09-02 18:50 - 2016-09-02 18:50 - 00000921 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-09-02 18:50 - 2016-09-02 18:50 - 00000873 _____ C:\Users\admin\Desktop\Start Tor Browser.lnk
2016-09-02 18:50 - 2016-09-02 18:50 - 00000000 ____D C:\Users\admin\Desktop\Tor Browser
2016-09-02 18:11 - 2016-09-02 18:37 - 00000000 ____D C:\Users\admin\AppData\Local\DisconnectDesktop
2016-09-02 18:11 - 2016-09-02 18:11 - 00001258 _____ C:\Users\admin\Desktop\Disconnect Desktop.lnk
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Mozilla
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disconnect Desktop
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Disconnect
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Local\Caphyon
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Program Files\TAP-Windows
2016-09-02 18:08 - 2016-09-02 18:10 - 71515456 _____ (Disconnect) C:\Users\hochs\Downloads\Disconnect+Desktop.exe
2016-09-02 13:58 - 2016-09-02 14:02 - 00000000 ____D C:\Users\hochs\Downloads\tpdhso
2016-09-02 12:12 - 2016-09-02 13:00 - 00000000 ___RD C:\Users\hochs\Downloads\Schrei.wenn.der.Tingler.kommt.1959.German.720p.BluRay.x264-iFPD
2016-09-02 12:12 - 2016-09-02 12:12 - 68821442 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part23.rar
2016-09-02 12:12 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part22.rar
2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part21.rar
2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part20.rar
2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part19.rar
2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part18.rar
2016-09-02 12:11 - 2016-09-02 12:12 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part17.rar
2016-09-02 12:11 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part16.rar
2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part15.rar
2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part14.rar
2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part13.rar
2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part12.rar
2016-09-02 12:10 - 2016-09-02 12:11 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part11.rar
2016-09-02 12:10 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part10.rar
2016-09-02 12:10 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part09.rar
2016-09-02 12:10 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part08.rar
2016-09-02 12:09 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part07.rar
2016-09-02 12:09 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part06.rar
2016-09-02 12:09 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part05.rar
2016-09-02 12:09 - 2016-09-02 12:10 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part03.rar
2016-09-02 12:09 - 2016-09-02 12:09 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part04.rar
2016-09-02 12:09 - 2016-09-02 12:09 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part02.rar
2016-09-02 12:08 - 2016-09-02 12:09 - 157286400 _____ C:\Users\hochs\Downloads\IPSCH72ARE.part01.rar
2016-09-02 12:05 - 2016-09-02 12:05 - 00006896 _____ C:\Users\hochs\Downloads\29e105b4b84827c1a7694d1a138117dd9c84549f.dlc
2016-09-02 10:30 - 2016-09-02 10:31 - 91468472 _____ (Adobe Systems Incorporated) C:\Users\hochs\Downloads\AcroRdrDC1501720050_de_DE.exe
2016-09-02 10:29 - 2016-09-02 10:29 - 00134646 _____ C:\Users\hochs\Downloads\Offerte P-2017 Urs Hochstrasser neu.pdf
2016-09-02 09:16 - 2016-09-02 09:16 - 00000000 ____D C:\Users\admin\AppData\Local\Avira
2016-09-02 09:15 - 2016-09-02 09:15 - 00002398 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ___RD C:\Users\admin\OneDrive
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\Documents\Bluetooth Folder
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Roaming\SAMSUNG
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Roaming\Atheros
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Roaming\Apple Computer
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\Wondershare
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\CyberLink
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\Clover
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\BMExplorer
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\.swt
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-02 09:14 - 2016-09-02 09:16 - 00000000 ____D C:\Users\admin\AppData\Local\Packages
2016-09-02 09:14 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\ConnectedDevicesPlatform
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Roaming\Adobe
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\VirtualStore
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\TileDataLayer
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\Publishers
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\Google
2016-09-02 03:32 - 2016-09-02 03:32 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Lamantine
2016-09-02 03:30 - 2016-09-07 02:50 - 00000000 ___SD C:\Users\hochs\Documents\Sticky Passwords
2016-09-02 03:29 - 2016-09-02 03:29 - 00001176 _____ C:\Users\Public\Desktop\Sticky Password.lnk
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ___SD C:\Users\admin\Documents\Sticky Passwords
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ____D C:\Users\admin\AppData\Local\PeerDistRepub
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Password
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ____D C:\Program Files (x86)\Sticky Password
2016-09-02 03:28 - 2016-09-02 03:29 - 30170336 _____ (Lamantine Software ) C:\Users\hochs\Downloads\StickyPassword_rev808116.exe
2016-09-02 03:25 - 2016-09-02 09:19 - 00000000 ____D C:\Users\admin
2016-09-02 03:25 - 2016-09-02 03:25 - 00000020 ___SH C:\Users\admin\ntuser.ini
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Vorlagen
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Startmenü
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Netzwerkumgebung
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Lokale Einstellungen
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Eigene Dateien
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Druckumgebung
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Documents\Eigene Videos
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Documents\Eigene Musik
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Documents\Eigene Bilder
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\AppData\Local\Verlauf
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\AppData\Local\Anwendungsdaten
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Anwendungsdaten
2016-09-01 18:18 - 2016-09-01 18:18 - 00000000 ____D C:\Users\hochs\AppData\Local\AviraSpeedup
2016-09-01 18:16 - 2014-05-25 02:36 - 00015360 _____ C:\WINDOWS\system32\SppExtComObjHook.dll
2016-09-01 18:14 - 2014-08-08 18:31 - 00027136 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\ptun0901.sys
2016-09-01 16:24 - 2016-09-01 16:24 - 00002741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002674 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002654 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-09-01 16:24 - 2016-09-01 16:24 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-09-01 16:24 - 2016-09-01 16:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Users\hochs\AppData\Local\Microsoft Help
2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Program Files\Microsoft Office
2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-09-01 16:20 - 2016-09-01 16:20 - 00000000 __RHD C:\MSOCache
2016-09-01 16:16 - 2016-09-01 16:19 - 00000000 ____D C:\Users\hochs\Downloads\86updajulfg3s5d4f
2016-09-01 16:11 - 2016-09-01 16:11 - 00002429 _____ C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira Scout.lnk
2016-09-01 16:11 - 2016-09-01 16:11 - 00002421 _____ C:\Users\hochs\Desktop\Avira Scout.lnk
2016-09-01 16:11 - 2016-09-01 16:11 - 00000000 ____D C:\Users\hochs\AppData\Local\Package Cache
2016-09-01 16:09 - 2016-09-01 17:09 - 00000000 ____D C:\Program Files (x86)\KMSPico
2016-09-01 16:04 - 2016-09-01 17:37 - 00000000 ___HD C:\Users\hochs\Downloads\.ptmp121163
2016-09-01 15:42 - 2016-09-01 15:48 - 00000000 ____D C:\Users\hochs\Downloads\Der.Gendarm.vom.Broadway.1965.GERMAN.DL.720p.HDTV.x264-CDD - filecrypt.cc
2016-09-01 15:23 - 2016-09-01 16:11 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Avira
2016-09-01 15:23 - 2016-09-01 15:23 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-09-01 15:21 - 2016-08-18 15:52 - 00154392 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-09-01 15:21 - 2016-08-18 15:52 - 00144664 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-09-01 15:21 - 2016-08-18 15:52 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-09-01 15:21 - 2016-08-18 15:52 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-09-01 15:10 - 2016-09-01 15:11 - 225639816 _____ C:\Users\hochs\Downloads\avira_antivirus_de-de.exe
2016-09-01 14:44 - 2016-09-01 14:44 - 224665032 _____ C:\Users\hochs\Downloads\avira_internet_security_de(1).exe
2016-09-01 14:43 - 2016-09-01 14:43 - 224665032 _____ C:\Users\hochs\Downloads\avira_internet_security_de.exe
2016-09-01 14:38 - 2016-09-01 14:38 - 00002162 _____ C:\Users\Public\Desktop\Avira Software Updater.lnk
2016-09-01 14:30 - 2016-09-01 14:30 - 04439864 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_de_av_57c81f542973f__ws.exe
2016-09-01 14:28 - 2016-09-01 14:28 - 02983904 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_registry_cleaner_de(1).exe
2016-09-01 14:19 - 2016-09-01 14:20 - 00001370 _____ C:\Users\hochs\Desktop\shutdown.bat.lnk
2016-09-01 14:17 - 2016-09-01 14:17 - 02983904 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_registry_cleaner_de.exe
2016-09-01 14:17 - 2016-09-01 14:17 - 00000289 _____ C:\Users\hochs\Desktop\Wie installiere ich erneut mein Avira Antivirus Produkt - Avira Answers.URL
2016-09-01 14:12 - 2016-09-01 14:13 - 04439864 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_de_av_3021944647_ciukpe49j82kusl080x2_wd.exe
2016-09-01 14:09 - 2016-09-01 14:09 - 04439864 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_de_issudl_3010720132__ws.exe
2016-09-01 14:03 - 2016-09-01 16:11 - 00000000 ____D C:\Users\hochs\AppData\Local\Avira
2016-09-01 13:53 - 2016-09-01 13:53 - 00001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira Phantom VPN.lnk
2016-09-01 13:53 - 2016-09-01 13:53 - 00001124 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2016-09-01 13:51 - 2016-09-07 17:08 - 00000000 ____D C:\Users\Public\Speedup Sessions
2016-09-01 13:51 - 2016-09-06 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-01 13:51 - 2016-09-01 15:21 - 00000000 ____D C:\ProgramData\Avira
2016-09-01 13:51 - 2016-09-01 15:21 - 00000000 ____D C:\Program Files (x86)\Avira
2016-09-01 13:51 - 2016-09-01 13:51 - 04439864 _____ (Avira Operations GmbH & Co. KG) C:\Users\hochs\Downloads\avira_de_atss0_3021944647_tuea2maioyrais5w1baz_wd.exe
2016-09-01 13:51 - 2016-09-01 13:51 - 00001298 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-09-01 13:51 - 2016-09-01 13:51 - 00001227 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2016-09-01 13:40 - 2016-09-01 13:40 - 00028335 _____ C:\ProgramData\1472729999.bdinstall.bin
2016-09-01 13:14 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\Kirschblueten.und.rote.Bohnen.2015.German.1080p.BluRay.x264-CONTRiBUTiON - filecrypt.cc
2016-09-01 13:12 - 2016-09-01 13:12 - 00238909 _____ C:\ProgramData\1472728277.bdinstall.bin
2016-09-01 12:45 - 2016-09-01 15:41 - 00000000 ____D C:\Users\hochs\Downloads\Schweinskopf.Al.Dente.2016.TS.MD.German.XViD-SLiMER - filecrypt.cc
2016-09-01 11:22 - 2016-09-01 11:22 - 00000000 ____D C:\Users\hochs\AppData\Roaming\QuickScan
2016-09-01 11:15 - 2016-09-01 11:16 - 80334050 _____ C:\Users\hochs\Downloads\openatv-5.3-vusolose-20160901_usb.zip
2016-09-01 08:39 - 2016-09-01 08:39 - 01065376 _____ (Google Inc.) C:\Users\hochs\Downloads\ChromeSetup.exe
2016-09-01 08:39 - 2016-09-01 08:39 - 00002351 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-01 08:39 - 2016-09-01 08:39 - 00002339 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-01 08:37 - 2016-09-01 08:37 - 00000826 _____ C:\Users\hochs\Downloads\Preferences.xml
2016-09-01 08:35 - 2016-09-02 10:31 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-09-01 08:35 - 2016-09-01 08:35 - 00002135 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-09-01 08:35 - 2016-09-01 08:35 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-09-01 08:32 - 2016-09-01 08:32 - 00071464 _____ C:\Users\hochs\Downloads\2016_08_31-1-Kontoauszug.pdf
2016-09-01 07:19 - 2016-09-01 07:19 - 00004944 _____ C:\Users\hochs\Downloads\DISKSTATION216_20160901.dss
2016-09-01 02:29 - 2016-08-27 14:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-01 02:29 - 2016-08-27 11:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-01 02:29 - 2016-08-27 07:12 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-01 02:29 - 2016-08-27 07:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-01 02:29 - 2016-08-27 06:58 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-01 02:29 - 2016-08-27 06:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-01 02:29 - 2016-08-27 06:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-01 02:29 - 2016-08-27 06:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-01 02:29 - 2016-08-27 06:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-01 02:29 - 2016-08-27 06:38 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-01 02:29 - 2016-08-27 06:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-01 02:29 - 2016-08-27 06:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-01 02:29 - 2016-08-27 06:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-01 02:29 - 2016-08-20 08:26 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-01 02:29 - 2016-08-20 08:13 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-01 02:29 - 2016-08-20 08:06 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-01 02:29 - 2016-08-20 08:06 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-01 02:29 - 2016-08-20 08:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-01 02:29 - 2016-08-20 08:05 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-01 02:29 - 2016-08-20 08:04 - 07814488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-01 02:29 - 2016-08-20 08:04 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-01 02:29 - 2016-08-20 08:04 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-01 02:29 - 2016-08-20 08:03 - 02257248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-01 02:29 - 2016-08-20 08:03 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-01 02:29 - 2016-08-20 07:52 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 01279328 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-01 02:29 - 2016-08-20 07:52 - 00658776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-01 02:29 - 2016-08-20 07:52 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von hochs (07-09-2016 17:14:42)
Gestartet von C:\Users\hochs\Downloads
Windows 10 Pro Version 1607 (X64) (2016-08-07 12:29:07)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

admin (S-1-5-21-2615813048-3284018108-3599952075-1004 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-2615813048-3284018108-3599952075-500 - Administrator - Disabled) => C:\Users\Administrator
BitBox (S-1-5-21-2615813048-3284018108-3599952075-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-2615813048-3284018108-3599952075-503 - Limited - Disabled)
Gast (S-1-5-21-2615813048-3284018108-3599952075-501 - Limited - Disabled)
hochs (S-1-5-21-2615813048-3284018108-3599952075-1001 - Limited - Enabled) => C:\Users\hochs
HomeGroupUser$ (S-1-5-21-2615813048-3284018108-3599952075-1006 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.2.2075 - Open Media LLC)
Acronis True Image (HKLM-x32\...\{1D97407D-1C0C-4749-8A57-A57C17C71D45}Visible) (Version: 20.0.5534 - Acronis)
Acronis True Image (x32 Version: 20.0.5534 - Acronis) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{6E356EEF-203C-451B-9144-CBF099E3738A}) (Version: 4.54.55.1642 - Elcomsoft Co. Ltd.)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Internet Accelerator 3.20 (HKLM-x32\...\Ashampoo Internet Accelerator 3_is1) (Version: 3.2.0 - ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 14 (HKLM-x32\...\{4209F371-DEAB-BE89-2E8A-9643100258DD}_is1) (Version: 14.00.02 - Ashampoo GmbH & Co. KG)
Audials (HKLM-x32\...\{1FB97FD3-587A-41CC-BDE2-1651FDE7008F}) (Version: 14.1.4900.0 - Audials AG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.20.59 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 1.5.2.25975 - Avira Operations GmbH & Co. KG)
Avira Scout (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\{2e5cccd9-3da2-4641-b197-6d06e92643d0}) (Version: 16.7.11.945 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{96CADA13-A19B-4270-A536-A280EA510DB0}) (Version: 1.2.3.493 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 2.6.1.2751 - Avira Operations GmbH & Co. KG)
AviraScoutMsi (x32 Version: 16.07.11.00945 - Avira Operations GmbH & Co. KG) Hidden
BeeThink SpyDetector 2.0 (HKLM-x32\...\BeeThink SpyDetector_is1) (Version:  - BeeThink SoftWare, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
Bria 4 (HKLM-x32\...\{446E2A79-E395-4FB2-98FE-B39A42153EF0}) (Version: 45.8.1133 - CounterPath Corporation)
Browser in the Box (HKLM-x32\...\BitBox) (Version: 4.3.2-r211 - Sirrix AG)
CamStudio (HKLM-x32\...\CamStudio) (Version:  - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6139 - CDBurnerXP)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Clover 3.0 (HKLM-x32\...\Clover) (Version: 3.0 - EJIE Technology)
cnlabSpeedTest (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\{fxApplication}}_is1) (Version: 1.4.0 - cnlab AG)
CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.1713.60 - CyberLink Corp.)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 3.01 - NCH Software)
Design & Print (HKLM-x32\...\Design & Print 3.0.2) (Version: 3.0.2 - Avery Zweckform)
Disconnect Desktop (x32 Version: 2.0.5 - Disconnect) Hidden
DoNotSpy10 (HKLM-x32\...\{32D066BD-F94C-4948-8FA8-84653EE9617E}_is1) (Version: 1.1.0.0 - pXc-coding.com)
DVBLink Viewer (HKLM-x32\...\{FE33BB16-65E4-41EA-AA5A-D3436058355D}) (Version: 6.0.0000 - DVBLogic)
DVR-Studio HD 3 (HKLM-x32\...\DVR-Studio HD 3) (Version: 3.21 - Haenlein-Software)
ELAN Touchpad 11.5.21.6_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.21.6 - ELAN Microelectronic Corp.)
EMDB 2.56 (HKLM-x32\...\EMDB_is1) (Version:  - Wicked & Wild Inc.)
Epic Games Launcher (HKLM-x32\...\{C8E7C575-FCFA-46B2-8FC0-E8AC65501350}) (Version: 1.1.78.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.6.2.3 - Telerik)
FileBot (HKLM\...\{3C2F8747-8A77-4CF9-8751-83BEA632F148}) (Version: 4.7 - Reinhard Pointner)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.26.721 - Digital Wave Ltd)
Freemake Video Converter Version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.89 - Google Inc.)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HexChat (HKLM\...\HexChat_is1) (Version: 2.12.1 - HexChat)
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{9086D601-50B7-491D-A143-28193DADE36B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6700 Hilfe (HKLM-x32\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.37 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{724A887F-2B55-4306-B6F9-8F0E7A04B1B5}) (Version: 5.2.2.87 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IPTV Playlist Editor (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\b5c1fe538a4271cb) (Version: 1.2.0.0 - Jan Sušnik)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KaraFun Player 2 (HKLM-x32\...\KaraFun Player 2_is1) (Version: 2.2.10.1 - Recisio)
KeePass Password Safe 2.34 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.34 - Dominik Reichl)
Kodi (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Kodi) (Version:  - XBMC-Foundation)
Kodi M3U IPTV Editor (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\9dd71a3ef5f76512) (Version: 1.3.6.0 - Gabriel Denys)
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.3.1 (HKLM-x32\...\{26AC9666-A2C6-4D33-8370-A50F50F277C4}_is1) (Version: 1.3.1 - Sam Rodberg)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)
MyHarmony (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
MyMDb 3.6 (HKLM-x32\...\MyMDb_0) (Version:  - )
MyMDb 3.6 (HKLM-x32\...\MyMDb_1) (Version:  - )
Nero 2016 (HKLM-x32\...\{4297E807-5633-466A-8AC0-5AC48D310471}) (Version: 17.0.02000 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
OpenVPN 2.3.8-I601  (HKLM-x32\...\OpenVPN) (Version: 2.3.8-I601 - )
Oracle VM VirtualBox 5.0.20_Sirrix (HKLM\...\{D5D3DA57-5784-4703-845B-7AC08D13C4DE}) (Version: 5.0.20 - Sirrix AG)
Outils de vérification linguistique 2016 de Microsoft Office*- Français (x32 Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Paltalk Messenger  11.7 (HKLM-x32\...\Paltalk Messenger) (Version: 11.7.646.17836 - AVM Software Inc.)
Password Safe and Repository 7 (HKLM\...\{7B6F4DF3-57DA-49AD-8A6B-5639E9D66E8B}) (Version: 7.5.1.2259 - MATESO GmbH)
PeaZip 6.1.0 (WIN64) (HKLM\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: 6.1.0 - Giorgio Tani)
PeaZip configuration (WIN64) (HKLM\...\{4F8D60A8-C53D-47BD-AE5C-31AE6566D638}_is1) (Version:  - Giorgio Tani)
Playlist Creator 3.6.2 (HKLM-x32\...\Playlist Creator 3.6.2) (Version: 3.6.2.0 - oddgravity)
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 3.0.7.0 - Goversoft LLC)
Python Launcher (HKLM-x32\...\{963ECCDD-F09F-4C24-9367-8B5D748AA7C8}) (Version: 3.5.2121.0 - Python Software Foundation)
Qt (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\{81da7fc6-efa6-4d35-b234-db73874b715f}) (Version: 2.0.3 - The Qt Company Ltd)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros Communications)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
RT 7 Lite (64-Bit) (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\RT 7 Lite x64) (Version: 2.6.0 - Rockers Team)
RT 7 Lite x64 (Version: 2.6.0 - Rockers Team) Hidden
Samsung Link 2.0.0.1603091618 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1603091618 - Samsung Electronics Co.,Ltd)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.7 - Samsung Electronics)
Samsung Portable SSD T3 (HKLM-x32\...\Samsung Portable SSD T3_is1) (Version: 1.3 - Samsung Electronics)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
Smart View (HKLM-x32\...\{C7B50A89-F1D6-41C1-9375-0AF0C4CFE66F}) (Version: 1.0.0.0 - Samsung )
SolveigMM AVI Trimmer+ Version 5.0.1603.23 (HKLM-x32\...\SolveigMM AVI Trimmer_is1) (Version: 5.0.1603.23 - Solveig Multimedia)
Star Downloader Free (HKLM-x32\...\Star Downloader Free) (Version:  - )
Stashimi Stub Installer (x32 Version: 18.001.1 - Nero AG) Hidden
Sticky Password 8.0.8.116 (HKLM-x32\...\Sticky Password_is1) (Version: 8.0 - Lamantine Software)
Streaming Video Recorder V5.1.5 (HKLM-x32\...\{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1) (Version: 5.1.5 - APOWERSOFT LIMITED)
Strumenti di correzione di Microsoft Office 2016 - Italiano (x32 Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )
Synology Cloud Station Backup (remove only) (HKLM\...\Synology Cloud Station Backup) (Version: 4.1.4224 - Synology, Inc.)
Synology Cloud Station Drive (remove only) (HKLM\...\Synology Cloud Station Drive) (Version: 4.1.4224 - Synology, Inc.)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
Total Network Inventory 3.2.6 (build 2170) (HKLM-x32\...\Total Network Inventory 3_is1) (Version: 3.2.6 (build 2170) - Softinventive Lab Inc.)
Total Network Monitor 2.2.0 build 5530 (HKLM-x32\...\Total Network Monitor 2_is1) (Version: 2.2.0.5530 - Softinventive Lab Inc.)
Total Recorder 8.6 Standard Edition (HKLM-x32\...\TotalRecorder) (Version:  - )
TraXEx 7.0 (HKLM-x32\...\TraXEx_is1) (Version: 7.0.5.0 - Alexander Miehlke Softwareentwicklung)
Unreal Tournament 3 Black Edition (HKLM-x32\...\Unreal Tournament 3 Black Edition_is1) (Version:  - )
Update for Skype for Business 2016 (KB3115087) 32-Bit Edition (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}_Office16.PROPLUS_{3548386C-51B2-4935-9EFC-76AB7048E4C0}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3115087) 32-Bit Edition (HKLM-x32\...\{90160000-012B-0407-0000-0000000FF1CE}_Office16.PROPLUS_{3548386C-51B2-4935-9EFC-76AB7048E4C0}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WD My Cloud (HKLM\...\{8F19C800-80A5-4636-B560-39A58112D45B}) (Version: 1.0.4.37 - Western Digital Technologies, Inc.)
Web Stream Recorder (HKLM-x32\...\{8AAD9D0F-567C-4F8C-A0DA-1AB5B1243F68}_is1) (Version: 2015 - Bolide Software)
WhatsApp (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\WhatsApp) (Version: 0.2.1455 - WhatsApp)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17349 - Microsoft Corporation)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinSCP 5.9.1 (HKLM-x32\...\winscp3_is1) (Version: 5.9.1 - Martin Prikryl)
Wondershare TunesGo Retro ( Version 4.9.4 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 4.9.4 - Wondershare)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.23-0 - Bitnami)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.8.9.20150724 - Xilisoft)
Yahoo Messenger (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\yahoomessenger) (Version: 0.8.267 - Yahoo! Inc)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => 
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => 
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job =>  <==== ACHTUNG
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job =>  <==== ACHTUNG
Task: C:\WINDOWS\Tasks\HPCeeScheduleForhochs.job => 

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\hochs\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.html

ShortcutWithArgument: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt\5.7\MinGW 5.3.0 (32-bit)\Qt 5.7 for Desktop (MinGW 5.3.0 32 bit).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /A /Q /K C:\Qt\5.7\mingw53_32\bin\qtenv2.bat
ShortcutWithArgument: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt\5.6\MinGW 4.9.2 (32-bit)\Qt 5.6 for Desktop (MinGW 4.9.2 32 bit).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /A /Q /K C:\Qt\5.6\mingw49_32\bin\qtenv2.bat

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-07 14:31 - 2016-08-07 14:31 - 00959168 _____ () C:\Users\hochs\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 13:43 - 2016-08-24 03:38 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 13:43 - 2016-09-01 02:26 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-01 02:29 - 2016-08-20 06:54 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-16 13:43 - 2016-09-01 02:26 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-01 02:29 - 2016-08-20 06:54 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-09-25 03:04 - 2013-09-25 03:04 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-25 03:01 - 2013-09-25 03:01 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-25 03:08 - 2013-09-25 03:08 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2016-08-21 14:28 - 2016-08-21 14:28 - 00586352 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2016-05-27 13:45 - 2016-03-09 17:18 - 00025088 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2016-05-27 13:45 - 2016-03-09 17:18 - 00049664 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2013-12-21 11:25 - 2013-12-21 11:25 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 11:26 - 2013-12-21 11:26 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 00030720 _____ () C:\WINDOWS\SYSTEM32\MediaDB64.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 00908800 _____ () C:\WINDOWS\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00016896 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00049152 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00299520 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00058880 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 04535192 _____ () C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe
2016-08-21 15:11 - 2016-08-21 15:11 - 04657312 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe:BDU [0]
AlternateDataStreams: C:\ProgramData\TEMP:D31D1159 [148]
AlternateDataStreams: C:\Users\hochs\Desktop\tdsskiller.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\4kvideodownloader_4.1.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\ashampoo_winoptimizer_14_e14.00.02_sm.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\ChromeSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\da9e.tmp:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\IDM_Pre (1).exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\IDM_Pre.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\Nicht bestätigt 426776.crdownload:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\Nicht bestätigt 72968.crdownload:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\Nicht bestätigt 790328.crdownload:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\putty.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\puttytel.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\sdfree.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\SlimDrivers-setup.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\traxex70.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\TVCSUTSetup_V1.0.0.2.exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\vlc-2.2.4-win32(1).exe:BDU [0]
AlternateDataStreams: C:\Users\hochs\Downloads\vlc-2.2.4-win32.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7914 mehr Seiten.

IE trusted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7914 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-08-28 14:02 - 2016-09-01 13:10 - 00000021 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{71BC129C-DD6F-4727-8E33-B3F72F789FCF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2BCDD67C-3F96-40D2-AFFB-3D4D9DF92F3E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DF06A1D3-2D4E-4328-B0BE-E39765116DF0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{454DE9C3-1D7E-400B-A792-9A6FE6AD393C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5EB3A212-D803-4E22-8BC4-7058DDEEE41A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8DEAC3A1-4C3F-49E3-9654-480C27A8EDB8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{9B54A4BA-29F0-4D56-A69B-F6FF9815D1B9}C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{B5793EA5-DBFC-4121-94ED-5B37D9317901}C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{0D14957E-832B-4B7F-951A-325AC2201CFB}C:\users\hochs\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\hochs\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [UDP Query User{2E41912B-61BE-48DA-BEC3-A6F2C68BF9EE}C:\users\hochs\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\hochs\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [TCP Query User{678E119B-A233-45E6-A725-A6A33BD246DB}C:\program files\samsung\samsung link\samsung link tray agent.exe] => (Allow) C:\program files\samsung\samsung link\samsung link tray agent.exe
FirewallRules: [UDP Query User{C1310BC5-F429-4A87-B7EC-1BF81C20A04C}C:\program files\samsung\samsung link\samsung link tray agent.exe] => (Allow) C:\program files\samsung\samsung link\samsung link tray agent.exe
FirewallRules: [TCP Query User{69256106-0642-4C68-B603-E70390ACE657}C:\program files (x86)\counterpath\bria 4\bria4.exe] => (Allow) C:\program files (x86)\counterpath\bria 4\bria4.exe
FirewallRules: [UDP Query User{AC30E9FC-FB28-422C-ACCA-7E3E7F7D175B}C:\program files (x86)\counterpath\bria 4\bria4.exe] => (Allow) C:\program files (x86)\counterpath\bria 4\bria4.exe
FirewallRules: [{889938CA-6E77-4AE4-8E54-7FE28D2E4CE2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
FirewallRules: [{58C0D146-0CFC-4BB0-9B67-BFACDE543F6B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
FirewallRules: [{DAAD7992-B9D3-4CB9-80EA-52D898804520}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{60C076A3-7850-449E-A412-01F75CA482E7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{8DA3ED20-46F5-4DA2-9DA6-8DE5201190DB}] => (Allow) LPort=1688
FirewallRules: [{3FA5C158-EB01-4D72-856C-723D882B8DF8}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe
FirewallRules: [{FF620410-5524-49C5-B096-CD8632AF202E}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe
FirewallRules: [TCP Query User{511025B3-0383-4480-A08C-F1CDCA5F588A}C:\program files (x86)\counterpath\bria 4\bria4.exe] => (Allow) C:\program files (x86)\counterpath\bria 4\bria4.exe
FirewallRules: [UDP Query User{B2CE4AA4-3E6C-4889-9B4F-431DC70C8A99}C:\program files (x86)\counterpath\bria 4\bria4.exe] => (Allow) C:\program files (x86)\counterpath\bria 4\bria4.exe
FirewallRules: [TCP Query User{88F2C063-DC0A-4E23-A3B0-5812D4D955F6}C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{8143A44A-CF79-4B7F-A40C-5D6B5250DB27}C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{47104632-9649-476B-9B46-E0C08B74F7FD}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [UDP Query User{6890CE15-6432-4588-9536-B2BDF4ACF54A}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [TCP Query User{E5D59600-8DE6-4481-80D4-DD74592385F5}D:\candiload\load.exe] => (Allow) D:\candiload\load.exe
FirewallRules: [UDP Query User{0FFC06CE-8CD4-41A5-9FC7-4EB39B68694D}D:\candiload\load.exe] => (Allow) D:\candiload\load.exe
FirewallRules: [TCP Query User{02FADEE2-2C87-475E-B663-491838DD6E34}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [UDP Query User{F3779F9F-F43E-4D27-BB13-A5920D03C3FF}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [{CDD20C47-B894-413A-8455-185D51FA810D}] => (Allow) C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\\openvpn\bin\openvpn.exe
FirewallRules: [{1277B574-7D5C-41CF-9C14-BB5A5840FE29}] => (Allow) C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\\openvpn\bin\openvpnserv.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.


==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Killer Wireless-N 1202 Network Adapter
Description: Killer Wireless-N 1202 Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/07/2016 05:14:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (09/07/2016 05:13:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (09/07/2016 05:13:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (09/07/2016 05:12:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (09/07/2016 05:11:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (09/07/2016 05:11:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (09/07/2016 05:10:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (09/07/2016 05:10:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (09/07/2016 05:10:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (09/07/2016 05:09:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.


Systemfehler:
=============
Error: (09/07/2016 05:07:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Audio" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/07/2016 05:07:28 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/07/2016 05:07:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/07/2016 05:07:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/07/2016 05:07:16 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (09/07/2016 05:07:16 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (09/07/2016 05:07:15 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "HomeGroupListener" wurde mit dem folgenden dienstspezifischen Fehler beendet: 
%%2147944153 = In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.

Error: (09/07/2016 05:06:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/07/2016 05:06:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Ashampoo LiveTuner 2 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/07/2016 05:06:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Acronis Sync Agent Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 10%
Installierter physikalischer RAM: 32717.54 MB
Verfügbarer physikalischer RAM: 29166.11 MB
Summe virtueller Speicher: 32917.54 MB
Verfügbarer virtueller Speicher: 28135.16 MB

==================== Laufwerke ================================

Drive c: (Windows 10 ) (Fixed) (Total:380.77 GB) (Free:28.56 GB) NTFS
Drive d: () (Fixed) (Total:931.39 GB) (Free:101.48 GB) NTFS
Drive y: (Videos) (Network) (Total:3663.13 GB) (Free:3009.36 GB) NTFS
Drive z: (VIDEOS) (Network) (Total:2678.31 GB) (Free:2089.7 GB) NTFS

==================== MBR & Partitionstabelle ==================

==================== Ende von Addition.txt ============================
         

Alt 08.09.2016, 13:59   #10
Deathkid535
/// Malwareteam
 
Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus - Standard

Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus



Hi,

ich bräuchte das Log von MBAM: Malwarebytes Anti-Malware Logfile finden - Anleitungen

Und FRST bitte mit Admin-Rechten wiederholen.

Alt 08.09.2016, 19:57   #11
powerzug
 
Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus - Standard

Log File Malwarebytes



Hallo Dennis

Hier noch das Logfile von Malwarebytes :

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 08.09.2016
Suchlaufzeit: 20:39
Protokolldatei: malwarebytes-log-08-09-2016.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.09.08.08
Rootkit-Datenbank: v2016.08.15.01
Lizenz: Premium-Version
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: admin

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 429474
Abgelaufene Zeit: 9 Min., 5 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         

Alt 08.09.2016, 20:26   #12
powerzug
 
Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus - Standard

Log von FRST



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von admin (Administrator) auf DESKTOP-GBIJB17 (08-09-2016 21:18:15)
Gestartet von D:\FRST
Geladene Profile: hochs & admin (Verfügbare Profile: hochs & admin & Administrator)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
() C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
() C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Visicom Media Inc.) C:\ProgramData\ManyCam\Service\ManyCamService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
() C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe
(CounterPath) C:\Program Files (x86)\CounterPath\Bria 4\Bria4.exe
(Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe
(Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe
(Yahoo! Inc) C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(The CefSharp Authors) C:\Program Files (x86)\CounterPath\Bria 4\CefSharp.BrowserSubprocess.exe
(Alexander Miehlke Softwareentwicklung) C:\Program Files (x86)\TraXEx\TraXEx.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(AVM Software Inc.) C:\Program Files (x86)\Paltalk Messenger\paltalk.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(EJIE Technology) C:\Program Files (x86)\Clover\clover.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350232 2016-06-16] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [586352 2016-08-21] ()
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [615144 2016-03-09] (Samsung Electronics Co.,Ltd)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe [4164944 2016-07-01] (Ashampoo Development GmbH & Co. KG)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4657312 2016-08-21] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [PowerDVD16Agent] => C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe [525352 2016-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425352 2016-06-03] (Acronis International GmbH)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2779136 2016-06-11] (Dominik Reichl)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [18520 2016-08-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [830064 2016-09-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [DeleteOnReboot] => C:\Users\admin\AppData\Local\Temp\DeleteOnReboot.bat <===== ACHTUNG
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Atheros Communications)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1084688 2016-04-21] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe [4535192 2016-06-09] ()
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Bria 4] => C:\Program Files (x86)\CounterPath\Bria 4\Bria4.exe [4734344 2016-07-11] (CounterPath)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Yahoo Messenger Updater] => C:\Users\hochs\AppData\Roaming\Yahoo Messenger\YMUpdater\YMUpdater.exe [115144 2016-08-18] (Yahoo!, Inc.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Yahoo Messenger] => C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\Yahoo Messenger.exe [61315088 2016-08-18] (Yahoo! Inc)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [Free Download Manager] => "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [64000 2016-08-10] (Lamantine Software a.s.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\MountPoints2: {3aefeae5-1f0f-11e6-9b9c-806e6f6e6963} - "E:\pcwstart.exe" 
HKU\S-1-5-21-2615813048-3284018108-3599952075-1004\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [64000 2016-08-10] (Lamantine Software a.s.)
HKU\S-1-5-21-2615813048-3284018108-3599952075-1004\...\RunOnce: [gi1060840868] => "C:\Users\admin\AppData\Local\Temp\gi34UBJM.exe" /resume:"C:\Users\admin\AppData\Local\Temp\2C34U6OB" /exename:"C:\Users\hochs\Downloads\SolveigMM Video Splitter 5.2.1512.16 Business Edition & Portabl (Der Dateneintrag hat 60 mehr Zeichen). <===== ACHTUNG
HKU\S-1-5-21-2615813048-3284018108-3599952075-1004\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[C4].txt
ShellIconOverlayIdentifiers: [   01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} =>  Keine Datei
ShellIconOverlayIdentifiers: [   02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} =>  Keine Datei
ShellIconOverlayIdentifiers: [   03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} =>  Keine Datei
ShellIconOverlayIdentifiers: [   04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} =>  Keine Datei
ShellIconOverlayIdentifiers: [   05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} =>  Keine Datei
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2016-09-04]
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TraXEx 7.0.lnk [2016-09-01]
ShortcutTarget: TraXEx 7.0.lnk -> C:\Program Files (x86)\TraXEx\TraXEx.exe (Alexander Miehlke Softwareentwicklung)
Startup: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2016-08-14] ()
Startup: C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2016-08-30]
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{312630d7-a3ea-4a35-adc2-e36214d724f3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{81c71945-0989-48f6-948e-0f58b3f79291}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9758ba7f-718c-4803-9b3d-86710972f7a9}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{fd990bb7-d9d2-4a29-aa70-f3b31832c661}: [DhcpNameServer] 10.143.14.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-06] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-06] (Oracle Corporation)
BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll [2014-01-23] (EJIE Technology)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-06] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-06] (Oracle Corporation)
BHO-x32: Kein Name -> {FFFFFEF0-5B30-21D4-945D-000000000000} -> C:\Program Files (x86)\Star Downloader\SDIEInt.dll [2006-02-26] ()
Toolbar: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Keine Datei
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-06] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-08-26] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-06] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-08-26] (LastPass)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-05-27] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-08-28] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-05-27] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Firefox\Extensions: [{76dccd48-a276-11e5-8934-cd441d5d46b0}] - C:\Users\hochs\AppData\Roaming\Lamantine\Sticky Password\spAutofillMoz => nicht gefunden
FF HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => nicht gefunden

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hmobfennjmjnkdbklhcnnfbhfibedgkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jeoacafpbcihiomhlakheieifhpjdfeo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1277688 2016-08-21] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6086744 2016-08-25] ()
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert]
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [989696 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1454720 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [253392 2016-08-26] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [26760 2016-08-23] (Avira Operations GmbH & Co. KG)
R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2016-06-20] (Sirrix AG) [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-08-29] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 Cloud Station Backup VSS Service x64; C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [287256 2016-07-04] ()
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287256 2016-07-04] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [391656 2016-07-22] (Digital Wave Ltd.)
S3 Disconnect Desktop Updater; C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe [358400 2015-09-23] (Disconnect)
S3 disconnect-openvpn; C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\nssm.exe [338944 2014-08-31] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
S3 m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E; C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe [8331360 2015-11-26] (Swisscom (Schweiz) AG)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4692840 2016-08-15] (Acronis International GmbH)
R2 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [7717528 2016-07-18] (Acronis International GmbH)
R2 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1516920 2016-08-21] ()
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [623848 2016-03-09] (Samsung Electronics Co.,Ltd)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-17] (Microsoft Corporation)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [27632 2016-08-18] (Avira Operations GmbH & Co. KG)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9729272 2016-08-11] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248840 2016-03-18] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WO_LiveService2; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe [257872 2016-07-01] ()
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\TunesGo Retro\DriverInstall.exe [116368 2016-04-16] (Wondershare)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
S3 athr; C:\Windows\System32\drivers\athw10x.sys [4316456 2016-06-16] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-08-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-08-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-08-18] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-08-18] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-09] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-09] (Disc Soft Ltd)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [375136 2016-08-25] (Acronis International GmbH)
R2 LiveTuner2PM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner64.sys [14320 2014-03-20] ()
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-08] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 prl_virtual_hid; C:\Windows\System32\drivers\prl_virtual_hid.sys [19688 2015-09-18] ()
S3 ptun0901; C:\Windows\System32\drivers\ptun0901.sys [27136 2014-08-08] (The OpenVPN Project)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [34608 2016-06-09] (Audials AG)
S3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42064 2016-08-15] (Anchorfree Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1267544 2016-08-25] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [212320 2016-08-25] (Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [687968 2016-08-25] (Acronis International GmbH)
R3 TotRec8; C:\WINDOWS\system32\drivers\TotRec8.sys [125568 2015-10-20] (High Criteria inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [182480 2016-04-29] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135768 2016-04-28] (Oracle Corporation)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [331104 2016-08-25] (Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; C:\Program Files (x86)\CyberLink\PowerDVD16\Common\NavFilter\000.fcl [29624 2016-03-28] (CyberLink Corp.)
U3 DfSdkS; kein ImagePath
S3 NPF; system32\drivers\NPF.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-08 21:04 - 2016-09-08 21:04 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2016-09-08 21:04 - 2016-09-08 21:04 - 00000000 ____D C:\Program Files\Unlocker
2016-09-08 20:38 - 2016-09-08 20:38 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-08 20:37 - 2016-09-08 20:37 - 00001186 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-09-08 20:37 - 2016-09-08 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-09-08 20:37 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-08 20:37 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-08 20:37 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-07 17:12 - 2016-09-07 17:12 - 02397696 _____ (Farbar) C:\Users\hochs\Downloads\FRST64.exe
2016-09-04 14:06 - 2016-09-04 14:06 - 00000000 ____D C:\Users\hochs\Documents\Solveig Multimedia
2016-09-04 14:05 - 2016-09-04 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solveig Multimedia
2016-09-04 14:05 - 2016-09-04 14:24 - 00000000 ____D C:\Program Files (x86)\Solveig Multimedia
2016-09-04 14:05 - 2016-09-04 14:05 - 00001417 _____ C:\Users\Public\Desktop\SolveigMM AVI Trimmer+.lnk
2016-09-04 13:57 - 2016-09-04 13:57 - 00000000 ____D C:\Users\hochs\AppData\Local\IsolatedStorage
2016-09-04 13:56 - 2016-09-04 13:56 - 00000000 ____D C:\Users\hochs\Documents\Haenlein-Software
2016-09-04 13:55 - 2016-09-04 13:55 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVR-Studio HD 3
2016-09-04 13:54 - 2016-09-04 13:55 - 00001180 _____ C:\Users\admin\Desktop\DVR-Studio HD 3.lnk
2016-09-04 13:54 - 2016-09-04 13:55 - 00000000 ____D C:\Program Files (x86)\DVR-Studio HD 3
2016-09-04 13:09 - 2016-09-04 13:09 - 00002387 _____ C:\Users\admin\Desktop\MediathekView - CHIP Installer.lnk
2016-09-04 12:33 - 2016-09-04 12:33 - 00000000 ____D C:\Users\admin\AppData\Local\Free Download Manager
2016-09-04 12:07 - 2016-09-04 12:08 - 00000000 ____D C:\Users\hochs\MediathekView
2016-09-04 11:58 - 2016-08-08 15:51 - 03065285 _____ C:\Users\admin\Downloads\MediathekView.jar
2016-09-04 11:58 - 2016-08-08 15:51 - 00057344 _____ C:\Users\admin\Downloads\MediathekView__Start.exe
2016-09-04 11:58 - 2016-08-08 15:51 - 00001470 _____ C:\Users\admin\Downloads\Hilfe___bitte_lesen.txt
2016-09-04 11:58 - 2016-08-08 15:51 - 00000364 _____ C:\Users\admin\Downloads\MediathekView__Mac_Start.command
2016-09-04 11:58 - 2016-08-08 15:51 - 00000325 _____ C:\Users\admin\Downloads\MediathekView__Linux.sh
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Windows
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Portable
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\lib
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Info
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Icons
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Copyright
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\bin
2016-09-04 11:58 - 2016-08-08 15:51 - 00000000 ____D C:\Users\admin\Downloads\Anleitung
2016-09-04 11:54 - 2016-09-04 11:54 - 39389109 _____ C:\Users\admin\Downloads\MediathekView_12.zip
2016-09-04 11:26 - 2016-09-04 11:26 - 00001124 _____ C:\Users\Public\Desktop\BeeThink SpyDetector 2.0.lnk
2016-09-04 11:26 - 2016-09-04 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeeThink SpyDetector 2.0
2016-09-04 11:26 - 2016-09-04 11:26 - 00000000 ____D C:\Program Files (x86)\BeeThink SpyDetector_2.0
2016-09-04 06:12 - 2016-09-04 06:12 - 00002065 _____ C:\Users\admin\Desktop\Paltalk Messenger.lnk
2016-09-04 06:12 - 2016-09-04 06:12 - 00001186 _____ C:\Users\admin\Desktop\Upgrade to Paltalk Extreme.lnk
2016-09-04 06:12 - 2016-09-04 06:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\Paltalk
2016-09-04 06:12 - 2016-09-04 06:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
2016-09-04 06:12 - 2016-09-04 06:12 - 00000000 ____D C:\Program Files (x86)\Paltalk Messenger
2016-09-03 11:00 - 2016-09-04 14:26 - 00372872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-03 09:22 - 2016-09-03 09:24 - 00312694 _____ C:\TDSSKiller.3.1.0.11_03.09.2016_09.22.54_log.txt
2016-09-02 18:50 - 2016-09-02 18:50 - 00000921 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-09-02 18:50 - 2016-09-02 18:50 - 00000873 _____ C:\Users\admin\Desktop\Start Tor Browser.lnk
2016-09-02 18:50 - 2016-09-02 18:50 - 00000000 ____D C:\Users\admin\Desktop\Tor Browser
2016-09-02 18:11 - 2016-09-02 18:37 - 00000000 ____D C:\Users\admin\AppData\Local\DisconnectDesktop
2016-09-02 18:11 - 2016-09-02 18:11 - 00003764 _____ C:\WINDOWS\System32\Tasks\Disconnect Desktop Updater
2016-09-02 18:11 - 2016-09-02 18:11 - 00001258 _____ C:\Users\admin\Desktop\Disconnect Desktop.lnk
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Mozilla
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disconnect Desktop
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Disconnect
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Users\admin\AppData\Local\Caphyon
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2016-09-02 18:11 - 2016-09-02 18:11 - 00000000 ____D C:\Program Files\TAP-Windows
2016-09-02 09:16 - 2016-09-02 09:16 - 00000000 ____D C:\Users\admin\AppData\Local\Avira
2016-09-02 09:15 - 2016-09-02 09:15 - 00002398 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ___RD C:\Users\admin\OneDrive
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\Documents\Bluetooth Folder
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Roaming\SAMSUNG
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Roaming\Atheros
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Roaming\Apple Computer
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\Wondershare
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\CyberLink
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\Clover
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\BMExplorer
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\.swt
2016-09-02 09:15 - 2016-09-02 09:15 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-02 09:14 - 2016-09-02 09:16 - 00000000 ____D C:\Users\admin\AppData\Local\Packages
2016-09-02 09:14 - 2016-09-02 09:15 - 00000000 ____D C:\Users\admin\AppData\Local\ConnectedDevicesPlatform
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Roaming\Adobe
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\VirtualStore
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\TileDataLayer
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\Publishers
2016-09-02 09:14 - 2016-09-02 09:14 - 00000000 ____D C:\Users\admin\AppData\Local\Google
2016-09-02 03:30 - 2016-09-08 06:43 - 00000000 ___SD C:\Users\hochs\Documents\Sticky Passwords
2016-09-02 03:29 - 2016-09-02 03:29 - 00001176 _____ C:\Users\Public\Desktop\Sticky Password.lnk
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ___SD C:\Users\admin\Documents\Sticky Passwords
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ____D C:\Users\admin\AppData\Local\PeerDistRepub
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Password
2016-09-02 03:29 - 2016-09-02 03:29 - 00000000 ____D C:\Program Files (x86)\Sticky Password
2016-09-02 03:25 - 2016-09-02 09:19 - 00000000 ____D C:\Users\admin
2016-09-02 03:25 - 2016-09-02 03:25 - 00000020 ___SH C:\Users\admin\ntuser.ini
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Vorlagen
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Startmenü
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Netzwerkumgebung
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Lokale Einstellungen
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Eigene Dateien
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Druckumgebung
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Documents\Eigene Videos
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Documents\Eigene Musik
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Documents\Eigene Bilder
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\AppData\Local\Verlauf
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\AppData\Local\Anwendungsdaten
2016-09-02 03:25 - 2016-09-02 03:25 - 00000000 _SHDL C:\Users\admin\Anwendungsdaten
2016-09-01 18:18 - 2016-09-01 18:18 - 00000000 ____D C:\Users\hochs\AppData\Local\AviraSpeedup
2016-09-01 18:16 - 2014-05-25 02:36 - 00015360 _____ C:\WINDOWS\system32\SppExtComObjHook.dll
2016-09-01 18:14 - 2014-08-08 18:31 - 00027136 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\ptun0901.sys
2016-09-01 16:24 - 2016-09-01 16:24 - 00002741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002674 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002654 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-09-01 16:24 - 2016-09-01 16:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-09-01 16:24 - 2016-09-01 16:24 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-09-01 16:24 - 2016-09-01 16:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Users\hochs\AppData\Local\Microsoft Help
2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Program Files\Microsoft Office
2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-09-01 16:20 - 2016-09-01 16:20 - 00000000 __RHD C:\MSOCache
2016-09-01 16:11 - 2016-09-01 16:11 - 00002429 _____ C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira Scout.lnk
2016-09-01 16:11 - 2016-09-01 16:11 - 00002421 _____ C:\Users\hochs\Desktop\Avira Scout.lnk
2016-09-01 16:11 - 2016-09-01 16:11 - 00000000 ____D C:\Users\hochs\AppData\Local\Package Cache
2016-09-01 16:09 - 2016-09-01 17:09 - 00000000 ____D C:\Program Files (x86)\KMSPico
2016-09-01 15:23 - 2016-09-01 15:23 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-09-01 15:21 - 2016-08-18 15:52 - 00154392 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-09-01 15:21 - 2016-08-18 15:52 - 00144664 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-09-01 15:21 - 2016-08-18 15:52 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-09-01 15:21 - 2016-08-18 15:52 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-09-01 14:38 - 2016-09-01 14:38 - 00002162 _____ C:\Users\Public\Desktop\Avira Software Updater.lnk
2016-09-01 14:19 - 2016-09-01 14:20 - 00001370 _____ C:\Users\hochs\Desktop\shutdown.bat.lnk
2016-09-01 14:17 - 2016-09-01 14:17 - 00000289 _____ C:\Users\hochs\Desktop\Wie installiere ich erneut mein Avira Antivirus Produkt - Avira Answers.URL
2016-09-01 14:03 - 2016-09-01 16:11 - 00000000 ____D C:\Users\hochs\AppData\Local\Avira
2016-09-01 13:53 - 2016-09-01 13:53 - 00001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira Phantom VPN.lnk
2016-09-01 13:53 - 2016-09-01 13:53 - 00001124 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2016-09-01 13:51 - 2016-09-08 21:07 - 00000000 ____D C:\Users\Public\Speedup Sessions
2016-09-01 13:51 - 2016-09-06 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-01 13:51 - 2016-09-01 15:21 - 00000000 ____D C:\ProgramData\Avira
2016-09-01 13:51 - 2016-09-01 15:21 - 00000000 ____D C:\Program Files (x86)\Avira
2016-09-01 13:51 - 2016-09-01 13:51 - 00003430 _____ C:\WINDOWS\System32\Tasks\Avira System Speedup Tray
2016-09-01 13:51 - 2016-09-01 13:51 - 00001298 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-09-01 13:51 - 2016-09-01 13:51 - 00001227 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2016-09-01 13:40 - 2016-09-01 13:40 - 00028335 _____ C:\ProgramData\1472729999.bdinstall.bin
2016-09-01 13:12 - 2016-09-01 13:12 - 00238909 _____ C:\ProgramData\1472728277.bdinstall.bin
2016-09-01 08:39 - 2016-09-01 08:39 - 00002351 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-01 08:39 - 2016-09-01 08:39 - 00002339 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-01 08:35 - 2016-09-02 10:31 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-09-01 08:35 - 2016-09-02 10:31 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-09-01 08:35 - 2016-09-01 08:35 - 00002135 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-09-01 08:35 - 2016-09-01 08:35 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-09-01 02:29 - 2016-08-27 14:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-01 02:29 - 2016-08-27 11:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-01 02:29 - 2016-08-27 07:12 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-01 02:29 - 2016-08-27 07:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-01 02:29 - 2016-08-27 06:58 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-01 02:29 - 2016-08-27 06:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-01 02:29 - 2016-08-27 06:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-01 02:29 - 2016-08-27 06:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-01 02:29 - 2016-08-27 06:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-01 02:29 - 2016-08-27 06:38 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-01 02:29 - 2016-08-27 06:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-01 02:29 - 2016-08-27 06:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-01 02:29 - 2016-08-27 06:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-01 02:29 - 2016-08-20 08:26 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-01 02:29 - 2016-08-20 08:13 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-01 02:29 - 2016-08-20 08:06 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-01 02:29 - 2016-08-20 08:06 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-01 02:29 - 2016-08-20 08:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-01 02:29 - 2016-08-20 08:05 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-01 02:29 - 2016-08-20 08:04 - 07814488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-01 02:29 - 2016-08-20 08:04 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-01 02:29 - 2016-08-20 08:04 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-01 02:29 - 2016-08-20 08:03 - 02257248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-01 02:29 - 2016-08-20 08:03 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-01 02:29 - 2016-08-20 07:52 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 01279328 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-01 02:29 - 2016-08-20 07:52 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-01 02:29 - 2016-08-20 07:52 - 00658776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-01 02:29 - 2016-08-20 07:52 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-01 02:29 - 2016-08-20 07:52 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-01 02:29 - 2016-08-20 07:51 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-01 02:29 - 2016-08-20 07:50 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-01 02:29 - 2016-08-20 07:50 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-01 02:29 - 2016-08-20 07:50 - 01099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-01 02:29 - 2016-08-20 07:50 - 00987992 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-01 02:29 - 2016-08-20 07:50 - 00942424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-01 02:29 - 2016-08-20 07:50 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-01 02:29 - 2016-08-20 07:50 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-01 02:29 - 2016-08-20 07:50 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-01 02:29 - 2016-08-20 07:50 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-01 02:29 - 2016-08-20 07:47 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-01 02:29 - 2016-08-20 07:47 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-01 02:29 - 2016-08-20 07:47 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-01 02:29 - 2016-08-20 07:46 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-01 02:29 - 2016-08-20 07:43 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-01 02:29 - 2016-08-20 07:42 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-01 02:29 - 2016-08-20 07:34 - 01430200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-01 02:29 - 2016-08-20 07:34 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-01 02:29 - 2016-08-20 07:34 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-01 02:29 - 2016-08-20 07:33 - 05722312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-01 02:29 - 2016-08-20 07:33 - 00852824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-01 02:29 - 2016-08-20 07:32 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-01 02:29 - 2016-08-20 07:32 - 00846552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-01 02:29 - 2016-08-20 07:29 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-01 02:29 - 2016-08-20 07:29 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-01 02:29 - 2016-08-20 07:29 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-01 02:29 - 2016-08-20 07:25 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-01 02:29 - 2016-08-20 07:22 - 22571008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-01 02:29 - 2016-08-20 07:22 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-01 02:29 - 2016-08-20 07:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-01 02:29 - 2016-08-20 07:21 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-01 02:29 - 2016-08-20 07:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-01 02:29 - 2016-08-20 07:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-01 02:29 - 2016-08-20 07:21 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-01 02:29 - 2016-08-20 07:21 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-01 02:29 - 2016-08-20 07:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-01 02:29 - 2016-08-20 07:20 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-01 02:29 - 2016-08-20 07:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-01 02:29 - 2016-08-20 07:20 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-01 02:29 - 2016-08-20 07:20 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-01 02:29 - 2016-08-20 07:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-01 02:29 - 2016-08-20 07:19 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-01 02:29 - 2016-08-20 07:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-01 02:29 - 2016-08-20 07:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-01 02:29 - 2016-08-20 07:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-01 02:29 - 2016-08-20 07:18 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-09-01 02:29 - 2016-08-20 07:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-01 02:29 - 2016-08-20 07:17 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-09-01 02:29 - 2016-08-20 07:17 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-01 02:29 - 2016-08-20 07:17 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-01 02:29 - 2016-08-20 07:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-01 02:29 - 2016-08-20 07:16 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-01 02:29 - 2016-08-20 07:16 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-01 02:29 - 2016-08-20 07:16 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-01 02:29 - 2016-08-20 07:15 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-01 02:29 - 2016-08-20 07:15 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-01 02:29 - 2016-08-20 07:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-01 02:29 - 2016-08-20 07:15 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-01 02:29 - 2016-08-20 07:15 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-09-01 02:29 - 2016-08-20 07:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-01 02:29 - 2016-08-20 07:14 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-01 02:29 - 2016-08-20 07:14 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-01 02:29 - 2016-08-20 07:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-01 02:29 - 2016-08-20 07:14 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-01 02:29 - 2016-08-20 07:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-01 02:29 - 2016-08-20 07:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-01 02:29 - 2016-08-20 07:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-01 02:29 - 2016-08-20 07:13 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-01 02:29 - 2016-08-20 07:13 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-01 02:29 - 2016-08-20 07:13 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-01 02:29 - 2016-08-20 07:12 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-01 02:29 - 2016-08-20 07:12 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-01 02:29 - 2016-08-20 07:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-01 02:29 - 2016-08-20 07:12 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-01 02:29 - 2016-08-20 07:12 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-01 02:29 - 2016-08-20 07:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-01 02:29 - 2016-08-20 07:12 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-01 02:29 - 2016-08-20 07:11 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-09-01 02:29 - 2016-08-20 07:11 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-01 02:29 - 2016-08-20 07:11 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-01 02:29 - 2016-08-20 07:11 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-01 02:29 - 2016-08-20 07:11 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-01 02:29 - 2016-08-20 07:10 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-01 02:29 - 2016-08-20 07:10 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-01 02:29 - 2016-08-20 07:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-01 02:29 - 2016-08-20 07:09 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-01 02:29 - 2016-08-20 07:09 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-01 02:29 - 2016-08-20 07:09 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-01 02:29 - 2016-08-20 07:09 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-01 02:29 - 2016-08-20 07:08 - 01906176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-01 02:29 - 2016-08-20 07:08 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-01 02:29 - 2016-08-20 07:08 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-01 02:29 - 2016-08-20 07:08 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-01 02:29 - 2016-08-20 07:08 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-01 02:29 - 2016-08-20 07:08 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-01 02:29 - 2016-08-20 07:07 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-01 02:29 - 2016-08-20 07:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-01 02:29 - 2016-08-20 07:06 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-01 02:29 - 2016-08-20 07:06 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-01 02:29 - 2016-08-20 07:05 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-01 02:29 - 2016-08-20 07:05 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-01 02:29 - 2016-08-20 07:04 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-01 02:29 - 2016-08-20 07:04 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-01 02:29 - 2016-08-20 07:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-01 02:29 - 2016-08-20 07:04 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-01 02:29 - 2016-08-20 07:04 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-01 02:29 - 2016-08-20 07:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-01 02:29 - 2016-08-20 07:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-01 02:29 - 2016-08-20 07:03 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-01 02:29 - 2016-08-20 07:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-01 02:29 - 2016-08-20 07:03 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-01 02:29 - 2016-08-20 07:03 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-01 02:29 - 2016-08-20 07:02 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-01 02:29 - 2016-08-20 07:01 - 04612096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-01 02:29 - 2016-08-20 07:01 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-01 02:29 - 2016-08-20 07:01 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-01 02:29 - 2016-08-20 07:00 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-01 02:29 - 2016-08-20 07:00 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-01 02:29 - 2016-08-20 07:00 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-01 02:29 - 2016-08-20 07:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-01 02:29 - 2016-08-20 06:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-01 02:29 - 2016-08-20 06:58 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-01 02:29 - 2016-08-20 06:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-01 02:29 - 2016-08-20 06:57 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-01 02:29 - 2016-08-20 06:57 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-01 02:29 - 2016-08-20 06:57 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-01 02:29 - 2016-08-20 06:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-01 02:29 - 2016-08-20 06:55 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-01 02:29 - 2016-08-20 06:55 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-01 02:29 - 2016-08-20 06:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-01 02:29 - 2016-08-20 06:53 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-01 02:29 - 2016-08-20 06:53 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-01 02:29 - 2016-08-20 06:53 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-01 02:29 - 2016-08-20 06:52 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-01 02:29 - 2016-08-20 06:51 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-01 02:29 - 2016-08-20 06:51 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-01 02:29 - 2016-08-20 06:51 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-01 02:29 - 2016-08-20 06:50 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-01 02:29 - 2016-08-20 06:49 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-01 02:29 - 2016-08-20 06:46 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-01 02:29 - 2016-08-19 03:33 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-09-01 02:09 - 2016-09-01 02:08 - 00000390 _____ C:\Users\hochs\Desktop\product-file-76929a54-3505-4045-9b2f-a770f169c5dc-20160901-0208.bin
2016-09-01 01:03 - 2016-09-01 01:03 - 00001154 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-09-01 01:03 - 2016-09-01 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-09-01 01:00 - 2016-09-01 01:01 - 00001401 _____ C:\Users\Public\Desktop\DVBLink Viewer.lnk
2016-09-01 01:00 - 2016-09-01 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVBLink
2016-09-01 01:00 - 2016-09-01 01:00 - 00000000 ____D C:\Program Files (x86)\DVBLogic
2016-09-01 00:26 - 2016-09-01 00:26 - 00002081 _____ C:\Users\Public\Desktop\TraXEx-Schredder.lnk
2016-09-01 00:26 - 2016-09-01 00:26 - 00002059 _____ C:\Users\Public\Desktop\TraXEx-Löschautomat.lnk
2016-09-01 00:26 - 2016-09-01 00:26 - 00002051 _____ C:\Users\Public\Desktop\TraXEx 7.0.lnk
2016-09-01 00:26 - 2016-09-01 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TraXEx 7.0
2016-08-31 06:10 - 2016-08-31 06:11 - 93009920 _____ C:\Users\hochs\Desktop\PlexMediaServer-1.0.3.2461-35f0caa-x86.spk
2016-08-31 05:48 - 2016-08-31 05:48 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-08-30 18:28 - 2016-08-30 18:29 - 00000000 ____D C:\Users\hochs\AppData\Local\CloudStation
2016-08-30 18:28 - 2016-08-30 18:28 - 00001368 _____ C:\Users\Public\Desktop\Synology Cloud Station Drive.lnk
2016-08-30 18:25 - 2016-08-30 18:27 - 00000000 ____D C:\Users\hochs\AppData\Local\CloudStationBackup
2016-08-30 18:25 - 2016-08-30 18:25 - 00001410 _____ C:\Users\Public\Desktop\Synology Cloud Station Backup.lnk
2016-08-30 18:25 - 2016-08-30 18:25 - 00000042 ____H C:\Users\hochs\.uuid
2016-08-30 13:53 - 2016-08-30 13:53 - 00002065 _____ C:\Users\hochs\Desktop\Paltalk Messenger.lnk
2016-08-30 13:53 - 2016-08-30 13:53 - 00001186 _____ C:\Users\hochs\Desktop\Upgrade to Paltalk Extreme.lnk
2016-08-30 13:53 - 2016-08-30 13:53 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
2016-08-30 09:18 - 2016-08-30 09:19 - 00313742 _____ C:\TDSSKiller.3.1.0.11_30.08.2016_09.18.51_log.txt
2016-08-30 09:18 - 2016-08-30 09:18 - 04747704 _____ (AO Kaspersky Lab) C:\Users\hochs\Desktop\tdsskiller.exe
2016-08-30 02:57 - 2016-08-30 18:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology
2016-08-30 02:57 - 2016-08-30 18:28 - 00000000 ____D C:\Program Files (x86)\Synology
2016-08-30 02:57 - 2016-08-30 02:57 - 00001248 _____ C:\Users\Public\Desktop\Synology Assistant.lnk
2016-08-30 02:57 - 2016-08-30 02:57 - 00000000 ____D C:\ProgramData\Synology
2016-08-29 17:14 - 2016-08-29 17:14 - 00000000 ____D C:\Users\hochs\Desktop\Unpacked
2016-08-29 15:58 - 2016-08-29 16:06 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
2016-08-29 15:58 - 2016-08-29 15:58 - 00001201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2016-08-29 15:58 - 2016-08-29 15:58 - 00001189 _____ C:\Users\hochs\Desktop\KeePass 2.lnk
2016-08-28 19:03 - 2016-08-28 19:03 - 00000000 ____D C:\Users\hochs\AppData\Local\enchant
2016-08-28 18:11 - 2016-08-28 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HexChat
2016-08-28 18:11 - 2016-08-28 18:11 - 00000000 ____D C:\Program Files\HexChat
2016-08-28 14:02 - 2016-08-31 07:27 - 00519917 _____ C:\WINDOWS\system32\Drivers\etc\hosts.hitmanpro
2016-08-28 13:48 - 2016-08-28 13:48 - 00490651 _____ C:\Users\hochs\AppData\Local\census.cache
2016-08-28 13:48 - 2016-08-28 13:48 - 00187693 _____ C:\Users\hochs\AppData\Local\ars.cache
2016-08-28 13:41 - 2016-08-28 13:41 - 00000000 ____D C:\Users\hochs\AppData\Local\Macromedia
2016-08-28 13:29 - 2016-08-28 13:29 - 00000036 _____ C:\Users\hochs\AppData\Local\housecall.guid.cache
2016-08-28 12:08 - 2016-08-28 12:08 - 00000000 ____D C:\Program Files (x86)\ESET
2016-08-28 11:05 - 2016-09-01 13:36 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-08-28 10:48 - 2016-09-08 21:18 - 00000000 ____D C:\FRST
2016-08-28 09:58 - 2016-08-28 09:58 - 00001347 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box.lnk
2016-08-28 09:58 - 2016-08-28 09:58 - 00001335 _____ C:\Users\Public\Desktop\Browser in the Box.lnk
2016-08-28 09:58 - 2016-08-28 09:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box
2016-08-28 09:57 - 2016-08-28 09:57 - 00000000 ____D C:\ProgramData\Sirrix AG
2016-08-28 09:57 - 2016-08-28 09:57 - 00000000 ____D C:\Program Files (x86)\Sirrix AG
2016-08-28 09:55 - 2016-08-28 09:55 - 00000000 ____D C:\Program Files\Oracle
2016-08-28 09:41 - 2016-08-28 09:41 - 00000000 ____D C:\Program Files\Common Files\AV
2016-08-28 09:41 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-08-28 09:39 - 2016-09-01 16:10 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-28 09:39 - 2016-09-01 15:23 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-28 09:39 - 2016-08-28 09:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-08-28 03:09 - 2016-08-06 06:17 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-08-28 03:09 - 2016-08-06 06:08 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-28 03:09 - 2016-08-06 06:08 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-28 03:09 - 2016-08-06 06:08 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-08-28 03:09 - 2016-08-06 06:04 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-08-28 03:09 - 2016-08-06 06:03 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-28 03:09 - 2016-08-06 06:03 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-08-28 03:09 - 2016-08-06 06:03 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-08-28 03:09 - 2016-08-06 06:03 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-08-28 03:09 - 2016-08-06 06:03 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-08-28 03:09 - 2016-08-06 06:02 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-28 03:09 - 2016-08-06 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-08-28 03:09 - 2016-08-06 05:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-08-28 03:09 - 2016-08-06 05:48 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-08-28 03:09 - 2016-08-06 05:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-08-28 03:09 - 2016-08-06 05:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-08-28 03:09 - 2016-08-06 05:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-08-28 03:09 - 2016-08-06 05:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-08-28 03:09 - 2016-08-06 05:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-08-28 03:09 - 2016-08-06 05:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-08-28 03:09 - 2016-08-06 05:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-08-28 03:09 - 2016-08-06 05:44 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-08-28 03:09 - 2016-08-06 05:44 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-08-28 03:09 - 2016-08-06 05:41 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-28 03:09 - 2016-08-06 05:41 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-08-28 03:09 - 2016-08-06 05:41 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-08-28 03:09 - 2016-08-06 05:40 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-28 03:09 - 2016-08-06 05:39 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-08-28 03:09 - 2016-08-06 05:37 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-28 03:09 - 2016-08-06 05:31 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-28 03:09 - 2016-08-06 05:30 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-28 03:09 - 2016-08-06 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-08-28 03:09 - 2016-08-06 05:28 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-08-28 03:09 - 2016-08-06 05:28 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-08-28 03:09 - 2016-08-06 05:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-08-28 03:09 - 2016-08-06 05:26 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-08-28 03:09 - 2016-08-06 05:26 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-28 03:09 - 2016-08-06 05:25 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-28 03:09 - 2016-08-06 05:24 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-28 03:09 - 2016-08-06 05:23 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-08-28 03:09 - 2016-08-06 05:21 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-28 03:09 - 2016-08-05 11:10 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-08-28 03:09 - 2016-08-05 10:29 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-08-28 03:09 - 2016-08-05 10:23 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-08-28 03:09 - 2016-08-05 10:20 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-08-28 03:09 - 2016-08-05 10:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-08-28 03:08 - 2016-08-06 06:33 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-08-28 03:08 - 2016-08-06 06:31 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-28 03:08 - 2016-08-06 06:31 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-08-28 03:08 - 2016-08-06 06:29 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-08-28 03:08 - 2016-08-06 06:29 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-08-28 03:08 - 2016-08-06 06:26 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-08-28 03:08 - 2016-08-06 06:23 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-28 03:08 - 2016-08-06 06:18 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-28 03:08 - 2016-08-06 06:18 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-28 03:08 - 2016-08-06 06:18 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-08-28 03:08 - 2016-08-06 06:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-28 03:08 - 2016-08-06 06:17 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-08-28 03:08 - 2016-08-06 06:17 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-28 03:08 - 2016-08-06 06:16 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-28 03:08 - 2016-08-06 06:15 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-08-28 03:08 - 2016-08-06 06:13 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-28 03:08 - 2016-08-06 06:13 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-28 03:08 - 2016-08-06 06:13 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-08-28 03:08 - 2016-08-06 06:13 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-08-28 03:08 - 2016-08-06 06:13 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-28 03:08 - 2016-08-06 06:13 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-08-28 03:08 - 2016-08-06 06:09 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-28 03:08 - 2016-08-06 06:08 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-28 03:08 - 2016-08-06 06:08 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-08-28 03:08 - 2016-08-06 06:08 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-28 03:08 - 2016-08-06 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-08-28 03:08 - 2016-08-06 05:48 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-08-28 03:08 - 2016-08-06 05:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-08-28 03:08 - 2016-08-06 05:48 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-08-28 03:08 - 2016-08-06 05:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-28 03:08 - 2016-08-06 05:47 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-08-28 03:08 - 2016-08-06 05:47 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-08-28 03:08 - 2016-08-06 05:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-08-28 03:08 - 2016-08-06 05:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-08-28 03:08 - 2016-08-06 05:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-08-28 03:08 - 2016-08-06 05:46 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-08-28 03:08 - 2016-08-06 05:46 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-08-28 03:08 - 2016-08-06 05:46 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-08-28 03:08 - 2016-08-06 05:46 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-28 03:08 - 2016-08-06 05:45 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-08-28 03:08 - 2016-08-06 05:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-08-28 03:08 - 2016-08-06 05:45 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-08-28 03:08 - 2016-08-06 05:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-08-28 03:08 - 2016-08-06 05:44 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2016-08-28 03:08 - 2016-08-06 05:44 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-08-28 03:08 - 2016-08-06 05:43 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-08-28 03:08 - 2016-08-06 05:43 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-08-28 03:08 - 2016-08-06 05:43 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-28 03:08 - 2016-08-06 05:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-08-28 03:08 - 2016-08-06 05:42 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-28 03:08 - 2016-08-06 05:41 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-08-28 03:08 - 2016-08-06 05:41 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-08-28 03:08 - 2016-08-06 05:41 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-08-28 03:08 - 2016-08-06 05:41 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-08-28 03:08 - 2016-08-06 05:41 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-08-28 03:08 - 2016-08-06 05:40 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-28 03:08 - 2016-08-06 05:40 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-08-28 03:08 - 2016-08-06 05:40 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-08-28 03:08 - 2016-08-06 05:40 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-08-28 03:08 - 2016-08-06 05:39 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-08-28 03:08 - 2016-08-06 05:39 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-08-28 03:08 - 2016-08-06 05:39 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-08-28 03:08 - 2016-08-06 05:38 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-28 03:08 - 2016-08-06 05:38 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-28 03:08 - 2016-08-06 05:36 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-08-28 03:08 - 2016-08-06 05:33 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-08-28 03:08 - 2016-08-06 05:33 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-08-28 03:08 - 2016-08-06 05:31 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-28 03:08 - 2016-08-06 05:31 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-08-28 03:08 - 2016-08-06 05:31 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-08-28 03:08 - 2016-08-06 05:31 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-08-28 03:08 - 2016-08-06 05:30 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-28 03:08 - 2016-08-06 05:29 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-28 03:08 - 2016-08-06 05:29 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-08-28 03:08 - 2016-08-06 05:29 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-08-28 03:08 - 2016-08-06 05:29 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-08-28 03:08 - 2016-08-06 05:26 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-28 03:08 - 2016-08-06 05:25 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-08-28 03:08 - 2016-08-06 05:24 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-28 03:08 - 2016-08-06 05:23 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-08-28 03:08 - 2016-08-06 05:23 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-28 03:08 - 2016-08-06 05:23 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-28 03:08 - 2016-08-06 05:23 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-28 03:08 - 2016-08-06 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-08-28 03:08 - 2016-08-06 05:23 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-28 03:08 - 2016-08-06 05:23 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-08-28 03:08 - 2016-08-06 05:19 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-08-28 03:08 - 2016-08-06 05:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-28 03:08 - 2016-08-05 11:14 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-08-28 03:08 - 2016-08-05 11:12 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-28 03:08 - 2016-08-05 11:05 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-08-28 03:08 - 2016-08-05 10:28 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-08-28 03:08 - 2016-08-05 10:22 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-08-28 03:08 - 2016-08-05 10:20 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-08-28 03:08 - 2016-08-05 10:08 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-08-28 01:41 - 2016-09-01 00:22 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-08-28 01:41 - 2016-08-28 01:44 - 00001093 _____ C:\Users\hochs\Desktop\Internet Download Manager.lnk
2016-08-28 01:41 - 2016-08-28 01:41 - 00000000 ____D C:\ProgramData\IDM
2016-08-28 01:15 - 2016-09-04 12:32 - 00000000 ____D C:\Users\hochs\AppData\Local\Free Download Manager
2016-08-27 20:37 - 2016-08-27 20:37 - 00001918 _____ C:\Users\Public\Desktop\Star Downloader.lnk
2016-08-27 20:37 - 2016-08-27 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Downloader
2016-08-27 20:37 - 2016-08-27 20:37 - 00000000 ____D C:\Program Files (x86)\Star Downloader
2016-08-27 20:11 - 2016-08-27 20:11 - 00001348 _____ C:\Users\hochs\Desktop\4K Video Downloader.lnk
2016-08-27 20:11 - 2016-08-27 20:11 - 00000000 ____D C:\Users\hochs\AppData\Local\4kdownload.com
2016-08-27 20:11 - 2016-08-27 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2016-08-27 20:11 - 2016-08-27 20:11 - 00000000 ____D C:\Program Files (x86)\4KDownload
2016-08-27 09:14 - 2016-08-27 09:14 - 00000838 _____ C:\Users\hochs\Documents\psr7.lic
2016-08-27 09:13 - 2016-08-27 09:55 - 00548864 _____ C:\Users\hochs\Documents\Passwort.ps7
2016-08-27 09:07 - 2016-08-27 09:07 - 00001214 _____ C:\Users\Public\Desktop\Password Safe 7.lnk
2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Password Safe and Repository 7
2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\ProgramData\InstallMate
2016-08-27 09:07 - 2016-08-27 09:07 - 00000000 ____D C:\Program Files (x86)\Password Safe and Repository 7
2016-08-27 08:08 - 2016-08-27 08:08 - 00001542 _____ C:\Users\Public\Desktop\Ein-Klick-Optimierung (WO14).lnk
2016-08-27 08:08 - 2016-08-27 08:08 - 00001314 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 14.lnk
2016-08-27 08:08 - 2016-08-27 08:08 - 00000214 _____ C:\Users\Public\Desktop\My Software Deals.url
2016-08-27 08:08 - 2016-08-27 08:08 - 00000000 ____D C:\ProgramData\Ashampoo
2016-08-26 16:31 - 2016-08-26 16:31 - 00001158 _____ C:\Users\Public\Desktop\My LastPass Vault.lnk
2016-08-26 16:31 - 2016-08-26 16:31 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2016-08-26 16:31 - 2016-08-26 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2016-08-26 16:30 - 2016-08-26 16:31 - 00000000 ____D C:\Program Files (x86)\LastPass
2016-08-26 16:03 - 2016-09-08 20:37 - 00000000 ____D C:\Users\hochs\AppData\LocalLow\LastPass
2016-08-25 18:26 - 2016-08-25 18:26 - 00331104 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file2355.sys
2016-08-25 18:26 - 2016-08-25 18:26 - 00181088 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2263.sys
2016-08-25 18:26 - 2016-08-25 18:26 - 00000000 ____D C:\ProgramData\Acronis Mobile Backup Data
2016-08-24 04:24 - 2016-08-24 04:24 - 00142170 _____ C:\Users\hochs\Documents\Invoice_9636875_3300331493042016.pdf
2016-08-24 04:23 - 2016-08-24 04:23 - 00071918 _____ C:\Users\hochs\Documents\Details_9636875_3300765375082016_10000149531615.pdf
2016-08-24 04:17 - 2016-08-24 04:27 - 204759040 _____ C:\Users\hochs\Documents\DSM_DS214+_8451.pat
2016-08-23 18:31 - 2016-08-23 18:31 - 00000000 ____D C:\Users\hochs\AppData\Local\Deployment
2016-08-22 19:57 - 2016-08-22 19:57 - 00002126 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-08-22 19:57 - 2016-08-22 19:57 - 00002124 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-08-22 19:57 - 2016-08-22 19:57 - 00002114 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-08-22 19:57 - 2016-08-22 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-08-22 19:32 - 2016-08-22 19:32 - 00000000 ____D C:\Snort
2016-08-22 19:30 - 2016-08-22 19:30 - 00000000 ____D C:\ProgramData\AVAST Software
2016-08-21 04:04 - 2016-08-21 04:04 - 00000000 ____D C:\ProgramData\Wondershare
2016-08-21 04:03 - 2016-08-21 04:03 - 00000000 ____D C:\Users\hochs\AppData\Local\CrashRpt
2016-08-21 04:03 - 2016-08-21 04:03 - 00000000 ____D C:\Users\hochs\AppData\Local\BMExplorer
2016-08-20 15:12 - 2016-08-20 15:12 - 00000000 ____D C:\Users\hochs\AppData\Local\PeerDistRepub
2016-08-20 14:01 - 2016-08-30 02:39 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iStripper
2016-08-20 10:41 - 2016-08-20 10:41 - 00000000 ____D C:\Users\hochs\AppData\Local\Remove_Empty_Directories
2016-08-20 10:36 - 2016-08-20 10:36 - 00001179 _____ C:\Users\Public\Desktop\Remove Empty Directories.lnk
2016-08-20 10:36 - 2016-08-20 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remove Empty Directories
2016-08-20 10:36 - 2016-08-20 10:36 - 00000000 ____D C:\Program Files (x86)\Remove Empty Directories
2016-08-19 22:36 - 2016-08-20 07:39 - 00001150 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-19 22:36 - 2016-08-20 07:39 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-19 22:36 - 2016-08-19 22:41 - 00004208 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-19 22:36 - 2016-08-19 22:41 - 00003976 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-18 18:24 - 2016-09-08 21:07 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Yahoo Messenger
2016-08-18 18:24 - 2016-08-18 18:24 - 00002381 _____ C:\Users\hochs\Desktop\Yahoo Messenger.lnk
2016-08-18 18:24 - 2016-08-18 18:24 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yahoo! Inc
2016-08-18 18:24 - 2016-08-18 18:24 - 00000000 ____D C:\Users\hochs\AppData\Local\yahoomessenger
2016-08-18 00:10 - 2016-08-18 00:10 - 00002449 ____R C:\WINDOWS\RouterControl_Uninstall.in
2016-08-18 00:10 - 2009-05-19 13:49 - 00330344 _____ (Mirko Böer) C:\WINDOWS\RCoUn.EXE
2016-08-17 18:30 - 2016-09-01 00:26 - 00000000 ____D C:\Program Files (x86)\TraXEx
2016-08-17 00:17 - 2016-08-17 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-08-17 00:17 - 2016-08-17 00:17 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-08-17 00:17 - 2016-08-17 00:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-08-15 11:40 - 2016-08-15 11:40 - 00042064 _____ (Anchorfree Inc.) C:\WINDOWS\system32\Drivers\taphss6.sys
2016-08-15 03:42 - 2016-08-15 03:43 - 00000000 ____D C:\ProgramData\F-Secure
2016-08-15 03:42 - 2016-08-15 03:42 - 00000000 ____D C:\Users\hochs\AppData\Local\F-Secure
2016-08-14 16:05 - 2016-08-14 16:05 - 08981510 _____ C:\Users\hochs\Documents\DESKTOP-GBIJB17.arn
2016-08-14 15:56 - 2016-08-14 15:56 - 00000022 ___SH C:\Users\hochs\AppData\Roaming\App1755 Conf_DB.ind
2016-08-14 15:56 - 2016-08-14 15:56 - 00000022 ___SH C:\Users\hochs\AppData\Roaming\0BF913075E33065.xrd
2016-08-14 15:37 - 2016-08-30 02:39 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2016-08-14 15:37 - 2016-08-14 15:49 - 00000000 ____D C:\ProgramData\WindSolutions
2016-08-14 15:18 - 2016-08-14 15:18 - 00001428 _____ C:\Users\Public\Desktop\Wondershare TunesGo Retro.lnk
2016-08-14 15:18 - 2016-08-14 15:18 - 00000000 ____D C:\Users\hochs\AppData\Local\Wondershare
2016-08-14 15:18 - 2016-08-14 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2016-08-14 15:17 - 2016-08-14 15:17 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-08-14 14:29 - 2016-08-14 14:29 - 00002266 _____ C:\Users\Public\Desktop\Xilisoft Video Converter Ultimate.lnk
2016-08-14 14:29 - 2016-08-14 14:29 - 00000000 ____D C:\ProgramData\Xilisoft
2016-08-14 14:29 - 2016-08-14 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2016-08-14 14:29 - 2016-08-14 14:29 - 00000000 ____D C:\Program Files (x86)\Xilisoft
2016-08-14 14:22 - 2016-08-14 14:23 - 00000000 ____D C:\ProgramData\Freemake
2016-08-14 14:22 - 2016-08-14 14:22 - 00001408 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2016-08-14 14:22 - 2016-08-14 14:22 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2016-08-14 14:22 - 2016-08-14 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2016-08-14 14:22 - 2016-08-14 14:22 - 00000000 ____D C:\Program Files (x86)\Freemake
2016-08-14 13:35 - 2016-08-14 13:35 - 00000000 ____D C:\Users\hochs\Documents\Benutzerdefinierte Office-Vorlagen
2016-08-14 12:55 - 2016-08-14 12:55 - 00000000 ____D C:\Users\hochs\AppData\Local\CrashReportClient
2016-08-14 12:21 - 2016-08-14 12:21 - 00000000 ____D C:\Program Files\Epic Games
2016-08-14 12:19 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-08-14 12:19 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-08-14 12:19 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-08-14 12:19 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-08-14 12:19 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-08-14 12:19 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-08-14 12:19 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-08-14 12:18 - 2016-08-14 12:20 - 00002617 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2016-08-14 12:18 - 2016-08-14 12:20 - 00002605 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2016-08-14 12:18 - 2016-08-14 12:19 - 00000000 ____D C:\ProgramData\Epic
2016-08-14 12:18 - 2016-08-14 12:18 - 00000000 ____D C:\Users\hochs\AppData\Local\UnrealEngine
2016-08-14 12:18 - 2016-08-14 12:18 - 00000000 ____D C:\Users\hochs\AppData\Local\EpicGamesLauncher
2016-08-14 12:18 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-08-13 23:41 - 2016-08-13 23:41 - 00000000 ____D C:\Program Files\CMAK
2016-08-13 23:41 - 2016-08-13 23:41 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-08-13 10:03 - 2016-08-13 10:03 - 00000000 ___HD C:\$Windows.~WS
2016-08-12 22:02 - 2016-08-12 22:02 - 00001961 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2016-08-12 22:02 - 2016-08-12 22:02 - 00001949 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2016-08-12 22:02 - 2016-08-12 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2016-08-12 22:02 - 2016-08-12 22:02 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2016-08-12 21:20 - 2016-08-12 21:20 - 00000000 ____D C:\Users\hochs\AppData\Local\Disc_Soft_Ltd
2016-08-10 05:51 - 2016-08-02 10:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-10 05:51 - 2016-08-02 10:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-10 05:51 - 2016-08-02 09:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 05:51 - 2016-08-02 06:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 05:51 - 2016-07-22 03:32 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-10 05:51 - 2016-07-22 03:25 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-10 05:51 - 2016-07-22 03:18 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-10 05:51 - 2016-07-22 03:18 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-10 05:51 - 2016-07-22 03:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-10 05:51 - 2016-07-22 02:32 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-10 05:51 - 2016-07-22 02:31 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-09 20:38 - 2016-08-09 20:38 - 00047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2016-08-09 20:38 - 2016-08-09 20:38 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2016-08-09 20:38 - 2016-08-09 20:38 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-08-09 20:09 - 2016-08-09 20:09 - 00002315 _____ C:\Users\hochs\Desktop\RT 7 Lite (64-Bit).lnk
2016-08-09 20:09 - 2016-08-09 20:09 - 00000000 ____D C:\WINDOWS\system32\RT 7 Lite
2016-08-09 20:09 - 2016-08-09 20:09 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockers Team
2016-08-09 20:09 - 2016-08-09 20:09 - 00000000 ____D C:\Program Files\Rockers Team

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-08 21:12 - 2016-07-17 00:51 - 02177114 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-08 21:12 - 2016-07-17 00:51 - 00557574 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-08 21:12 - 2016-05-20 20:58 - 04552306 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-08 21:07 - 2016-05-20 21:29 - 00000000 ___RD C:\Users\hochs\iCloudDrive
2016-09-08 21:06 - 2016-08-07 14:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-08 21:06 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-09-08 21:05 - 2016-06-23 07:03 - 00000000 ____D C:\Users\hochs\Documents\Outlook-Dateien
2016-09-08 20:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-08 20:37 - 2016-06-11 01:57 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-09-08 06:41 - 2016-08-07 14:17 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-07 18:40 - 2016-05-20 21:32 - 00000000 ____D C:\Users\hochs\AppData\Local\JDownloader 2.0
2016-09-07 17:06 - 2016-08-08 17:15 - 00000000 ____D C:\AdwCleaner
2016-09-07 17:06 - 2016-06-03 03:46 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-09-05 18:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-09-04 14:26 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-09-04 14:26 - 2016-05-20 20:53 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-04 14:25 - 2016-07-17 00:56 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-04 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-09-04 13:54 - 2016-05-21 09:20 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-04 13:27 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-04 12:07 - 2016-08-07 14:19 - 00000000 ____D C:\Users\hochs
2016-09-04 11:59 - 2016-07-24 16:54 - 00000000 ____D C:\Users\hochs\.mediathek3
2016-09-04 11:38 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-04 11:38 - 2016-05-20 20:53 - 00000000 ____D C:\Users\hochs\AppData\Local\Packages
2016-09-04 05:15 - 2016-07-24 21:14 - 00000000 ____D C:\Users\hochs\AppData\Local\Glance
2016-09-02 13:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-02 09:15 - 2016-05-31 18:39 - 00000000 ____D C:\ProgramData\Atheros
2016-09-02 03:24 - 2016-05-22 18:12 - 00000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForhochs.job
2016-09-01 18:18 - 2016-08-07 14:25 - 00003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForhochs
2016-09-01 16:26 - 2016-07-30 11:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-01 16:24 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-01 16:24 - 2016-05-20 21:41 - 00000000 ____D C:\WINDOWS\ShellNew
2016-09-01 16:24 - 2016-05-20 21:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-01 16:23 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-01 16:23 - 2016-05-20 21:41 - 00000167 _____ C:\WINDOWS\win.ini
2016-09-01 14:28 - 2016-06-11 05:17 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-09-01 13:39 - 2016-06-22 12:03 - 00000000 ____D C:\Program Files\PeerBlock
2016-09-01 13:35 - 2016-08-07 09:03 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-09-01 13:11 - 2016-05-20 21:27 - 00075803 _____ C:\bdlog.txt
2016-09-01 10:18 - 2016-08-07 09:09 - 00001051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-09-01 10:18 - 2016-08-07 09:09 - 00001039 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-09-01 08:40 - 2016-05-21 05:50 - 00000000 ____D C:\Users\hochs\AppData\LocalLow\Adobe
2016-09-01 08:40 - 2016-05-21 05:48 - 00000000 ____D C:\Users\hochs\AppData\Local\Adobe
2016-09-01 08:39 - 2016-05-20 20:55 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-01 02:26 - 2016-07-16 13:43 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-09-01 02:26 - 2016-07-16 13:43 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-09-01 02:26 - 2016-07-16 13:43 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-01 02:26 - 2016-07-16 13:43 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-01 02:26 - 2016-07-16 13:42 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-09-01 02:26 - 2016-07-16 13:42 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-01 02:26 - 2016-07-16 13:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-09-01 02:26 - 2016-07-16 13:42 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-01 02:26 - 2016-07-16 13:42 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-01 02:26 - 2016-07-16 13:42 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-01 02:26 - 2016-07-16 13:42 - 00079544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-01 02:26 - 2016-07-16 13:42 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-01 02:26 - 2016-07-16 13:42 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-01 02:26 - 2016-07-16 13:42 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-01 01:03 - 2016-05-21 06:57 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-09-01 00:30 - 2016-07-16 08:04 - 00065536 _____ C:\WINDOWS\system32\config\ELAM
2016-08-31 17:43 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-31 06:34 - 2016-05-29 18:43 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2016-08-31 06:34 - 2016-05-29 18:43 - 00001161 _____ C:\Users\Public\Desktop\WinSCP.lnk
2016-08-31 06:34 - 2016-05-29 18:43 - 00000000 ____D C:\Program Files (x86)\WinSCP
2016-08-30 02:29 - 2016-05-21 05:47 - 00000000 ____D C:\ProgramData\Adobe
2016-08-28 14:02 - 2016-05-21 05:48 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-08-27 08:08 - 2016-05-29 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-08-27 08:08 - 2016-05-29 19:27 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2016-08-27 04:28 - 2016-07-30 11:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-26 16:05 - 2016-07-30 11:57 - 00000000 ____D C:\Users\hochs\AppData\Local\Mozilla
2016-08-26 15:57 - 2016-07-30 11:57 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-26 15:57 - 2016-07-30 11:57 - 00001231 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-26 07:43 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-08-26 07:43 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-08-25 18:39 - 2016-05-20 21:00 - 00000000 ____D C:\ProgramData\Acronis
2016-08-25 18:26 - 2016-05-20 21:01 - 01267544 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00687968 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00375136 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00368480 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00331104 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00212320 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00181088 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2016-08-25 18:26 - 2016-05-20 21:01 - 00001297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2016-08-25 18:26 - 2016-05-20 21:01 - 00001285 _____ C:\Users\Public\Desktop\Acronis True Image.lnk
2016-08-25 18:22 - 2016-05-20 21:26 - 00000000 ____D C:\Users\hochs\AppData\Local\Apple
2016-08-24 03:38 - 2016-07-16 13:43 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-23 18:31 - 2016-05-28 10:47 - 00000000 ____D C:\Users\hochs\AppData\Local\Apps\2.0
2016-08-22 19:57 - 2016-05-20 20:55 - 00000000 ____D C:\Users\hochs\AppData\Local\Google
2016-08-21 16:04 - 2016-05-20 21:27 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Apple Computer
2016-08-21 04:03 - 2016-05-20 21:27 - 00000000 ____D C:\Users\hochs\AppData\Local\Apple Computer
2016-08-20 18:43 - 2016-05-27 07:02 - 00001390 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2016-08-20 18:43 - 2016-05-27 07:02 - 00001329 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-08-20 18:43 - 2016-05-27 07:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-08-20 18:43 - 2016-05-27 07:02 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-08-20 16:20 - 2016-05-20 20:55 - 00000000 ____D C:\Users\hochs\AppData\Local\MicrosoftEdge
2016-08-20 10:41 - 2016-08-06 09:27 - 00000000 ____D C:\xampp2
2016-08-20 10:41 - 2016-08-06 09:16 - 00000000 ____D C:\xampp
2016-08-20 10:40 - 2016-07-15 20:16 - 00000000 ____D C:\Users\hochs\AppData\Local\PrivaZer
2016-08-20 10:37 - 2016-08-06 08:57 - 00000000 ____D C:\Users\hochs\.mythtv
2016-08-20 10:37 - 2016-05-20 20:53 - 00000000 ____D C:\Users\hochs\AppData\Local\Comms
2016-08-20 07:37 - 2016-08-06 09:19 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-08-18 18:26 - 2016-08-06 11:42 - 00000000 ____D C:\Users\hochs\AppData\Local\SquirrelTemp
2016-08-17 01:11 - 2016-08-07 15:17 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-15 04:20 - 2016-07-09 04:00 - 00002126 _____ C:\Users\hochs\Desktop\cnlabSpeedTest.lnk
2016-08-15 04:20 - 2016-07-09 04:00 - 00000000 ____D C:\Users\hochs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\cnlab AG
2016-08-15 04:20 - 2016-07-09 04:00 - 00000000 ____D C:\Users\hochs\AppData\Local\cnlabSpeedTest
2016-08-14 12:18 - 2016-07-31 00:49 - 00000000 ____D C:\Program Files (x86)\Epic Games
2016-08-12 23:17 - 2016-05-21 10:19 - 00000000 ____D C:\Users\hochs\.VirtualBox
2016-08-12 23:00 - 2016-05-21 10:19 - 00000000 ____D C:\Users\hochs\VirtualBox VMs
2016-08-09 20:48 - 2016-08-07 14:26 - 00002563 _____ C:\WINDOWS\diagwrn.xml
2016-08-09 20:48 - 2016-08-07 14:26 - 00001908 _____ C:\WINDOWS\diagerr.xml

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-03-26 13:48 - 2015-03-26 13:48 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2016-09-01 13:12 - 2016-09-01 13:12 - 0238909 _____ () C:\ProgramData\1472728277.bdinstall.bin
2016-09-01 13:40 - 2016-09-01 13:40 - 0028335 _____ () C:\ProgramData\1472729999.bdinstall.bin
2016-05-21 06:09 - 2016-05-21 06:09 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0003439 _____ () C:\ProgramData\cfGH0330.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002297 _____ () C:\ProgramData\cfSB1580.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002244 _____ () C:\ProgramData\cfSB1590.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002595 _____ () C:\ProgramData\cfSB1600.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002595 _____ () C:\ProgramData\cfSB1610.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0002244 _____ () C:\ProgramData\cfSB1700.ini
2016-01-26 00:34 - 2016-01-26 00:34 - 0003582 _____ () C:\ProgramData\cfSB1710.ini
2016-08-07 14:18 - 2016-08-07 14:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-01-26 00:34 - 2016-01-26 00:34 - 0057587 _____ () C:\ProgramData\SBXH7.cfg

Einige Dateien in TEMP:
====================
C:\Users\admin\AppData\Local\Temp\avgnt.exe
C:\Users\admin\AppData\Local\Temp\libeay32.dll
C:\Users\admin\AppData\Local\Temp\msvcr120.dll
C:\Users\admin\AppData\Local\Temp\sqlite3.dll
C:\Users\hochs\AppData\Local\Temp\avgnt.exe
C:\Users\hochs\AppData\Local\Temp\kernel32.dll
C:\Users\hochs\AppData\Local\Temp\proxy_vole1796711872680176794.dll
C:\Users\hochs\AppData\Local\Temp\proxy_vole1797863368897694260.dll
C:\Users\hochs\AppData\Local\Temp\proxy_vole2240034186095844922.dll
C:\Users\hochs\AppData\Local\Temp\proxy_vole7998053034528165035.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-07 18:44

==================== Ende von FRST.txt ============================
         
Vielen Dank für alles.

Gruss
powerug

Alt 08.09.2016, 20:37   #13
powerzug
 
Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus - Standard

Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus



Log von Addition:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von admin (08-09-2016 21:18:36)
Gestartet von D:\FRST
Windows 10 Pro Version 1607 (X64) (2016-08-07 12:29:07)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

admin (S-1-5-21-2615813048-3284018108-3599952075-1004 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-2615813048-3284018108-3599952075-500 - Administrator - Disabled) => C:\Users\Administrator
BitBox (S-1-5-21-2615813048-3284018108-3599952075-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-2615813048-3284018108-3599952075-503 - Limited - Disabled)
Gast (S-1-5-21-2615813048-3284018108-3599952075-501 - Limited - Disabled)
hochs (S-1-5-21-2615813048-3284018108-3599952075-1001 - Limited - Enabled) => C:\Users\hochs
HomeGroupUser$ (S-1-5-21-2615813048-3284018108-3599952075-1006 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.2.2075 - Open Media LLC)
Acronis True Image (HKLM-x32\...\{1D97407D-1C0C-4749-8A57-A57C17C71D45}Visible) (Version: 20.0.5534 - Acronis)
Acronis True Image (x32 Version: 20.0.5534 - Acronis) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{6E356EEF-203C-451B-9144-CBF099E3738A}) (Version: 4.54.55.1642 - Elcomsoft Co. Ltd.)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Internet Accelerator 3.20 (HKLM-x32\...\Ashampoo Internet Accelerator 3_is1) (Version: 3.2.0 - ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 14 (HKLM-x32\...\{4209F371-DEAB-BE89-2E8A-9643100258DD}_is1) (Version: 14.00.02 - Ashampoo GmbH & Co. KG)
Audials (HKLM-x32\...\{1FB97FD3-587A-41CC-BDE2-1651FDE7008F}) (Version: 14.1.4900.0 - Audials AG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.20.59 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 1.5.2.25975 - Avira Operations GmbH & Co. KG)
Avira Scout (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\{2e5cccd9-3da2-4641-b197-6d06e92643d0}) (Version: 16.7.11.945 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{96CADA13-A19B-4270-A536-A280EA510DB0}) (Version: 1.2.3.493 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 2.6.1.2751 - Avira Operations GmbH & Co. KG)
AviraScoutMsi (x32 Version: 16.07.11.00945 - Avira Operations GmbH & Co. KG) Hidden
BeeThink SpyDetector 2.0 (HKLM-x32\...\BeeThink SpyDetector_is1) (Version:  - BeeThink SoftWare, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
Bria 4 (HKLM-x32\...\{446E2A79-E395-4FB2-98FE-B39A42153EF0}) (Version: 45.8.1133 - CounterPath Corporation)
Browser in the Box (HKLM-x32\...\BitBox) (Version: 4.3.2-r211 - Sirrix AG)
CamStudio (HKLM-x32\...\CamStudio) (Version:  - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6139 - CDBurnerXP)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Clover 3.0 (HKLM-x32\...\Clover) (Version: 3.0 - EJIE Technology)
cnlabSpeedTest (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\{fxApplication}}_is1) (Version: 1.4.0 - cnlab AG)
CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.1713.60 - CyberLink Corp.)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 3.01 - NCH Software)
Design & Print (HKLM-x32\...\Design & Print 3.0.2) (Version: 3.0.2 - Avery Zweckform)
Disconnect Desktop (HKU\S-1-5-21-2615813048-3284018108-3599952075-1004\...\Disconnect Desktop 2.0.5) (Version: 2.0.5 - Disconnect)
Disconnect Desktop (x32 Version: 2.0.5 - Disconnect) Hidden
DoNotSpy10 (HKLM-x32\...\{32D066BD-F94C-4948-8FA8-84653EE9617E}_is1) (Version: 1.1.0.0 - pXc-coding.com)
DVBLink Viewer (HKLM-x32\...\{FE33BB16-65E4-41EA-AA5A-D3436058355D}) (Version: 6.0.0000 - DVBLogic)
DVR-Studio HD 3 (HKLM-x32\...\DVR-Studio HD 3) (Version: 3.21 - Haenlein-Software)
ELAN Touchpad 11.5.21.6_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.21.6 - ELAN Microelectronic Corp.)
EMDB 2.56 (HKLM-x32\...\EMDB_is1) (Version:  - Wicked & Wild Inc.)
Epic Games Launcher (HKLM-x32\...\{C8E7C575-FCFA-46B2-8FC0-E8AC65501350}) (Version: 1.1.78.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.6.2.3 - Telerik)
FileBot (HKLM\...\{3C2F8747-8A77-4CF9-8751-83BEA632F148}) (Version: 4.7 - Reinhard Pointner)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.26.721 - Digital Wave Ltd)
Freemake Video Converter Version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.89 - Google Inc.)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HexChat (HKLM\...\HexChat_is1) (Version: 2.12.1 - HexChat)
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{9086D601-50B7-491D-A143-28193DADE36B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6700 Hilfe (HKLM-x32\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.37 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{724A887F-2B55-4306-B6F9-8F0E7A04B1B5}) (Version: 5.2.2.87 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IPTV Playlist Editor (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\b5c1fe538a4271cb) (Version: 1.2.0.0 - Jan Sušnik)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KaraFun Player 2 (HKLM-x32\...\KaraFun Player 2_is1) (Version: 2.2.10.1 - Recisio)
KeePass Password Safe 2.34 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.34 - Dominik Reichl)
Kodi (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\Kodi) (Version:  - XBMC-Foundation)
Kodi M3U IPTV Editor (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\9dd71a3ef5f76512) (Version: 1.3.6.0 - Gabriel Denys)
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.3.1 (HKLM-x32\...\{26AC9666-A2C6-4D33-8370-A50F50F277C4}_is1) (Version: 1.3.1 - Sam Rodberg)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)
MyHarmony (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
MyMDb 3.6 (HKLM-x32\...\MyMDb_0) (Version:  - )
MyMDb 3.6 (HKLM-x32\...\MyMDb_1) (Version:  - )
Nero 2016 (HKLM-x32\...\{4297E807-5633-466A-8AC0-5AC48D310471}) (Version: 17.0.02000 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
OpenVPN 2.3.8-I601  (HKLM-x32\...\OpenVPN) (Version: 2.3.8-I601 - )
Oracle VM VirtualBox 5.0.20_Sirrix (HKLM\...\{D5D3DA57-5784-4703-845B-7AC08D13C4DE}) (Version: 5.0.20 - Sirrix AG)
Outils de vérification linguistique 2016 de Microsoft Office*- Français (x32 Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Paltalk Messenger  11.7 (HKLM-x32\...\Paltalk Messenger) (Version: 11.7.646.17836 - AVM Software Inc.)
Password Safe and Repository 7 (HKLM\...\{7B6F4DF3-57DA-49AD-8A6B-5639E9D66E8B}) (Version: 7.5.1.2259 - MATESO GmbH)
PeaZip 6.1.0 (WIN64) (HKLM\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: 6.1.0 - Giorgio Tani)
PeaZip configuration (WIN64) (HKLM\...\{4F8D60A8-C53D-47BD-AE5C-31AE6566D638}_is1) (Version:  - Giorgio Tani)
Playlist Creator 3.6.2 (HKLM-x32\...\Playlist Creator 3.6.2) (Version: 3.6.2.0 - oddgravity)
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 3.0.7.0 - Goversoft LLC)
Python Launcher (HKLM-x32\...\{963ECCDD-F09F-4C24-9367-8B5D748AA7C8}) (Version: 3.5.2121.0 - Python Software Foundation)
Qt (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\{81da7fc6-efa6-4d35-b234-db73874b715f}) (Version: 2.0.3 - The Qt Company Ltd)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros Communications)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
RT 7 Lite (64-Bit) (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\RT 7 Lite x64) (Version: 2.6.0 - Rockers Team)
RT 7 Lite x64 (Version: 2.6.0 - Rockers Team) Hidden
Samsung Link 2.0.0.1603091618 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1603091618 - Samsung Electronics Co.,Ltd)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.7 - Samsung Electronics)
Samsung Portable SSD T3 (HKLM-x32\...\Samsung Portable SSD T3_is1) (Version: 1.3 - Samsung Electronics)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
Smart View (HKLM-x32\...\{C7B50A89-F1D6-41C1-9375-0AF0C4CFE66F}) (Version: 1.0.0.0 - Samsung )
SolveigMM AVI Trimmer+ Version 5.0.1603.23 (HKLM-x32\...\SolveigMM AVI Trimmer_is1) (Version: 5.0.1603.23 - Solveig Multimedia)
Star Downloader Free (HKLM-x32\...\Star Downloader Free) (Version:  - )
Stashimi Stub Installer (x32 Version: 18.001.1 - Nero AG) Hidden
Sticky Password 8.0.8.116 (HKLM-x32\...\Sticky Password_is1) (Version: 8.0 - Lamantine Software)
Streaming Video Recorder V5.1.5 (HKLM-x32\...\{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1) (Version: 5.1.5 - APOWERSOFT LIMITED)
Strumenti di correzione di Microsoft Office 2016 - Italiano (x32 Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )
Synology Cloud Station Backup (remove only) (HKLM\...\Synology Cloud Station Backup) (Version: 4.1.4224 - Synology, Inc.)
Synology Cloud Station Drive (remove only) (HKLM\...\Synology Cloud Station Drive) (Version: 4.1.4224 - Synology, Inc.)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
Total Network Inventory 3.2.6 (build 2170) (HKLM-x32\...\Total Network Inventory 3_is1) (Version: 3.2.6 (build 2170) - Softinventive Lab Inc.)
Total Network Monitor 2.2.0 build 5530 (HKLM-x32\...\Total Network Monitor 2_is1) (Version: 2.2.0.5530 - Softinventive Lab Inc.)
Total Recorder 8.6 Standard Edition (HKLM-x32\...\TotalRecorder) (Version:  - )
TraXEx 7.0 (HKLM-x32\...\TraXEx_is1) (Version: 7.0.5.0 - Alexander Miehlke Softwareentwicklung)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Unreal Tournament 3 Black Edition (HKLM-x32\...\Unreal Tournament 3 Black Edition_is1) (Version:  - )
Update for Skype for Business 2016 (KB3115087) 32-Bit Edition (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}_Office16.PROPLUS_{3548386C-51B2-4935-9EFC-76AB7048E4C0}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3115087) 32-Bit Edition (HKLM-x32\...\{90160000-012B-0407-0000-0000000FF1CE}_Office16.PROPLUS_{3548386C-51B2-4935-9EFC-76AB7048E4C0}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WD My Cloud (HKLM\...\{8F19C800-80A5-4636-B560-39A58112D45B}) (Version: 1.0.4.37 - Western Digital Technologies, Inc.)
Web Stream Recorder (HKLM-x32\...\{8AAD9D0F-567C-4F8C-A0DA-1AB5B1243F68}_is1) (Version: 2015 - Bolide Software)
WhatsApp (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\WhatsApp) (Version: 0.2.1455 - WhatsApp)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17349 - Microsoft Corporation)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinSCP 5.9.1 (HKLM-x32\...\winscp3_is1) (Version: 5.9.1 - Martin Prikryl)
Wondershare TunesGo Retro ( Version 4.9.4 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 4.9.4 - Wondershare)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.23-0 - Bitnami)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.8.9.20150724 - Xilisoft)
Yahoo Messenger (HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\yahoomessenger) (Version: 0.8.267 - Yahoo! Inc)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\hochs\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2615813048-3284018108-3599952075-1004_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {014A23F3-4FD2-4CC1-89F5-50C64F67DDA1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {0B31C88B-C034-447A-B8E0-8BF61BE68D8C} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-06-16] (Realtek Semiconductor)
Task: {0FA1FC81-0D50-4851-AC9F-2C2EAE5040FA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {194DD19D-B90E-4126-96BD-7E1DDE29E035} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {2151EF65-8E8C-444A-8F75-D90BB06DE0B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-19] (Google Inc.)
Task: {314B3FC5-739D-47A9-8702-E033F3877F43} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-06-16] (Realtek Semiconductor)
Task: {3A2C9311-F1E6-4C8E-BC84-28963425BD13} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {403891A6-380F-4B4D-9116-4D4E4D107905} - System32\Tasks\HPCeeScheduleForhochs => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {4F708D11-6462-461D-AD1A-A85CDB630AFF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {5AF9AC36-72BD-4969-B753-A860668E308B} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-06-16] (Realtek Semiconductor)
Task: {5C273A34-718A-4DB0-91C6-112B4C8BE155} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe [2016-08-07] (Samsung Electronics)
Task: {62DA9560-171B-40EF-8500-CA0D2108E695} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: {6440FA74-FEF2-45CC-A74A-33DA3DFC7D43} - System32\Tasks\Disconnect Desktop Updater => C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe [2015-09-23] (Disconnect)
Task: {65126962-FAF2-419E-AA5E-207404D56351} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {69150610-66DB-492D-AA16-C7922304FAD7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-19] (Google Inc.)
Task: {6C75780B-C958-436F-9B36-56BD2DC44DDE} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {78322402-802C-4E32-93A7-8BD20C1A6AD6} - System32\Tasks\IPTV-Aufnahme Teleclub => C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe [2016-01-19] (Apowersoft)
Task: {95397DA6-0DEF-4CC5-B6FA-635F80193EA2} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2016-05-13] (Samsung Electronics.)
Task: {BA059C9F-ED71-4C77-A4E7-CF7D5A77419C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {BD932F3F-F960-4A3B-9146-CBF0CEA98DCF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {C21528CB-8193-47C7-A21F-64C9F317D0C2} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe
Task: {C71A9BB8-F2FC-460A-92F8-10CB9CF6954D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C7C7393C-4D2D-4359-9920-EC35D89E8143} - System32\Tasks\Avira System Speedup Tray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2016-08-18] (Avira Operations GmbH & Co. KG)
Task: {CA58EC51-4051-4FD1-9F64-02DB8C292240} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-06-15] (HP Inc.)
Task: {DF31084A-F0BF-473E-A826-E5F32B090670} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {E627355A-F73B-4AF5-B3E1-3426007C6138} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForhochs.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-07 14:18 - 2016-06-03 05:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-18 07:41 - 2016-03-18 07:41 - 00248840 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2016-08-25 18:26 - 2016-08-25 18:26 - 06086744 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2016-08-21 14:38 - 2016-08-21 14:38 - 01277688 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2016-07-04 04:16 - 2016-07-04 04:16 - 00287256 _____ () C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
2016-07-04 07:01 - 2016-07-04 07:01 - 00287256 _____ () C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-27 13:45 - 2016-03-09 17:18 - 00025088 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2016-05-27 13:45 - 2016-03-09 17:18 - 02513920 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2016-05-27 13:45 - 2016-03-09 17:18 - 02436096 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-12-21 11:25 - 2013-12-21 11:25 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 11:26 - 2013-12-21 11:26 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 00030720 _____ () C:\WINDOWS\SYSTEM32\MediaDB64.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 00908800 _____ () C:\WINDOWS\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00016896 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00049152 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00058880 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00299520 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2016-05-27 13:45 - 2016-03-09 17:18 - 00049664 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2016-08-20 08:45 - 2016-09-04 06:11 - 00669696 _____ () C:\Windows\Temp\sqlite-3.7.151-amd64-sqlitejdbc.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-07 14:31 - 2016-08-07 14:31 - 00959168 _____ () C:\Users\hochs\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-09-01 00:26 - 2013-04-07 14:37 - 00081920 _____ () C:\Program Files (x86)\TraXEx\Integration\CppShellExtContextMenuHandler.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2016-07-23 05:39 - 2016-07-23 05:39 - 03525431 _____ () C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll
2016-08-30 18:28 - 2016-08-30 18:28 - 01249792 _____ () C:\Users\hochs\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\ContextMenu.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 13:43 - 2016-08-24 03:38 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 13:43 - 2016-09-01 02:26 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-01 02:29 - 2016-08-20 06:54 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-16 13:43 - 2016-09-01 02:26 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-01 02:29 - 2016-08-20 06:54 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-01 02:29 - 2016-08-20 06:56 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-09-25 03:04 - 2013-09-25 03:04 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-25 03:01 - 2013-09-25 03:01 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-25 03:08 - 2013-09-25 03:08 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2016-08-21 14:28 - 2016-08-21 14:28 - 00586352 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2016-06-09 10:27 - 2016-06-09 10:27 - 04535192 _____ () C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe
2016-08-21 15:11 - 2016-08-21 15:11 - 04657312 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2016-08-21 14:37 - 2016-08-21 14:37 - 01516920 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
2016-08-11 14:29 - 2016-08-11 14:29 - 09729272 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2016-08-27 08:08 - 2016-07-01 09:02 - 00257872 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe
2010-12-23 12:06 - 2010-12-23 12:06 - 00028672 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\cx_Logging.pyd
2012-10-27 16:21 - 2012-10-27 16:21 - 00098816 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32api.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00110080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pywintypes27.dll
2012-10-27 16:20 - 2012-10-27 16:20 - 00018432 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32event.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00119808 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32file.pyd
2012-10-27 16:21 - 2012-10-27 16:21 - 00167936 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32gui.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00024064 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32pipe.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00035840 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32process.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00017408 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32profile.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00108544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32security.pyd
2012-10-27 16:21 - 2012-10-27 16:21 - 00022528 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32ts.pyd
2012-10-27 16:22 - 2012-10-27 16:22 - 00364544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pythoncom27.dll
2012-10-27 16:23 - 2012-10-27 16:23 - 00320512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32com.shell.shell.pyd
2014-06-30 17:04 - 2014-06-30 17:04 - 00087552 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ctypes.pyd
2014-06-30 17:04 - 2014-06-30 17:04 - 00715264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_hashlib.pyd
2014-06-30 17:03 - 2014-06-30 17:03 - 00046080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_socket.pyd
2014-06-30 17:04 - 2014-06-30 17:04 - 01160704 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ssl.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00025600 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32cred.pyd
2014-04-14 16:06 - 2014-04-14 16:06 - 00055510 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pacparser._pacparser.pyd
2014-04-14 16:06 - 2014-04-14 16:06 - 00976827 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pacparser.dll
2012-10-27 16:20 - 2012-10-27 16:20 - 00011264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32crypt.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00064512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32net.pyd
2016-05-27 07:02 - 2016-07-22 08:26 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-05-27 07:02 - 2016-07-22 08:24 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-05-27 07:02 - 2016-07-22 08:24 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-05-27 07:02 - 2016-07-22 08:24 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-08-21 15:11 - 2016-08-21 15:11 - 03847320 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\atih_mms_addon.dll
2016-08-03 15:47 - 2016-08-03 15:47 - 00685488 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sqlite3.dll
2016-08-21 15:05 - 2016-08-21 15:05 - 20655296 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2016-08-21 14:27 - 2016-08-21 14:27 - 00391088 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2016-07-23 17:15 - 2016-07-23 17:15 - 00129968 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2016-08-11 14:14 - 2016-08-11 14:14 - 00248752 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll
2016-06-14 17:24 - 2016-06-14 17:24 - 00444336 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2016-06-22 09:16 - 2016-06-22 09:16 - 00115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\expat.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-10-22 09:48 - 2013-10-22 09:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 16:38 - 2013-04-19 16:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-10-25 19:49 - 2013-10-25 19:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01041208 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 00244536 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00048400 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_date_time-vc90-mt-1_39.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00049424 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_thread-vc90-mt-1_39.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00068504 _____ () C:\Program Files (x86)\Audials\Audials 2016\CrashRpt.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00618256 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_regex-vc90-mt-1_39.dll
2016-06-09 10:28 - 2016-06-09 10:28 - 00544152 _____ () C:\Program Files (x86)\Audials\Audials 2016\StreamingClient.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00016144 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_system-vc90-mt-1_39.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00340992 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Utils\253112fb994d35639dccd8cfd4d8ea44\Utils.ni.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00549888 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ManagedInterfaces\c2038fe4c76d7c29e7c8c678ce57ce9b\ManagedInterfaces.ni.dll
2016-08-14 01:26 - 2016-08-14 01:26 - 04721664 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\AudialsComponents\0cbf997999fb8e51109670cf37d0e1f5\AudialsComponents.ni.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00774144 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\RSControls\310fef0d63d899fee88ad0282663d230\RSControls.ni.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00177664 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\fastJSON\63dae86ea47483367bae63c22fd55c56\fastJSON.ni.dll
2016-08-08 16:59 - 2016-08-08 16:59 - 00062464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CrashHandlerNET\a68af5e6e5d69b9e255d6b41d82c7688\CrashHandlerNET.ni.dll
2016-06-09 10:27 - 2016-06-09 10:27 - 00040856 _____ () C:\Program Files (x86)\Audials\Audials 2016\CrashHandlerNET.dll
2016-07-11 12:34 - 2016-07-11 12:34 - 20925320 _____ () C:\Program Files (x86)\CounterPath\Bria 4\CPCLR.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00016896 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_system-vc110-mt-1_58.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00047616 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_signals-vc110-mt-1_58.dll
2016-07-11 12:13 - 2016-07-11 12:13 - 11112904 _____ () C:\Program Files (x86)\CounterPath\Bria 4\CPCAPI2_SharedLibrary.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00084480 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_thread-vc110-mt-1_58.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00633856 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_regex-vc110-mt-1_58.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00104960 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_filesystem-vc110-mt-1_58.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00041984 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_date_time-vc110-mt-1_58.dll
2015-07-03 16:43 - 2015-07-03 16:43 - 00025600 _____ () C:\Program Files (x86)\CounterPath\Bria 4\boost_chrono-vc110-mt-1_58.dll
2016-07-11 12:13 - 2016-07-11 12:13 - 00199168 _____ () C:\Program Files (x86)\CounterPath\Bria 4\G729AsDLL.dll
2016-03-11 10:54 - 2016-03-11 10:54 - 01006080 _____ () C:\Program Files (x86)\CounterPath\Bria 4\CefSharp.Core.dll
2016-03-11 10:54 - 2016-03-11 10:54 - 53437440 _____ () C:\Program Files (x86)\CounterPath\Bria 4\libcef.dll
2016-08-18 18:24 - 2016-08-18 18:24 - 01942016 _____ () C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\ffmpeg.dll
2016-08-18 18:24 - 2016-08-18 18:24 - 02196480 _____ () C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\libglesv2.dll
2016-08-18 18:24 - 2016-08-18 18:24 - 00080384 _____ () C:\Users\hochs\AppData\Local\yahoomessenger\app-0.8.267\libegl.dll
2016-09-02 03:29 - 2016-07-26 14:26 - 00796160 _____ () C:\Program Files (x86)\Sticky Password\DLLs\unicodedata.pyd
2016-09-02 03:29 - 2016-07-26 14:26 - 00231936 _____ () C:\Program Files (x86)\Sticky Password\DLLs\pyexpat.pyd
2016-03-11 10:54 - 2016-03-11 10:54 - 00683520 _____ () C:\Program Files (x86)\CounterPath\Bria 4\CefSharp.BrowserSubprocess.Core.dll
2016-03-11 10:54 - 2016-03-11 10:54 - 01976832 _____ () C:\Program Files (x86)\CounterPath\Bria 4\libglesv2.dll
2016-03-11 10:54 - 2016-03-11 10:54 - 00075264 _____ () C:\Program Files (x86)\CounterPath\Bria 4\libegl.dll
2016-08-21 14:27 - 2016-08-21 14:27 - 06068656 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_resources.dll
2016-08-21 14:27 - 2016-08-21 14:27 - 00049072 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2016-08-14 15:18 - 2015-04-28 15:22 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-08-14 15:18 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-09-04 06:12 - 2015-03-27 18:24 - 38713856 _____ () C:\Program Files (x86)\Paltalk Messenger\libcef.dll
2016-09-04 06:12 - 2016-06-02 00:06 - 02226688 _____ () C:\Program Files (x86)\Paltalk Messenger\Images.dll
2016-06-22 11:27 - 2016-06-22 11:27 - 00217008 _____ () C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\pcs_io.dll
2016-03-09 10:28 - 2016-03-09 10:28 - 00042416 _____ () C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\winpthreads4.dll
2016-07-02 21:30 - 2016-07-02 21:30 - 00376240 _____ () C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\archive3.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe:BDU [0]
AlternateDataStreams: C:\ProgramData\TEMP:D31D1159 [148]
AlternateDataStreams: C:\Users\hochs\Desktop\tdsskiller.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7914 mehr Seiten.

IE trusted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7914 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-08-28 14:02 - 2016-09-01 13:10 - 00000021 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2615813048-3284018108-3599952075-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2615813048-3284018108-3599952075-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{71BC129C-DD6F-4727-8E33-B3F72F789FCF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2BCDD67C-3F96-40D2-AFFB-3D4D9DF92F3E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DF06A1D3-2D4E-4328-B0BE-E39765116DF0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{454DE9C3-1D7E-400B-A792-9A6FE6AD393C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5EB3A212-D803-4E22-8BC4-7058DDEEE41A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8DEAC3A1-4C3F-49E3-9654-480C27A8EDB8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{9B54A4BA-29F0-4D56-A69B-F6FF9815D1B9}C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{B5793EA5-DBFC-4121-94ED-5B37D9317901}C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{0D14957E-832B-4B7F-951A-325AC2201CFB}C:\users\hochs\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\hochs\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [UDP Query User{2E41912B-61BE-48DA-BEC3-A6F2C68BF9EE}C:\users\hochs\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\hochs\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [TCP Query User{678E119B-A233-45E6-A725-A6A33BD246DB}C:\program files\samsung\samsung link\samsung link tray agent.exe] => (Allow) C:\program files\samsung\samsung link\samsung link tray agent.exe
FirewallRules: [UDP Query User{C1310BC5-F429-4A87-B7EC-1BF81C20A04C}C:\program files\samsung\samsung link\samsung link tray agent.exe] => (Allow) C:\program files\samsung\samsung link\samsung link tray agent.exe
FirewallRules: [TCP Query User{69256106-0642-4C68-B603-E70390ACE657}C:\program files (x86)\counterpath\bria 4\bria4.exe] => (Allow) C:\program files (x86)\counterpath\bria 4\bria4.exe
FirewallRules: [UDP Query User{AC30E9FC-FB28-422C-ACCA-7E3E7F7D175B}C:\program files (x86)\counterpath\bria 4\bria4.exe] => (Allow) C:\program files (x86)\counterpath\bria 4\bria4.exe
FirewallRules: [{889938CA-6E77-4AE4-8E54-7FE28D2E4CE2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
FirewallRules: [{58C0D146-0CFC-4BB0-9B67-BFACDE543F6B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
FirewallRules: [{DAAD7992-B9D3-4CB9-80EA-52D898804520}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{60C076A3-7850-449E-A412-01F75CA482E7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{8DA3ED20-46F5-4DA2-9DA6-8DE5201190DB}] => (Allow) LPort=1688
FirewallRules: [{3FA5C158-EB01-4D72-856C-723D882B8DF8}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe
FirewallRules: [{FF620410-5524-49C5-B096-CD8632AF202E}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe
FirewallRules: [TCP Query User{511025B3-0383-4480-A08C-F1CDCA5F588A}C:\program files (x86)\counterpath\bria 4\bria4.exe] => (Allow) C:\program files (x86)\counterpath\bria 4\bria4.exe
FirewallRules: [UDP Query User{B2CE4AA4-3E6C-4889-9B4F-431DC70C8A99}C:\program files (x86)\counterpath\bria 4\bria4.exe] => (Allow) C:\program files (x86)\counterpath\bria 4\bria4.exe
FirewallRules: [TCP Query User{88F2C063-DC0A-4E23-A3B0-5812D4D955F6}C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{8143A44A-CF79-4B7F-A40C-5D6B5250DB27}C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{47104632-9649-476B-9B46-E0C08B74F7FD}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [UDP Query User{6890CE15-6432-4588-9536-B2BDF4ACF54A}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [TCP Query User{E5D59600-8DE6-4481-80D4-DD74592385F5}D:\candiload\load.exe] => (Allow) D:\candiload\load.exe
FirewallRules: [UDP Query User{0FFC06CE-8CD4-41A5-9FC7-4EB39B68694D}D:\candiload\load.exe] => (Allow) D:\candiload\load.exe
FirewallRules: [TCP Query User{02FADEE2-2C87-475E-B663-491838DD6E34}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [UDP Query User{F3779F9F-F43E-4D27-BB13-A5920D03C3FF}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [{CDD20C47-B894-413A-8455-185D51FA810D}] => (Allow) C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\\openvpn\bin\openvpn.exe
FirewallRules: [{1277B574-7D5C-41CF-9C14-BB5A5840FE29}] => (Allow) C:\Users\admin\AppData\Roaming\Disconnect\Disconnect Desktop\\openvpn\bin\openvpnserv.exe

==================== Wiederherstellungspunkte =========================

04-09-2016 13:27:14 Windows Update
07-09-2016 02:48:44 sicherung-07-09-2016

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Killer Wireless-N 1202 Network Adapter
Description: Killer Wireless-N 1202 Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/08/2016 09:13:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (09/08/2016 09:12:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (09/08/2016 09:12:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (09/08/2016 09:11:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (09/08/2016 09:11:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (09/08/2016 09:11:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (09/08/2016 09:10:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (09/08/2016 09:09:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (09/08/2016 09:09:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.

Error: (09/08/2016 09:08:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Wu6H89XZO6xCI9qvE4wJQA==._http._tcp.local. port 58082.


Systemfehler:
=============
Error: (09/08/2016 09:06:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/08/2016 09:06:47 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/08/2016 09:06:47 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/08/2016 09:06:40 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (09/08/2016 09:06:40 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (09/08/2016 09:06:39 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "HomeGroupListener" wurde mit dem folgenden dienstspezifischen Fehler beendet: 
%%2147944153 = In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.

Error: (09/08/2016 09:05:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GBIJB17)
Description: Der Server "{53362C64-A296-4F2D-A2F8-FD984D08340B}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/08/2016 09:05:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GBIJB17)
Description: Der Server "{53362C64-A296-4F2D-A2F8-FD984D08340B}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/08/2016 08:36:21 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/08/2016 08:36:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 11%
Installierter physikalischer RAM: 32717.54 MB
Verfügbarer physikalischer RAM: 29075.79 MB
Summe virtueller Speicher: 32917.54 MB
Verfügbarer virtueller Speicher: 28039.66 MB

==================== Laufwerke ================================

Drive c: (Windows 10 ) (Fixed) (Total:380.77 GB) (Free:213.24 GB) NTFS
Drive d: () (Fixed) (Total:931.39 GB) (Free:101.48 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: 5B98F280)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 10.09.2016, 11:45   #14
Deathkid535
/// Malwareteam
 
Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus - Standard

Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus



Hi,

Schritt # 1: ESET


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt # 2: Bitte Posten
  • Das Log von ESET

Antwort

Themen zu Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus
adobe, avast, bonjour, computer, converter, defender, downloader, explorer, firefox, flash player, free download, homepage, installation, internet, karte, keylogger, malware, mozilla, officejet, prozesse, realtek, registry, safer networking, scan, svchost.exe, system, trojaner, virus, windows, windows 10, wlan



Ähnliche Themen: Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus


  1. Vermutung auf Viren oder Windows 10 beschädigt!
    Plagegeister aller Art und deren Bekämpfung - 28.08.2016 (15)
  2. Vermutung an Trojaner oder Virus
    Plagegeister aller Art und deren Bekämpfung - 09.02.2016 (61)
  3. Magento-Lücke: Angreifer können gezielt Kreditkarten-Daten abgreifen
    Nachrichten - 26.06.2015 (0)
  4. Virus oder Trojaner eingefangen?Private Daten verschwunden...
    Plagegeister aller Art und deren Bekämpfung - 23.10.2014 (3)
  5. Daten von 800.000 Telefonkunden in Frankreich gestohlen
    Nachrichten - 03.02.2014 (0)
  6. Geklaute Kreditkarten Daten
    Log-Analyse und Auswertung - 27.01.2014 (5)
  7. protocolmindm Website infiziert → PC oder Mac kompromittiert (FTP Daten gestohlen)
    Plagegeister aller Art und deren Bekämpfung - 22.04.2013 (2)
  8. Links auf Antiviren Seiten werden mit Google 404 abgefangen, Online Banking Daten "gestohlen"
    Plagegeister aller Art und deren Bekämpfung - 04.07.2012 (2)
  9. Windows Security-Drohung - Zahlung innerhalb 24 Stunden oder Platte wird gelöscht
    Plagegeister aller Art und deren Bekämpfung - 07.02.2012 (63)
  10. Geheime Daten bei Japans Raumfahrtagentur gestohlen
    Nachrichten - 15.01.2012 (0)
  11. Logfiles (Vermutung Botnetzwerk oder ähnliches)
    Log-Analyse und Auswertung - 28.08.2011 (3)
  12. Daten von über einer Million Kunden bei Neckermann.de gestohlen
    Nachrichten - 31.05.2011 (0)
  13. Angriff auf Playstation Network: Persönliche Daten von Millionen Kunden gestohlen
    Nachrichten - 27.04.2011 (0)
  14. PSN-Hack: Persönliche Daten von Millionen Kunden gestohlen
    Nachrichten - 27.04.2011 (0)
  15. meinen Flyff Daten wurden gestohlen !
    Plagegeister aller Art und deren Bekämpfung - 18.11.2009 (2)
  16. [Vermutung] Immernoch Trojaner und/oder Malware
    Plagegeister aller Art und deren Bekämpfung - 15.12.2008 (1)

Zum Thema Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus - Hallo zusammen ich habe den Verdacht, dass ich von einem Trojaner/Virus/Malware befallen bin. Der Computer reagiert allerdings normal, bei allen Aktivitäten. Auch ist mein Computer nicht langsamer geworden, ausser bei - Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus...
Archiv
Du betrachtest: Kreditkarten Daten innerhalb kürzester Zeit 2x gestohlen / Vermutung Trojaner oder Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.