Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: s4400.exe im Autostart gefunden

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 21.01.2017, 23:37   #1
Chris1910
 
s4400.exe im Autostart gefunden - Standard

s4400.exe im Autostart gefunden



Hallo,
bin eher zufällig in der Windows Problembehandlung auf s4400.exe gestoßen, da sie im Autostart liegt. Nach kurzer Recherche scheint dies wohl nichts seriöses zu sein. Irgendwelche Symptome sind mir eigentlich nicht aufgefallen, außer das Firefox etwas lahm beim Start ist. Neben FRST habe ich auch ein Scan mit dem ESET Online Scanner durchgeführt. In diesen logs taucht u.a. auch s4400.exe. auf. Logs musste ich leider anhängen, da sie zu groß sind. Avast hat leider nichts gefunden. Ich freue mich über jede Unterstützung und evtl.Tipps für einen besseren Schutz!

FRST.txt:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-01-2017
durchgeführt von Christian (Administrator) auf CHRISTIANS (21-01-2017 21:37:46)
Gestartet von C:\Users\Christian\Downloads
Geladene Profile: Christian (Verfügbare Profile: Christian & Chris)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark 3300 Series\lxccmon.exe
(Lexmark International Inc.) C:\Program Files (x86)\Lexmark 3300 Series\ezprint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe
() C:\Users\Christian\AppData\Roaming\Browser-Security\s4400.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
( ) C:\Windows\System32\lxcccoms.exe
() C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Geek Software GmbH) C:\Program Files (x86)\pdf24\pdf24.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-07-22] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-11] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-29] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2010-03-27] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [LXCCCATS] => rundll32 C:\Windows\system32\spool\DRIVERS\x64\3\LXCCtime.dll,RunDLLEntry
HKLM\...\Run: [lxccmon.exe] => C:\Program Files (x86)\Lexmark 3300 Series\lxccmon.exe [205744 2007-05-11] (Lexmark International, Inc.)
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark 3300 Series\ezprint.exe [103344 2007-05-11] (Lexmark International Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-25] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-29] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-11-12] (Acer Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2017-01-04] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\pdf24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\Run: [safe_urls4400] => C:\Users\Christian\AppData\Roaming\Browser-Security\s4400.exe [2548944 2016-04-13] ()
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\MountPoints2: G - G:\laucher.exe
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\MountPoints2: H - H:\laucher.exe
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\MountPoints2: {0db01714-473d-11e0-8913-00262d99e8fd} - G:\laucher.exe
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\MountPoints2: {8faacd50-39a9-11df-90b2-806e6f6e6963} - D:\index.exe
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [438272 2009-07-08] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-01-04] (AVAST Software)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-11] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-09-11] (Egis Technology Inc.)
GroupPolicy: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{90C2A999-56B9-4318-8ACA-7CE488E4188D}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_17&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0FtDyB0B0C0ByEyCtByC0B0A0EyCyE0EtN0D0Tzu0StCyDzztBtN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDyBtDyEtB0D0B0CtGtB0EyCyBtG0EtDzz0CtGtD0CyB0DtG0E0ByDyByEtBzz0A0ByC0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyDzzyCtA0ByE0FtGyE0AyDzztGyEyB0C0BtGzz0C0DtAtGtB0B0DtAtCzzyD0EyDyDtA0E2QtN0A0LzuyE%26cr%3D527851893%26a%3Dwncy_ir_16_17%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_17&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0FtDyB0B0C0ByEyCtByC0B0A0EyCyE0EtN0D0Tzu0StCyDzztBtN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDyBtDyEtB0D0B0CtGtB0EyCyBtG0EtDzz0CtGtD0CyB0DtG0E0ByDyByEtBzz0A0ByC0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyDzzyCtA0ByE0FtGyE0AyDzztGyEyB0C0BtGzz0C0DtAtGtB0B0DtAtCzzyD0EyDyDtA0E2QtN0A0LzuyE%26cr%3D527851893%26a%3Dwncy_ir_16_17%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_17&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0FtDyB0B0C0ByEyCtByC0B0A0EyCyE0EtN0D0Tzu0StCyDzztBtN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDyBtDyEtB0D0B0CtGtB0EyCyBtG0EtDzz0CtGtD0CyB0DtG0E0ByDyByEtBzz0A0ByC0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyDzzyCtA0ByE0FtGyE0AyDzztGyEyB0C0BtGzz0C0DtAtGtB0B0DtAtCzzyD0EyDyDtA0E2QtN0A0LzuyE%26cr%3D527851893%26a%3Dwncy_ir_16_17%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3681001805-2050292409-840652081-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_17&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0FtDyB0B0C0ByEyCtByC0B0A0EyCyE0EtN0D0Tzu0StCyDzztBtN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDyBtDyEtB0D0B0CtGtB0EyCyBtG0EtDzz0CtGtD0CyB0DtG0E0ByDyByEtBzz0A0ByC0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyDzzyCtA0ByE0FtGyE0AyDzztGyEyB0C0BtGzz0C0DtAtGtB0B0DtAtCzzyD0EyDyDtA0E2QtN0A0LzuyE%26cr%3D527851893%26a%3Dwncy_ir_16_17%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3681001805-2050292409-840652081-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE375
SearchScopes: HKU\S-1-5-21-3681001805-2050292409-840652081-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3681001805-2050292409-840652081-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_17&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0FtDyB0B0C0ByEyCtByC0B0A0EyCyE0EtN0D0Tzu0StCyDzztBtN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDyBtDyEtB0D0B0CtGtB0EyCyBtG0EtDzz0CtGtD0CyB0DtG0E0ByDyByEtBzz0A0ByC0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyDzzyCtA0ByE0FtGyE0AyDzztGyEyB0C0BtGzz0C0DtAtGtB0B0DtAtCzzyD0EyDyDtA0E2QtN0A0LzuyE%26cr%3D527851893%26a%3Dwncy_ir_16_17%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO-x32: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-01-04] (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Keine Datei
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-3681001805-2050292409-840652081-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-3681001805-2050292409-840652081-1000 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default [2017-01-21]
FF user.js: detected! => C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default\user.js [2016-05-01]
FF NewTab: Mozilla\Firefox\Profiles\ocnhs87e.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\ocnhs87e.default -> Search Provided by Yahoo
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\ocnhs87e.default -> Search Provided by Yahoo
FF Homepage: Mozilla\Firefox\Profiles\ocnhs87e.default -> www.google.com
FF Extension: (Browser-Security) - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default\Extensions\firefox@browser-security.de.xpi [2016-09-21]
FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-04-15] [ist nicht signiert]
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default\searchplugins\bing-avast.xml [2014-06-11]
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default\searchplugins\google-images.xml [2014-11-10]
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default\searchplugins\google-maps.xml [2014-11-10]
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default\searchplugins\Search Provided by Yahoo.xml [2016-05-01]
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default\searchplugins\youtube.xml [2016-01-11]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-11-19] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-11-19] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-07]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-01-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-12-27] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-03-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-03-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-03-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-03-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-03-04] (Apple Inc.)

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2017-01-04] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2017-01-04] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2012-09-18] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2012-09-18] (BlueStack Systems, Inc.)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [1283376 2017-01-09] ()
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 lxcc_device; C:\Windows\system32\lxcccoms.exe [566704 2007-03-26] ( )
R2 lxcc_device; C:\Windows\SysWOW64\lxcccoms.exe [537520 2007-03-26] ( )
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 NMSAccess; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [125512 2010-12-01] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [125512 2010-12-01] (SlySoft, Inc.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2017-01-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2017-01-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2017-01-04] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [28312 2016-05-18] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [453192 2017-01-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2017-01-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2017-01-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2017-01-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2017-01-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2017-01-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2017-01-04] (AVAST Software)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2012-09-18] (BlueStack Systems)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-03-29] (DT Soft Ltd)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5504 2009-11-12] () [Datei ist nicht signiert]
S3 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2010-11-21] () [Datei ist nicht signiert]
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl [146928 2009-11-12] (CyberLink Corp.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-21 21:37 - 2017-01-21 21:37 - 00000000 ____D C:\Users\Christian\Downloads\FRST-OlderVersion
2017-01-19 15:20 - 2017-01-19 15:20 - 00000974 _____ C:\Users\Public\Desktop\Pixum Fotoimporter.lnk
2017-01-19 15:20 - 2017-01-19 15:20 - 00000959 _____ C:\Users\Public\Desktop\Pixum Fotoschau.lnk
2017-01-19 15:20 - 2017-01-19 15:20 - 00000954 _____ C:\Users\Public\Desktop\Pixum Fotowelt.lnk
2017-01-19 15:20 - 2017-01-19 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixum Fotowelt
2017-01-19 15:12 - 2017-01-19 15:12 - 00000000 ____D C:\Program Files\Pixum
2017-01-19 15:09 - 2017-01-19 15:09 - 01629912 _____ C:\Users\Christian\Downloads\setup_Pixum_Fotowelt.exe
2017-01-14 14:29 - 2017-01-14 14:29 - 00038650 _____ C:\Users\Christian\Desktop\Addition_1.txt
2017-01-14 14:26 - 2017-01-14 14:26 - 00061076 _____ C:\Users\Christian\Desktop\FRST_1.txt
2017-01-14 14:16 - 2017-01-14 14:18 - 00038647 _____ C:\Users\Christian\Downloads\Addition.txt
2017-01-14 14:11 - 2017-01-21 21:42 - 00030378 _____ C:\Users\Christian\Downloads\FRST.txt
2017-01-14 14:11 - 2017-01-21 21:37 - 02419712 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2017-01-14 14:11 - 2017-01-21 21:37 - 00000000 ____D C:\FRST
2017-01-14 10:05 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-01-14 10:05 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-01-14 10:05 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-01-14 10:05 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-01-14 10:05 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-01-14 10:05 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-01-14 10:05 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-01-14 10:05 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-01-14 10:05 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-01-14 10:05 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-01-14 10:05 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-01-14 10:05 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-01-14 10:05 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-01-14 10:05 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-01-14 10:05 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-01-14 10:05 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-01-14 10:05 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-01-14 10:05 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-01-14 10:05 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-01-14 10:05 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-01-14 10:05 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-01-14 10:05 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-01-14 10:05 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-01-14 10:05 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-01-14 10:05 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-01-14 10:05 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-01-14 10:05 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-01-14 10:05 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-01-14 10:05 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-01-14 10:05 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-01-14 10:05 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-01-14 10:05 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-01-14 10:05 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-01-14 10:05 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-01-14 10:05 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-01-14 10:05 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-01-14 10:05 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-01-14 10:05 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-01-14 10:05 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-01-14 10:05 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-01-14 10:05 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-01-14 10:05 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-01-14 10:05 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-01-14 10:05 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-01-14 10:05 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-01-14 10:05 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-01-14 10:05 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-01-14 10:05 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-01-14 10:05 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-01-14 10:05 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-01-14 10:05 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-01-14 10:05 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-01-14 10:05 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-01-14 10:05 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-01-14 10:05 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-01-14 10:05 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-01-14 10:05 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-01-14 10:05 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-01-14 10:05 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-01-14 10:05 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-01-14 10:05 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-01-14 10:05 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-01-14 10:05 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-01-14 10:05 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-01-14 10:05 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-01-14 10:05 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-01-14 10:05 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-01-14 10:05 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2017-01-14 10:05 - 2016-09-12 20:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-01-14 10:05 - 2016-09-12 19:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-01-14 10:05 - 2016-09-12 19:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-01-14 10:05 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-01-14 10:05 - 2016-08-12 18:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-01-14 10:05 - 2016-08-12 17:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-01-14 10:05 - 2016-06-14 18:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-01-14 10:04 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2017-01-14 10:04 - 2016-06-14 18:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2017-01-14 10:04 - 2016-06-14 16:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-01-14 08:33 - 2017-01-05 19:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-14 08:33 - 2017-01-05 19:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-14 08:33 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-01-14 08:33 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2017-01-14 08:33 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-01-14 08:33 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-01-14 08:33 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-01-14 08:33 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-01-14 08:33 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-01-14 08:33 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-01-14 08:33 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2017-01-14 08:33 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-01-14 08:33 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-01-14 08:33 - 2016-08-12 17:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2017-01-14 08:33 - 2016-08-06 16:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-01-14 08:33 - 2016-08-06 16:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-01-14 08:33 - 2016-06-14 18:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-01-14 08:33 - 2016-06-14 18:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2017-01-14 08:33 - 2016-06-14 18:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2017-01-14 08:33 - 2016-06-14 16:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-01-14 08:33 - 2016-06-14 16:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2017-01-14 08:33 - 2016-06-14 16:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2017-01-14 08:33 - 2016-06-14 16:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2017-01-14 08:32 - 2017-01-05 19:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-14 08:32 - 2017-01-05 19:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-14 08:32 - 2017-01-05 19:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-01-14 08:32 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-01-14 08:32 - 2017-01-05 18:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-14 08:32 - 2017-01-05 18:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-14 08:32 - 2017-01-05 18:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-14 08:32 - 2017-01-05 18:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-14 08:32 - 2017-01-05 18:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-14 08:32 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-01-14 08:32 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-01-14 08:32 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2017-01-14 08:32 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2017-01-14 08:32 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-01-14 08:32 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-01-14 08:32 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-01-14 08:32 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-01-14 08:32 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-01-14 08:32 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2017-01-14 08:32 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-01-14 08:32 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2017-01-14 08:32 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-01-14 08:32 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2017-01-14 08:32 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-01-14 08:32 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-01-14 08:32 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2017-01-14 08:32 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2017-01-14 08:32 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-01-14 08:32 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2017-01-14 08:32 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2017-01-14 08:32 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-01-14 08:32 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-01-14 08:32 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-01-14 08:32 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-01-14 08:32 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-01-14 08:32 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-01-14 08:32 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-01-14 08:32 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-01-14 08:32 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-01-14 08:32 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-01-14 08:32 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-01-14 08:32 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-01-14 08:32 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-01-14 08:32 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-01-14 08:32 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-01-14 08:32 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-01-14 08:32 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-01-14 08:32 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-01-14 08:32 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-01-14 08:32 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-01-14 08:32 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-01-14 08:32 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-01-14 08:32 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-01-14 08:32 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-01-14 08:32 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2017-01-14 08:32 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-01-14 08:32 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-01-14 08:32 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-01-14 08:32 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2017-01-14 08:32 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2017-01-14 08:32 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2017-01-14 08:32 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2017-01-14 08:32 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2017-01-14 08:32 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2017-01-14 08:32 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2017-01-14 08:32 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2017-01-14 08:32 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2017-01-14 08:32 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2017-01-14 08:32 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2017-01-14 08:32 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2017-01-14 08:32 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2017-01-14 08:32 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2017-01-14 08:32 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2017-01-14 08:32 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2017-01-14 08:32 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2017-01-14 08:32 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2017-01-14 08:32 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2017-01-14 08:32 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2017-01-14 08:32 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-01-14 08:32 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-01-14 08:32 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-01-14 08:32 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-01-14 08:32 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-01-14 08:32 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-01-14 08:32 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-01-14 08:32 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-01-14 08:32 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-01-14 08:32 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-01-14 08:32 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-01-14 08:32 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2017-01-14 08:32 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2017-01-14 08:32 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2017-01-14 08:32 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2017-01-14 08:32 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-01-14 08:32 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-01-14 08:32 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-01-14 08:32 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-01-14 08:32 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2017-01-14 08:32 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-01-14 08:32 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-01-14 08:32 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-01-14 08:32 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-01-14 08:32 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-01-14 08:32 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-01-14 08:32 - 2016-09-12 22:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2017-01-14 08:32 - 2016-09-12 21:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2017-01-14 08:32 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-01-14 08:32 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-01-14 08:32 - 2016-09-08 21:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2017-01-14 08:32 - 2016-09-08 21:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2017-01-14 08:32 - 2016-09-08 21:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2017-01-14 08:32 - 2016-09-08 21:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2017-01-14 08:32 - 2016-09-08 15:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2017-01-14 08:32 - 2016-09-08 15:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-01-14 08:32 - 2016-08-12 18:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-01-14 08:32 - 2016-08-12 18:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-01-14 08:32 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-01-14 08:32 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-01-14 08:32 - 2016-08-12 17:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-01-14 08:32 - 2016-08-12 17:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-01-14 08:32 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-01-14 08:32 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-01-14 08:32 - 2016-08-06 16:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-01-14 08:32 - 2016-08-06 16:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2017-01-14 08:32 - 2016-08-06 16:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2017-01-14 08:32 - 2016-08-06 16:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2017-01-14 08:32 - 2016-08-06 16:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2017-01-14 08:32 - 2016-08-06 16:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2017-01-14 08:32 - 2016-08-06 16:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2017-01-14 08:32 - 2016-08-06 16:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2017-01-14 08:32 - 2016-08-06 16:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2017-01-14 08:32 - 2016-08-06 16:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2017-01-14 08:32 - 2016-08-06 16:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2017-01-14 08:32 - 2016-08-06 15:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2017-01-14 08:32 - 2016-08-06 15:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2017-01-14 08:32 - 2016-08-06 15:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2017-01-14 08:32 - 2016-06-14 18:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-01-14 08:32 - 2016-06-14 18:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-01-14 08:32 - 2016-06-14 18:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2017-01-14 08:32 - 2016-06-14 16:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-01-14 08:32 - 2016-06-14 16:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-01-14 08:32 - 2016-06-14 16:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-01-14 08:32 - 2016-06-14 16:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-01-14 08:32 - 2016-06-14 16:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-01-14 08:32 - 2016-06-14 16:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-01-14 08:32 - 2016-06-14 16:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2017-01-14 08:32 - 2016-06-14 16:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2017-01-14 08:31 - 2016-08-12 17:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-01-14 08:31 - 2016-08-12 17:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-01-14 08:31 - 2016-08-12 17:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-01-14 08:24 - 2016-07-22 15:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-01-14 08:24 - 2016-07-22 15:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-01-14 01:15 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2017-01-14 01:15 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2017-01-14 01:15 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2017-01-14 01:15 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2017-01-14 01:15 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-01-14 01:15 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-01-14 01:15 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2017-01-14 01:15 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2017-01-14 01:15 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2017-01-14 01:03 - 2012-08-21 22:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2017-01-14 00:30 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2017-01-14 00:30 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2017-01-14 00:30 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2017-01-14 00:30 - 2015-12-16 19:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2017-01-14 00:30 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2017-01-14 00:30 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2017-01-14 00:30 - 2015-08-27 19:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-01-14 00:30 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2017-01-14 00:30 - 2015-08-27 18:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-01-14 00:30 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2017-01-13 23:05 - 2017-01-13 23:05 - 00000000 ____D C:\Program Files (x86)\ESET
2017-01-13 23:03 - 2017-01-13 23:04 - 02870984 _____ (ESET) C:\Users\Christian\Downloads\esetsmartinstaller_deu.exe
2017-01-13 21:08 - 2017-01-13 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-01-13 21:07 - 2017-01-13 21:07 - 00000000 ____D C:\Program Files (x86)\ElsterFormular Update Service
2017-01-13 21:01 - 2016-06-26 01:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-01-13 21:01 - 2016-06-26 01:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-01-13 21:01 - 2016-06-26 01:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-01-13 21:01 - 2016-06-26 01:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-01-13 21:01 - 2016-06-25 20:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-01-13 21:01 - 2016-06-25 20:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-01-13 21:01 - 2016-06-25 20:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-01-13 21:01 - 2016-06-25 20:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-01-13 21:01 - 2016-05-11 18:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-01-13 21:01 - 2016-05-11 18:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-01-13 21:01 - 2016-05-11 18:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2017-01-13 21:01 - 2016-05-11 18:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2017-01-13 21:01 - 2016-05-11 16:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-01-13 21:01 - 2016-05-11 16:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-01-13 21:01 - 2016-05-11 16:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2017-01-13 21:01 - 2016-05-11 16:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2017-01-13 21:01 - 2016-05-11 16:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-01-13 21:01 - 2016-05-11 16:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-01-13 21:01 - 2016-05-11 15:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-01-07 17:36 - 2017-01-07 17:36 - 00044952 _____ () C:\Windows\system32\Drivers\staport.sys
2017-01-07 17:36 - 2017-01-04 16:49 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-01-06 22:05 - 2017-01-06 22:06 - 08803648 _____ (Piriform Ltd) C:\Users\Christian\Downloads\ccsetup525.exe
2017-01-06 21:59 - 2017-01-06 21:59 - 00017354 _____ C:\Users\Christian\Desktop\cc_20170106_215918.reg
2017-01-04 16:49 - 2017-01-04 16:49 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-01-04 16:49 - 2017-01-04 16:49 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-01-04 16:49 - 2017-01-04 16:49 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-21 21:36 - 2009-07-14 05:45 - 00025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-21 21:36 - 2009-07-14 05:45 - 00025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-21 21:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-21 21:33 - 2016-11-26 14:27 - 00000000 ____D C:\Users\Christian\AppData\LocalLow\Mozilla
2017-01-21 21:29 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-21 21:06 - 2013-03-21 19:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-20 16:29 - 2011-08-10 07:14 - 00000000 ____D C:\ProgramData\hps
2017-01-20 15:52 - 2011-08-10 07:14 - 00000000 ____D C:\ProgramData\tmp
2017-01-20 15:21 - 2016-01-10 22:07 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-20 15:17 - 2010-03-27 23:58 - 00699666 _____ C:\Windows\system32\perfh007.dat
2017-01-20 15:17 - 2010-03-27 23:58 - 00149774 _____ C:\Windows\system32\perfc007.dat
2017-01-20 15:17 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-19 15:27 - 2010-11-07 18:54 - 00000000 ____D C:\Users\Christian\Documents\Maike
2017-01-19 15:26 - 2013-09-02 18:20 - 01594892 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-01-14 15:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-01-14 14:59 - 2009-07-14 05:45 - 00384000 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-14 14:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-01-14 14:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2017-01-14 14:41 - 2013-08-15 23:19 - 00000000 ____D C:\Windows\system32\MRT
2017-01-14 14:40 - 2010-04-12 21:36 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-14 08:14 - 2010-04-12 16:08 - 00087136 _____ C:\Users\Christian\AppData\Local\GDIPFONTCACHEV1.DAT
2017-01-14 07:39 - 2016-01-11 20:52 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2017-01-14 03:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2017-01-13 23:57 - 2010-04-12 16:31 - 00000000 ____D C:\ProgramData\Skype
2017-01-13 21:11 - 2013-05-23 20:30 - 00000000 ____D C:\ProgramData\elsterformular
2017-01-13 21:08 - 2013-05-23 20:30 - 00001233 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2017-01-13 21:07 - 2013-05-23 20:30 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2017-01-13 21:07 - 2010-04-12 16:08 - 00000000 ____D C:\Users\Christian
2017-01-11 23:04 - 2013-03-21 19:53 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-11 23:04 - 2012-05-05 15:11 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-11 23:04 - 2012-01-06 10:03 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-11 23:04 - 2011-05-25 17:10 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-11 23:04 - 2009-11-05 01:39 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-11 21:22 - 2015-07-29 19:20 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-07 20:42 - 2016-01-11 20:57 - 00003916 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1452542265
2017-01-07 19:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\LiveKernelReports
2017-01-07 17:37 - 2016-01-11 20:53 - 00001886 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2017-01-06 22:07 - 2016-01-26 20:39 - 00000786 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-01-04 16:50 - 2016-01-11 20:52 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-01-04 16:50 - 2016-01-11 20:52 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-01-04 16:50 - 2016-01-11 20:52 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-01-04 16:49 - 2016-02-10 20:30 - 00453192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2017-01-04 16:49 - 2016-01-11 20:55 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-01-04 16:49 - 2016-01-11 20:52 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.148354505579207
2017-01-04 16:49 - 2016-01-11 20:52 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148354505741310
2017-01-04 16:49 - 2016-01-11 20:52 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148354505989512
2017-01-04 16:49 - 2016-01-11 20:52 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-01-04 16:49 - 2016-01-11 20:52 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-01-04 16:49 - 2016-01-11 20:52 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-01-04 16:49 - 2016-01-11 20:52 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-01-04 16:49 - 2016-01-11 20:52 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-01-04 16:32 - 2010-04-12 20:26 - 00000000 ____D C:\Program Files\Lx_cats
2017-01-01 19:01 - 2013-01-03 20:20 - 00000000 ____D C:\Users\Christian\Documents\Haus
2017-01-01 15:35 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-12-15 22:02 - 2013-12-15 22:02 - 49940480 _____ () C:\Program Files (x86)\GUT8B60.tmp
2012-09-29 11:07 - 2012-09-29 11:07 - 4096000 _____ () C:\Program Files (x86)\GUTC4E5.tmp
2009-11-05 04:32 - 2009-02-10 21:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2011-10-22 18:20 - 2011-10-22 18:20 - 0040023 _____ () C:\Users\Christian\AppData\Roaming\UserTile.png
2016-05-02 20:32 - 2016-05-02 20:32 - 0000000 _____ () C:\Users\Christian\AppData\Roaming\wklnhst.dat
2014-11-09 10:02 - 2014-11-09 10:02 - 0000000 ____H () C:\Users\Christian\AppData\Local\BITBC9C.tmp
2014-10-04 12:16 - 2014-10-04 12:16 - 0000000 ____H () C:\Users\Christian\AppData\Local\BITF6E3.tmp
2011-11-12 20:41 - 2012-01-21 21:06 - 0004608 _____ () C:\Users\Christian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-16 11:23 - 2014-08-16 11:23 - 0000000 _____ () C:\Users\Christian\AppData\Local\{7ED8E7B9-4F08-484E-817E-848DD9CDE9F1}
2014-10-04 12:16 - 2014-10-04 12:16 - 0000000 _____ () C:\Users\Christian\AppData\Local\{8858B090-F6C4-46D4-B2C6-029364D62B48}
2014-11-09 10:02 - 2014-11-09 10:02 - 0000000 _____ () C:\Users\Christian\AppData\Local\{97C37D8A-FD78-43E0-A147-B2633B9D913F}
2014-06-19 23:01 - 2014-06-19 23:01 - 0000000 _____ () C:\Users\Christian\AppData\Local\{FC1858E6-211E-4D27-851C-51ECB52E1969}
2011-01-22 20:46 - 2016-01-26 20:28 - 0000040 ___SH () C:\ProgramData\.zreglib
2010-03-27 15:14 - 2010-03-27 15:17 - 0008728 _____ () C:\ProgramData\ArcadeDeluxe3.log
2010-04-12 16:32 - 2010-04-12 16:32 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-11-05 04:33 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2014-04-22 05:07 - 2014-04-22 05:07 - 1133168 _____ () C:\ProgramData\SPL27DA.tmp
2014-06-16 20:27 - 2014-06-16 20:27 - 0352893 _____ () C:\ProgramData\SPL2DD5.tmp
2014-04-25 20:26 - 2014-04-25 20:26 - 0352893 _____ () C:\ProgramData\SPL3766.tmp
2012-09-12 20:16 - 2012-09-12 20:16 - 0198564 _____ () C:\ProgramData\SPL4635.tmp
2013-01-12 13:00 - 2013-01-12 13:00 - 4590864 _____ () C:\ProgramData\SPL4E52.tmp
2010-09-23 19:55 - 2010-09-23 19:55 - 1644156 _____ () C:\ProgramData\SPL5428.tmp
2016-01-19 21:09 - 2016-01-19 21:09 - 7627120 _____ () C:\ProgramData\SPL54CE.tmp
2010-04-15 21:12 - 2010-04-15 21:12 - 3682379 _____ () C:\ProgramData\SPL558F.tmp
2012-05-05 14:45 - 2012-05-05 14:45 - 4171844 _____ () C:\ProgramData\SPL5FC0.tmp
2014-01-12 16:51 - 2014-01-12 16:51 - 2561400 _____ () C:\ProgramData\SPL6E44.tmp
2012-05-05 15:15 - 2012-05-05 15:15 - 3552504 _____ () C:\ProgramData\SPL82C7.tmp
2010-09-15 19:45 - 2010-09-15 19:45 - 7283506 _____ () C:\ProgramData\SPL9039.tmp
2013-08-25 19:02 - 2013-08-25 19:02 - 1453175 _____ () C:\ProgramData\SPL978D.tmp
2012-09-10 20:00 - 2012-09-10 20:00 - 2186048 _____ () C:\ProgramData\SPL9D76.tmp
2014-04-21 19:34 - 2014-04-21 19:34 - 1133168 _____ () C:\ProgramData\SPLA8B1.tmp
2010-09-14 14:30 - 2010-09-14 14:30 - 16796348 _____ () C:\ProgramData\SPLA902.tmp
2010-05-30 21:24 - 2010-05-30 21:24 - 0393499 _____ () C:\ProgramData\SPLC531.tmp
2012-09-12 05:47 - 2012-09-12 05:47 - 4207025 _____ () C:\ProgramData\SPLCC4E.tmp
2014-04-25 20:51 - 2014-04-25 20:51 - 0352893 _____ () C:\ProgramData\SPLD5F3.tmp
2014-11-10 21:24 - 2014-11-10 21:24 - 5370928 _____ () C:\ProgramData\SPLD652.tmp
2012-06-10 12:45 - 2012-06-10 12:45 - 0232612 _____ () C:\ProgramData\SPLE227.tmp
2010-09-26 17:45 - 2010-09-26 17:45 - 3545360 _____ () C:\ProgramData\SPLE5B6.tmp
2010-05-28 06:26 - 2010-05-28 06:26 - 0393499 _____ () C:\ProgramData\SPLF90F.tmp

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-01-14 06:10

==================== Ende von FRST.txt ============================
         
Angehängte Dateien
Dateityp: zip logfiles.zip (28,9 KB, 2x aufgerufen)

Alt 22.01.2017, 01:10   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
s4400.exe im Autostart gefunden - Standard

s4400.exe im Autostart gefunden



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 22.01.2017, 01:10   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
s4400.exe im Autostart gefunden - Standard

s4400.exe im Autostart gefunden



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
__________________

Alt 22.01.2017, 08:07   #4
Chris1910
 
s4400.exe im Autostart gefunden - Standard

s4400.exe im Autostart gefunden



Hallo Cosinus,
sorry, wollte die Arbeit nicht erschweren. Dachte ich hätte die Anleitung korrekt befolgt.

Addition.txt:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-01-2017
durchgeführt von Christian (21-01-2017 21:43:14)
Gestartet von C:\Users\Christian\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2010-04-12 15:08:07)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3681001805-2050292409-840652081-500 - Administrator - Disabled)
Chris (S-1-5-21-3681001805-2050292409-840652081-1056 - Limited - Enabled) => C:\Users\Chris
Christian (S-1-5-21-3681001805-2050292409-840652081-1000 - Administrator - Enabled) => C:\Users\Christian
Gast (S-1-5-21-3681001805-2050292409-840652081-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3681001805-2050292409-840652081-1004 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Avast Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.7112 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7112 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.29 - NewTech Infosystems)
Acer Crystal Eye webcam Ver:1.1.124.1120 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.124.1120 - Chicony Electronics Co.,Ltd.)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.5.0715 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3017 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{DBCE1208-433D-4D3E-A26A-CB1B5E71A8F5}) (Version: 1.4.17.35005 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.4.17.35005 - Alcor Micro Corp.) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 6.7.7.0 - SlySoft)
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{422691F3-3CFA-6607-06D6-CA579E6B35AD}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.28 - Avanquest Software)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Backup Manager Basic (x32 Version: 2.0.0.29 - NewTech Infosystems) Hidden
BlueStacks (HKLM-x32\...\{B760B0E0-B517-4D0A-85C0-016ABDBA4A73}) (Version: 0.7.4.793 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A325B368-A9EC-40EF-A95C-9DEAD3683AE3}) (Version: 12.33.03 - Broadcom Corporation)
Browser-Security (HKLM-x32\...\Browser-Security) (Version: 1.1.2.0 - Vondos Media GmbH) <==== ACHTUNG
ccc-core-static (x32 Version: 2010.0302.2233.40412 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2356 - CDBurnerXP)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.31 - Cliqz.com)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.0.21763 - Landesfinanzdirektion Thüringen)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Express Zip (HKLM-x32\...\ExpressZip) (Version:  - NCH Software)
Free YouTube Download version 3.2.10.812 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.10.812 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.59.505 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.505 - DVDVideoSoft Ltd.)
GIMP 2.6.10 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.10 - The GIMP Team)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google SketchUp 8 (HKLM-x32\...\{4BA6784F-3B10-473A-B9F5-33A36AC354D5}) (Version: 3.0.14358 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPL Ghostscript 9.01 (HKLM-x32\...\GPL Ghostscript 9.01) (Version:  - )
HP Officejet Pro 8610 - Grundlegende Software für das Gerät (HKLM\...\{C1586445-E3CA-45F0-A754-E6C2784CDDB7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Hilfe (HKLM-x32\...\{2466D8D5-4856-4492-BDEF-48A640F58866}) (Version: 32.0.0 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{A38E954F-9043-42BD-9DE9-246ED183791D}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.05 - Acer Inc.)
Lexmark 3300 Series (HKLM\...\Lexmark 3300 Series) (Version:  - Lexmark International, Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}) (Version: 3.1.6.0 - Apple Inc.)
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
Mozilla Thunderbird 38.7.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.7.2 (x86 de)) (Version: 38.7.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
NAVIGON Fresh 1.2 (HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\NAVIGON Fresh) (Version: 1.2 - NAVIGON)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
NAVIGON Sync 1.0 (HKLM-x32\...\NAVIGON Sync) (Version: 1.0 - NAVIGON)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
PC Connectivity Solution (HKLM-x32\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version:  - )
Pixum Fotowelt (HKLM-x32\...\Pixum Fotowelt) (Version: 6.2.1 - CEWE Stiftung u Co. KGaA)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5969 - Realtek Semiconductor Corp.)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SamsungConnectivityCableDriver (HKLM-x32\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Search Provided by Yahoo (HKLM-x32\...\YahooProvidedSearch) (Version:  - ) <==== ACHTUNG
SketchUp 2013 (HKLM-x32\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16084.4 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16084.4 - Samsung Electronics Co., Ltd.) Hidden
SUPER © Version 2010.bld.38 (May 2, 2010) (HKLM-x32\...\SUPER ©) (Version: Version 2010.bld.38 (May 2, 2010) - eRightSoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.18051 - TeamViewer)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{B0EFB716-085B-4564-8060-212E41F5CE50}) (Version: 6.500.3146.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (HKLM\...\BC15EA930074932BB2C4B4493C9FD4EA95087D1A) (Version: 10/12/2007 6.85.4.0 - Nokia)
XBMC (HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\XBMC) (Version:  - Team XBMC)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0904C69E-2684-4C4A-89B3-22842BD7E107} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {0CA99CAC-74B6-4C44-AB23-59729C454221} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {1C9F82FC-A2FB-4BCC-82DE-5BFFA3DBA02F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {2A47C0B9-CFC6-4814-A0A0-36B2E416A682} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {373F34F6-975B-44EE-92DD-DBE4D15028BB} - System32\Tasks\SafeZone scheduled Autoupdate 1452542265 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {7199CCB8-130D-4BF5-AA4B-17B761DE5CBB} - System32\Tasks\{26FF3FB1-352D-450C-BBE8-7627F3AD2527} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-12-20] (Skype Technologies S.A.)
Task: {7F8444B8-6F6A-475B-8CE5-52D952CA1796} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {8FF52E57-D9E2-4579-BEAC-5C75CBA3F752} - System32\Tasks\{44A16C56-8230-48AF-A25A-A6A7E14712AE} => pcalua.exe -a D:\Setup.EXE -d D:\
Task: {A4829921-5CBB-4F82-B1FF-687B56B2C682} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2017-01-04] (AVAST Software)
Task: {ABBF228D-A001-43BC-91F6-E71B433221BA} - System32\Tasks\{DCC2FE68-47E7-4720-820D-0F7D658B3EFE} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe
Task: {ADFDBF3B-AFC1-44A1-9013-8B881C16BAFB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {B8F5E834-3A74-4C7B-8EC2-6DEA05467EA4} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {CAA62C34-E5EF-4975-A926-FA12836D5DEA} - System32\Tasks\{95EC3DCD-D6FC-4B7D-964E-E03B0631DC47} => Firefox.exe hxxp://ui.skype.com/ui/0/4.2.0.158.217/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;ienotdefaultbrowser2
Task: {DDDAD517-AC4C-4529-8E8D-794FE173FB0A} - System32\Tasks\{389418FA-D95B-42C8-98C3-D7B39716704E} => pcalua.exe -a C:\Users\Christian\Downloads\SABnzbd-0.7.3-win32-setup.exe -d C:\Users\Christian\Downloads
Task: {DE18920C-A5A7-4283-821D-5E29E2052FEC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {ECDAC19C-50C3-4E61-B93C-3B801A56751E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Christian\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nchsoftware.com/de/index.htm

ShortcutWithArgument: C:\Users\Public\Desktop\Acer Zubehör Shop.lnk -> C:\Program Files\Acer Accessory Store\StartURL.exe () -> hxxp://store.acer-euro.com/de?utm_source=Icon&utm_medium=Icon&utm_campaign=Acer%2BInternal

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2010-03-27 15:12 - 2010-03-27 15:12 - 00200704 _____ () C:\Windows\PLFSetI.exe
2015-10-13 04:45 - 2015-10-13 04:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-01 20:47 - 2016-04-13 13:52 - 02548944 _____ () C:\Users\Christian\AppData\Roaming\Browser-Security\s4400.exe
2016-12-06 15:09 - 2016-12-06 15:09 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2010-09-15 21:11 - 2010-03-04 22:38 - 00071096 _____ () C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
2013-11-15 01:48 - 2013-11-15 01:48 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2010-04-18 00:19 - 2010-04-18 00:19 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2017-01-04 16:49 - 2017-01-04 16:49 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-01-21 21:03 - 2017-01-21 21:03 - 04458584 _____ () C:\Program Files\AVAST Software\Avast\defs\17012100\algo.dll
2017-01-04 16:49 - 2017-01-04 16:49 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2011-03-29 20:18 - 2005-12-13 14:51 - 00122880 _____ () C:\Program Files (x86)\Lexmark 3300 Series\lxccdrec.dll
2011-03-29 20:18 - 2005-06-14 16:08 - 00196608 _____ () C:\Program Files (x86)\Lexmark 3300 Series\iptk.dll
2009-02-03 02:33 - 2009-02-03 02:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 02:55 - 2008-09-29 02:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2013-11-15 01:49 - 2013-11-15 01:49 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2017-01-04 16:49 - 2017-01-04 16:49 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3681001805-2050292409-840652081-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: AnyDVD => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{00B8CE5B-4C6D-4D29-90E4-CFEB21E4013B}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{48FE94D9-B0DC-4874-B5D6-2E11B770605F}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DC80E749-3469-467B-B376-4F16F1A685B9}] => C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe
FirewallRules: [{ED013B1C-4F43-4865-8BD0-F0EBCB322345}] => C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe
FirewallRules: [{9C8FC3B5-2404-4350-A316-1A54E7D78462}] => C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe
FirewallRules: [{C3E949CE-546C-452A-A9A5-C9CC3B131788}] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe
FirewallRules: [{ED2CAC22-7FCB-4740-A024-ECF3E79C8C95}] => LPort=5357
FirewallRules: [{BFCA5553-4C79-40D6-8AD1-D1C43D8EB80A}] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{6F466CF5-BB2A-40CC-AFBE-301467B9C2F1}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{D14FC9F7-0C8A-4C89-9B4C-A44A9C1E53AF}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [{882FA790-800B-4B1D-99A4-6507B5404FAE}] => C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Wiederherstellungspunkte =========================

13-01-2017 21:39:02 Windows Update
13-01-2017 23:55:15 ASU_MSI_TRAN
14-01-2017 01:20:53 Windows Update
14-01-2017 14:38:36 Windows Update
19-01-2017 15:12:40 Windows Update
20-01-2017 15:18:50 Windows Update
21-01-2017 21:14:50 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/21/2017 09:30:41 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/21/2017 09:08:23 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Christian\Downloads\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/21/2017 09:05:48 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/20/2017 03:45:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (3724) WebCacheLocal: Fehler -1811 beim Öffnen von Protokolldatei C:\Users\Christian\AppData\Local\Microsoft\Windows\WebCache\V0100006.log.

Error: (01/20/2017 03:40:29 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/20/2017 03:22:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Pixum Fotowelt.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 15b4

Startzeit: 01d273280863f166

Endzeit: 24

Anwendungspfad: C:\Program Files\Pixum\Pixum Fotowelt\Pixum Fotowelt.exe

Berichts-ID: c1cec129-df1b-11e6-9f50-00262d99e8fd

Error: (01/20/2017 03:07:14 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/19/2017 03:47:14 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/19/2017 03:11:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Christian\Downloads\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/19/2017 03:04:20 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


Systemfehler:
=============
Error: (01/21/2017 09:34:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HP Support Solutions Framework Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (01/21/2017 09:34:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst HP Support Solutions Framework Service erreicht.

Error: (01/21/2017 09:33:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.

Error: (01/21/2017 09:30:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
Bei der Verarbeitung der Steuerungsanforderung ist ein Ausnahmefehler im Dienst aufgetreten.

Error: (01/21/2017 09:30:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (01/21/2017 09:30:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device Service erreicht.

Error: (01/21/2017 09:29:40 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht.

Error: (01/21/2017 09:17:35 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{752073A1-23F2-4396-85F0-8FDB879ED0ED}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/21/2017 09:13:18 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (01/21/2017 09:12:18 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst IKEEXT erreicht.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 6004.5 MB
Verfügbarer physikalischer RAM: 4131.27 MB
Summe virtueller Speicher: 12007.18 MB
Verfügbarer virtueller Speicher: 9988.83 MB

==================== Laufwerke ================================

Drive c: (ACER) (Fixed) (Total:452.97 GB) (Free:27.4 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: C244C244)
Partition 1: (Not Active) - (Size=12.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Und hier das log vom ESET Online Scanner:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b54a83bc025d9641a28195bf21cd603b
# end=init
# utc_time=2017-01-13 10:05:13
# local_time=2017-01-13 11:05:13 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 32056
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b54a83bc025d9641a28195bf21cd603b
# end=updated
# utc_time=2017-01-13 10:08:13
# local_time=2017-01-13 11:08:13 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=b54a83bc025d9641a28195bf21cd603b
# engine=32056
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-01-14 02:04:40
# local_time=2017-01-14 03:04:40 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avast Antivirus'
# compatibility_mode=796 16777213 100 100 556115 31821179 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 18686631 235989330 0 0
# scanned=323904
# found=5
# cleaned=0
# scan_time=14186
sh=1C6BF3D330BDEA6F9CFAE39C6019A53F69BFC0E5 ft=1 fh=c15f3c1448f263ca vn="Variante von Win32/Adware.BrowSecX.AQ Anwendung" ac=I fn="C:\Users\Christian\AppData\Roaming\Browser-Security\s4400.exe"
sh=8D4EE03A6DDAC657E6CB269802AA25F3666EB66E ft=1 fh=fd18acfcf5c23241 vn="Variante von Win32/Adware.BrowSecX.AQ Anwendung" ac=I fn="C:\Users\Christian\AppData\Roaming\Browser-Security\uninstall.exe"
sh=40755CDA7736354F3C78377ED850D93326967165 ft=1 fh=0e498a953b1b72da vn="Variante von Win32/InstallCore.AGK eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Christian\Downloads\FreeAudioConverter_5.0.79.425.exe"
sh=67A4EA8E3B929242B19D85490801AC633AC4ED12 ft=1 fh=986452898c828fe6 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Christian\Downloads\Nano SIM Schablone PDF Vorlage - CHIP-Installer.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/Adware.BrowSecX.AQ Anwendung" ac=I fn="${Memory}"
         

Alt 23.01.2017, 10:28   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
s4400.exe im Autostart gefunden - Standard

s4400.exe im Autostart gefunden



1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 24.01.2017, 10:08   #6
Chris1910
 
s4400.exe im Autostart gefunden - Standard

s4400.exe im Autostart gefunden



In beiden Schritten ohne Fund.

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.01.23.08
  rootkit: v2016.11.20.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18537
Christian :: CHRISTIANS [administrator]

23.01.2017 20:39:14
mbar-log-2017-01-23 (20-39-14).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 382272
Time elapsed: 1 hour(s), 6 minute(s), 53 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
10:01:15.0564 0x12e8  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
10:01:26.0270 0x12e8  ============================================================
10:01:26.0271 0x12e8  Current date / time: 2017/01/24 10:01:26.0270
10:01:26.0271 0x12e8  SystemInfo:
10:01:26.0271 0x12e8  
10:01:26.0271 0x12e8  OS Version: 6.1.7601 ServicePack: 1.0
10:01:26.0271 0x12e8  Product type: Workstation
10:01:26.0271 0x12e8  ComputerName: CHRISTIANS
10:01:26.0271 0x12e8  UserName: Christian
10:01:26.0271 0x12e8  Windows directory: C:\Windows
10:01:26.0271 0x12e8  System windows directory: C:\Windows
10:01:26.0271 0x12e8  Running under WOW64
10:01:26.0271 0x12e8  Processor architecture: Intel x64
10:01:26.0271 0x12e8  Number of processors: 4
10:01:26.0271 0x12e8  Page size: 0x1000
10:01:26.0271 0x12e8  Boot type: Normal boot
10:01:26.0271 0x12e8  CodeIntegrityOptions = 0x00000001
10:01:26.0271 0x12e8  ============================================================
10:01:26.0468 0x12e8  KLMD registered as C:\Windows\system32\drivers\27058606.sys
10:01:26.0468 0x12e8  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
10:01:27.0002 0x12e8  System UUID: {D82D3E72-B57D-4224-0919-E7F63E78169F}
10:01:27.0816 0x12e8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:01:27.0822 0x12e8  ============================================================
10:01:27.0822 0x12e8  \Device\Harddisk0\DR0:
10:01:27.0822 0x12e8  MBR partitions:
10:01:27.0822 0x12e8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1964800, BlocksNum 0x32000
10:01:27.0822 0x12e8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1996800, BlocksNum 0x389EF030
10:01:27.0822 0x12e8  ============================================================
10:01:27.0860 0x12e8  C: <-> \Device\Harddisk0\DR0\Partition2
10:01:27.0861 0x12e8  ============================================================
10:01:27.0861 0x12e8  Initialize success
10:01:27.0861 0x12e8  ============================================================
10:03:49.0255 0x0448  ============================================================
10:03:49.0255 0x0448  Scan started
10:03:49.0255 0x0448  Mode: Manual; SigCheck; TDLFS; 
10:03:49.0255 0x0448  ============================================================
10:03:49.0255 0x0448  KSN ping started
10:03:49.0629 0x0448  KSN ping finished: true
10:03:50.0862 0x0448  ================ Scan system memory ========================
10:03:50.0862 0x0448  System memory - ok
10:03:50.0862 0x0448  ================ Scan services =============================
10:03:51.0080 0x0448  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:03:51.0220 0x0448  1394ohci - ok
10:03:51.0330 0x0448  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:03:51.0361 0x0448  ACPI - ok
10:03:51.0423 0x0448  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:03:51.0532 0x0448  AcpiPmi - ok
10:03:51.0657 0x0448  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:03:51.0673 0x0448  AdobeARMservice - ok
10:03:51.0844 0x0448  [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:03:51.0860 0x0448  AdobeFlashPlayerUpdateSvc - ok
10:03:51.0938 0x0448  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
10:03:51.0985 0x0448  adp94xx - ok
10:03:52.0047 0x0448  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
10:03:52.0078 0x0448  adpahci - ok
10:03:52.0094 0x0448  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
10:03:52.0125 0x0448  adpu320 - ok
10:03:52.0156 0x0448  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:03:52.0312 0x0448  AeLookupSvc - ok
10:03:52.0390 0x0448  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
10:03:52.0484 0x0448  AFD - ok
10:03:52.0546 0x0448  [ B65F8DBA54F251906BBE8611B5A0E7AB, 9ADE347CB4E7C33D668DAC79A316C97C78D94D296B158F481F3E32F9DA4D647E ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
10:03:52.0578 0x0448  AgereModemAudio - ok
10:03:52.0640 0x0448  [ A6AB6F0ACE87DA76B4C401813D18BE95, 6AE72E0F07DF2164A3198E14A6AE7E15F0B8EB467D2D68960A006E360DBBA891 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
10:03:52.0749 0x0448  AgereSoftModem - ok
10:03:52.0812 0x0448  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:03:52.0843 0x0448  agp440 - ok
10:03:52.0874 0x0448  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:03:52.0921 0x0448  ALG - ok
10:03:52.0983 0x0448  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:03:53.0014 0x0448  aliide - ok
10:03:53.0061 0x0448  [ B4143CB1DD16AE73C6177C72F33450A6, D675AEF56FF030314AB3B4F13A81D72272E67AE10E415058928182A3B8370FE1 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:03:53.0092 0x0448  AMD External Events Utility - ok
10:03:53.0092 0x0448  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:03:53.0108 0x0448  amdide - ok
10:03:53.0155 0x0448  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:03:53.0217 0x0448  AmdK8 - ok
10:03:53.0467 0x0448  [ D1D06810BF7E21F5763EB06CB7E7262B, 77DEEA2C76D1C3E65E3D4F1FB2C671195019E9B78336EA4E040565DB88228611 ] amdkmdag        C:\Windows\system32\DRIVERS\atipmdag.sys
10:03:53.0764 0x0448  amdkmdag - ok
10:03:53.0795 0x0448  [ 6BA71D6616B56816E57394D77DD1BB6F, 5250378D4CA31578D8E92DD4402E2AA34C2299EA2D9471AC5A9A7CEA46A54CB3 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
10:03:53.0827 0x0448  amdkmdap - ok
10:03:53.0858 0x0448  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:03:53.0889 0x0448  AmdPPM - ok
10:03:53.0967 0x0448  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:03:53.0998 0x0448  amdsata - ok
10:03:54.0014 0x0448  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:03:54.0045 0x0448  amdsbs - ok
10:03:54.0061 0x0448  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:03:54.0076 0x0448  amdxata - ok
10:03:54.0139 0x0448  [ 391887990CDAA83DE5C56C3FDE966DA1, BC55E21E03B3FE7BBDBB13D56AADB8FBA74F58521AC73B105AD9788E7AE18F0B ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
10:03:54.0185 0x0448  AmUStor - ok
10:03:54.0279 0x0448  [ 821E7E501226EE344FDB0F40EE46109D, E535714C4FD2F7ECFC86366A5DBCC1048FCA4AC0BC78D69E5D6B4B859577326A ] AnyDVD          C:\Windows\system32\Drivers\AnyDVD.sys
10:03:54.0310 0x0448  AnyDVD - ok
10:03:54.0373 0x0448  [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID           C:\Windows\system32\drivers\appid.sys
10:03:54.0451 0x0448  AppID - ok
10:03:54.0466 0x0448  [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:03:54.0497 0x0448  AppIDSvc - ok
10:03:54.0560 0x0448  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\Windows\System32\appinfo.dll
10:03:54.0591 0x0448  Appinfo - ok
10:03:54.0731 0x0448  [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:03:54.0747 0x0448  Apple Mobile Device Service - ok
10:03:54.0794 0x0448  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
10:03:54.0825 0x0448  arc - ok
10:03:54.0841 0x0448  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:03:54.0872 0x0448  arcsas - ok
10:03:55.0012 0x0448  [ 08FC11F6416923BBC614C28B4180E9A7, C829380F10E3EE92A38F2D59ED0D5B1D27B577021307E0C2C23EC901D0479006 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:03:55.0028 0x0448  aspnet_state - ok
10:03:55.0106 0x0448  [ 9B480B472D6826E7257C90E2D0EE2954, C52C198602D180011A9345AE6F108EC4B1FD91234AF2E6296B2E39C1888B0D4D ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
10:03:55.0137 0x0448  aswHwid - ok
10:03:55.0168 0x0448  [ 06362BBA1347CBA0996F4B39BB1D8353, 0C6B7B085F13FB7C71E2AF481CD216C6ACB63577DC7E2793182F734378C141DA ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
10:03:55.0184 0x0448  aswKbd - ok
10:03:55.0199 0x0448  [ 1BB00571CC2C78463ABD7E9C32970758, BF523468754CB1628D66F28B06FAF7C545C5724801B04888517A2FB4BF9582BF ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
10:03:55.0231 0x0448  aswMonFlt - ok
10:03:55.0293 0x0448  [ A427227731E6A838E693305BE0824412, 30338F88477E34FF1391046F5FA4D21CAB8D811600D8147289C1EAE489740DEE ] aswNetNd6       C:\Windows\system32\DRIVERS\aswNetNd6.sys
10:03:55.0309 0x0448  aswNetNd6 - ok
10:03:55.0387 0x0448  [ 75325BC6BE15471331FFCEEC14E1DA03, 68A9DC2C4518DBAD54E60B7C89F713DD9FD287D42CFC75700D44A5B8CA4AED0F ] aswNetSec       C:\Windows\system32\drivers\aswNetSec.sys
10:03:55.0418 0x0448  aswNetSec - ok
10:03:55.0465 0x0448  [ 7010B57D708DA5C9686A5923EE621776, 5A554B8941C156EC341C602F34679A7475802B19EE6A99AA29AE2628A123ECB1 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
10:03:55.0496 0x0448  aswRdr - ok
10:03:55.0527 0x0448  [ 937885085BFE5BD08EC1BC0245DD203B, 6DDD89245EEA3B8106C5F2EB6FA8CF525F3B42AA7032276DE78953E06FE7F4B4 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
10:03:55.0543 0x0448  aswRvrt - ok
10:03:55.0621 0x0448  [ 0B6352251C5D84130DF4252D33D266C2, C6A2E0074A7FCFB5799949431F5660B9AF6441001EA9B609F7B3900F4007EBD0 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
10:03:55.0745 0x0448  aswSnx - ok
10:03:55.0823 0x0448  [ 28213B34725B18387CC1B8C3D73858A1, D86113D89C62F090B393B68B522581248AEF3568F8FD0FF86B3625F2E6DD4DB8 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
10:03:55.0886 0x0448  aswSP - ok
10:03:55.0933 0x0448  [ 9C58B6E9663D0A76D00D83E43C765BDF, 3F474932E77318CD450A3A9C89667D2B26A7E3FAB9AA95D97FF3B1979623A7F2 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
10:03:55.0948 0x0448  aswStm - ok
10:03:55.0979 0x0448  [ D60D9201739400F0FBDB9E36A3212D91, 01A17516AB7F4D2C72E2DC51F7B49D1C4F50F564992F78A71E73821D7F8220E7 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
10:03:56.0026 0x0448  aswVmm - ok
10:03:56.0042 0x0448  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:03:56.0104 0x0448  AsyncMac - ok
10:03:56.0182 0x0448  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:03:56.0198 0x0448  atapi - ok
10:03:56.0401 0x0448  [ D4D947E7636A8F43972253C5670C91BC, 9DA7FF53D25C213F04CE07DAC2A00D260C034B24BBE838D1DA77D6F657190E52 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
10:03:56.0635 0x0448  athr - ok
10:03:56.0900 0x0448  [ D1D06810BF7E21F5763EB06CB7E7262B, 77DEEA2C76D1C3E65E3D4F1FB2C671195019E9B78336EA4E040565DB88228611 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
10:03:57.0181 0x0448  atikmdag - ok
10:03:57.0321 0x0448  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:03:57.0415 0x0448  AudioEndpointBuilder - ok
10:03:57.0446 0x0448  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:03:57.0477 0x0448  AudioSrv - ok
10:03:57.0633 0x0448  [ F4E0580B5789474385E7ACB189C4AF2C, DB5BE2C852AC102AB8EB186362E582E250B843BA52B3B71AF08A5FDA8A6F91AF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:03:57.0649 0x0448  avast! Antivirus - ok
10:03:57.0711 0x0448  [ CAA9BB913356E9FD56761C9352B7054B, E810C6EE0673BEBCF9C74223D120589E8441CB1B74D25A7E10554B6EA96D6909 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
10:03:57.0727 0x0448  avast! Firewall - ok
10:03:57.0820 0x0448  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:03:57.0851 0x0448  AxInstSV - ok
10:03:57.0914 0x0448  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
10:03:57.0976 0x0448  b06bdrv - ok
10:03:58.0023 0x0448  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:03:58.0070 0x0448  b57nd60a - ok
10:03:58.0132 0x0448  [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
10:03:58.0319 0x0448  BCM43XX - ok
10:03:58.0351 0x0448  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:03:58.0382 0x0448  BDESVC - ok
10:03:58.0413 0x0448  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:03:58.0491 0x0448  Beep - ok
10:03:58.0585 0x0448  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:03:58.0663 0x0448  BFE - ok
10:03:58.0772 0x0448  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:03:59.0006 0x0448  BITS - ok
10:03:59.0053 0x0448  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:03:59.0084 0x0448  blbdrive - ok
10:03:59.0224 0x0448  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:03:59.0240 0x0448  Bonjour Service - ok
10:03:59.0333 0x0448  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:03:59.0380 0x0448  bowser - ok
10:03:59.0489 0x0448  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:03:59.0521 0x0448  BrFiltLo - ok
10:03:59.0536 0x0448  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:03:59.0583 0x0448  BrFiltUp - ok
10:03:59.0661 0x0448  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:03:59.0708 0x0448  Browser - ok
10:03:59.0739 0x0448  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:03:59.0879 0x0448  Brserid - ok
10:03:59.0911 0x0448  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:03:59.0942 0x0448  BrSerWdm - ok
10:03:59.0973 0x0448  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:04:00.0020 0x0448  BrUsbMdm - ok
10:04:00.0035 0x0448  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:04:00.0067 0x0448  BrUsbSer - ok
10:04:00.0191 0x0448  [ AD03E900B06A20E5EB89D44422575C23, D71357BA58E619F7C4A4B8300EC25F2C4003F605090EEB3BBE5E8441D19B85CC ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
10:04:00.0223 0x0448  BstHdAndroidSvc - ok
10:04:00.0285 0x0448  [ A2036F14108892A696FD5757CB1BD5CA, F2DF0DAF30756D8BEBC75976AE49A5B1EA6D441197E4538B07F3697D2767B366 ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
10:04:00.0316 0x0448  BstHdDrv - ok
10:04:00.0379 0x0448  [ 0196BB164649911260339C6C27AC1511, 4B4E322BAA1F876C843D388FE27BA7126A7F21A78FBF8131F826173780002DC2 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
10:04:00.0410 0x0448  BstHdLogRotatorSvc - ok
10:04:00.0425 0x0448  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:04:00.0472 0x0448  BTHMODEM - ok
10:04:00.0503 0x0448  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:04:00.0550 0x0448  bthserv - ok
10:04:00.0581 0x0448  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:04:00.0644 0x0448  cdfs - ok
10:04:00.0706 0x0448  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:04:00.0784 0x0448  cdrom - ok
10:04:00.0847 0x0448  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:04:00.0909 0x0448  CertPropSvc - ok
10:04:00.0925 0x0448  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:04:00.0956 0x0448  circlass - ok
10:04:01.0049 0x0448  [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS            C:\Windows\system32\CLFS.sys
10:04:01.0081 0x0448  CLFS - ok
10:04:01.0174 0x0448  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:04:01.0190 0x0448  clr_optimization_v2.0.50727_32 - ok
10:04:01.0252 0x0448  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:04:01.0268 0x0448  clr_optimization_v2.0.50727_64 - ok
10:04:01.0424 0x0448  [ 40554ADA608F31A73BC002041BFBCED4, 8A4FB3B824EC49392A206BF14381AAE389C0E683B4ED0E89F5362746222E1FBA ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:04:01.0455 0x0448  clr_optimization_v4.0.30319_32 - ok
10:04:01.0471 0x0448  [ 7CD17E6A27D64F672DEA52E9D144B08E, 566CB07531BEBFB704E2BE2D33F49B5D9F962D7931B2BABC1BA2F4015C651CBE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:04:01.0502 0x0448  clr_optimization_v4.0.30319_64 - ok
10:04:01.0517 0x0448  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:04:01.0564 0x0448  CmBatt - ok
10:04:01.0580 0x0448  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:04:01.0595 0x0448  cmdide - ok
10:04:01.0673 0x0448  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
10:04:01.0720 0x0448  CNG - ok
10:04:01.0751 0x0448  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:04:01.0783 0x0448  Compbatt - ok
10:04:01.0845 0x0448  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:04:01.0876 0x0448  CompositeBus - ok
10:04:01.0892 0x0448  COMSysApp - ok
10:04:01.0923 0x0448  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
10:04:01.0939 0x0448  crcdisk - ok
10:04:02.0017 0x0448  [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:04:02.0048 0x0448  CryptSvc - ok
10:04:02.0126 0x0448  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:04:02.0204 0x0448  DcomLaunch - ok
10:04:02.0235 0x0448  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:04:02.0282 0x0448  defragsvc - ok
10:04:02.0360 0x0448  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:04:02.0391 0x0448  DfsC - ok
10:04:02.0469 0x0448  [ 0F4A5D01156B948B54550375498B08A2, 1CAE3D744429A06E9C9EC46AC6B216AB68154EF8FACDD0721C47902B83820F56 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
10:04:02.0500 0x0448  dg_ssudbus - ok
10:04:02.0609 0x0448  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:04:02.0656 0x0448  Dhcp - ok
10:04:02.0812 0x0448  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
10:04:02.0953 0x0448  DiagTrack - ok
10:04:02.0984 0x0448  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:04:03.0046 0x0448  discache - ok
10:04:03.0077 0x0448  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:04:03.0109 0x0448  Disk - ok
10:04:03.0202 0x0448  [ D5BCB77BE83CF99F508943945D46343D, 00C5624CE970A05075A19168643BF6E8FA60C764333ECEC088D7FFCA10547833 ] DKbFltr         C:\Windows\syswow64\Drivers\DKbFltr.sys
10:04:03.0218 0x0448  DKbFltr - ok
10:04:03.0296 0x0448  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:04:03.0327 0x0448  Dnscache - ok
10:04:03.0389 0x0448  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:04:03.0452 0x0448  dot3svc - ok
10:04:03.0514 0x0448  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:04:03.0561 0x0448  DPS - ok
10:04:03.0639 0x0448  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:04:03.0670 0x0448  drmkaud - ok
10:04:03.0733 0x0448  [ 8407DDFAB85AE664E507C30314090385, 05F052C64D192CF69A462A5EC16DDA0D43CA5D0245900C9FCB9201685A2E7748 ] DrvAgent64      C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
10:04:03.0748 0x0448  DrvAgent64 - ok
10:04:03.0826 0x0448  [ FB9BEF3401EE5ECC2603311B9C64F44A, 33F8B6C9593677A360F580554D4F95B9F580C4E28F8187FBB27D96AFBFA8C7C1 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:04:03.0857 0x0448  dtsoftbus01 - ok
10:04:03.0951 0x0448  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:04:04.0060 0x0448  DXGKrnl - ok
10:04:04.0107 0x0448  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:04:04.0154 0x0448  EapHost - ok
10:04:04.0294 0x0448  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
10:04:04.0466 0x0448  ebdrv - ok
10:04:04.0544 0x0448  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] EFS             C:\Windows\System32\lsass.exe
10:04:04.0575 0x0448  EFS - ok
10:04:04.0715 0x0448  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:04:04.0809 0x0448  ehRecvr - ok
10:04:04.0840 0x0448  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:04:04.0887 0x0448  ehSched - ok
10:04:04.0965 0x0448  [ A05FC7ECA0966EBB70E4D17B855A853B, 16A0C8138A3BBD8BE2658261131F9777940CFB1431018A10710E5C1A88AB70EA ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
10:04:04.0981 0x0448  ElbyCDIO - ok
10:04:05.0152 0x0448  [ AE56C5BF46428D0E1A0E187395F29754, D636874744A34A0599450490410334B1FA7EE081BB64486CBDE1E800F727DF3A ] ElfoService     C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe
10:04:05.0261 0x0448  ElfoService - ok
10:04:05.0371 0x0448  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
10:04:05.0433 0x0448  elxstor - ok
10:04:05.0558 0x0448  [ FB67AA8AC61B9365ADD546139A21BED6, DDE2053071ED1F7E634FF1A74DB0ACC7D0D19B0AD0CF37DE989FA91B93C76452 ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
10:04:05.0589 0x0448  ePowerSvc - ok
10:04:05.0636 0x0448  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:04:05.0667 0x0448  ErrDev - ok
10:04:05.0745 0x0448  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:04:05.0807 0x0448  EventSystem - ok
10:04:05.0839 0x0448  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:04:05.0917 0x0448  exfat - ok
10:04:05.0948 0x0448  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:04:06.0010 0x0448  fastfat - ok
10:04:06.0104 0x0448  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:04:06.0182 0x0448  Fax - ok
10:04:06.0213 0x0448  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:04:06.0229 0x0448  fdc - ok
10:04:06.0275 0x0448  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:04:06.0322 0x0448  fdPHost - ok
10:04:06.0322 0x0448  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:04:06.0385 0x0448  FDResPub - ok
10:04:06.0400 0x0448  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:04:06.0431 0x0448  FileInfo - ok
10:04:06.0463 0x0448  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:04:06.0525 0x0448  Filetrace - ok
10:04:06.0541 0x0448  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:04:06.0572 0x0448  flpydisk - ok
10:04:06.0650 0x0448  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:04:06.0681 0x0448  FltMgr - ok
10:04:06.0775 0x0448  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
10:04:06.0853 0x0448  FontCache - ok
10:04:06.0946 0x0448  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:04:06.0962 0x0448  FontCache3.0.0.0 - ok
10:04:06.0993 0x0448  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:04:07.0009 0x0448  FsDepends - ok
10:04:07.0071 0x0448  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:04:07.0102 0x0448  Fs_Rec - ok
10:04:07.0165 0x0448  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:04:07.0196 0x0448  fvevol - ok
10:04:07.0243 0x0448  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:04:07.0274 0x0448  gagp30kx - ok
10:04:07.0352 0x0448  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:04:07.0367 0x0448  GEARAspiWDM - ok
10:04:07.0461 0x0448  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
10:04:07.0508 0x0448  gpsvc - ok
10:04:07.0617 0x0448  [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service    C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
10:04:07.0648 0x0448  Greg_Service - ok
10:04:07.0773 0x0448  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:04:07.0789 0x0448  gupdate - ok
10:04:07.0835 0x0448  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:04:07.0851 0x0448  gupdatem - ok
10:04:07.0913 0x0448  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:04:07.0929 0x0448  gusvc - ok
10:04:07.0960 0x0448  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:04:08.0007 0x0448  hcw85cir - ok
10:04:08.0085 0x0448  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:04:08.0132 0x0448  HdAudAddService - ok
10:04:08.0147 0x0448  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:04:08.0194 0x0448  HDAudBus - ok
10:04:08.0225 0x0448  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
10:04:08.0257 0x0448  HECIx64 - ok
10:04:08.0288 0x0448  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
10:04:08.0303 0x0448  HidBatt - ok
10:04:08.0335 0x0448  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:04:08.0366 0x0448  HidBth - ok
10:04:08.0381 0x0448  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:04:08.0428 0x0448  HidIr - ok
10:04:08.0444 0x0448  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
10:04:08.0506 0x0448  hidserv - ok
10:04:08.0553 0x0448  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
10:04:08.0600 0x0448  HidUsb - ok
10:04:08.0662 0x0448  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:04:08.0803 0x0448  hkmsvc - ok
10:04:08.0896 0x0448  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:04:08.0927 0x0448  HomeGroupListener - ok
10:04:08.0990 0x0448  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:04:09.0021 0x0448  HomeGroupProvider - ok
10:04:09.0099 0x0448  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:04:09.0115 0x0448  HpSAMD - ok
10:04:09.0239 0x0448  [ EC80F3ECC5F8543E22BBCB037D837CA9, 23A4AE80A6C317CE77BD9D352CD9CED8649E3AD98A7C0A2044138BB20B46F398 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
10:04:09.0255 0x0448  HPSupportSolutionsFrameworkService - ok
10:04:09.0380 0x0448  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:04:09.0567 0x0448  HTTP - ok
10:04:09.0629 0x0448  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:04:09.0645 0x0448  hwpolicy - ok
10:04:09.0754 0x0448  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:04:09.0785 0x0448  i8042prt - ok
10:04:09.0848 0x0448  [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
10:04:09.0879 0x0448  IAANTMON - ok
10:04:09.0926 0x0448  [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
10:04:09.0957 0x0448  iaStor - ok
10:04:10.0035 0x0448  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:04:10.0066 0x0448  iaStorV - ok
10:04:10.0160 0x0448  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:04:10.0238 0x0448  idsvc - ok
10:04:10.0269 0x0448  IEEtwCollectorService - ok
10:04:10.0503 0x0448  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
10:04:10.0831 0x0448  igfx - ok
10:04:10.0862 0x0448  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
10:04:10.0893 0x0448  iirsp - ok
10:04:10.0987 0x0448  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:04:11.0033 0x0448  IKEEXT - ok
10:04:11.0080 0x0448  [ 36FDF367A1DABFF903E2214023D71368, 60468692C1D048428AF25ED87DE23DAE756C7BA2B6CF6AF5EFD2E53C80F5FC68 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
10:04:11.0127 0x0448  Impcd - ok
10:04:11.0236 0x0448  [ 42943BB3AB7A405B30EFF7C8283CC129, B914B5610565B794BE28664DE605C5726A0587F15034A026509885771C63B0D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:04:11.0361 0x0448  IntcAzAudAddService - ok
10:04:11.0408 0x0448  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:04:11.0423 0x0448  intelide - ok
10:04:11.0455 0x0448  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:04:11.0501 0x0448  intelppm - ok
10:04:11.0533 0x0448  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:04:11.0595 0x0448  IPBusEnum - ok
10:04:11.0657 0x0448  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:04:11.0735 0x0448  IpFilterDriver - ok
10:04:11.0798 0x0448  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:04:11.0860 0x0448  iphlpsvc - ok
10:04:11.0923 0x0448  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:04:11.0969 0x0448  IPMIDRV - ok
10:04:11.0985 0x0448  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:04:12.0047 0x0448  IPNAT - ok
10:04:12.0172 0x0448  [ 043A93A498B3C4A88CACA3BCBC9B54C7, C08C5A03940806C6CB75ADDCBE6183145AD2AFE84D77BC85E620E7C1542F0893 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:04:12.0188 0x0448  iPod Service - ok
10:04:12.0219 0x0448  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:04:12.0266 0x0448  IRENUM - ok
10:04:12.0328 0x0448  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:04:12.0359 0x0448  isapnp - ok
10:04:12.0406 0x0448  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:04:12.0453 0x0448  iScsiPrt - ok
10:04:12.0500 0x0448  [ D85F3F18E44F7447B5F1BA5C85BAEB7C, 0FA419F9BF061AC3F81A978FAE1523904081BA6FEA6FACEA228B20F5608FCF1E ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
10:04:12.0531 0x0448  k57nd60a - ok
10:04:12.0547 0x0448  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
10:04:12.0562 0x0448  kbdclass - ok
10:04:12.0640 0x0448  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
10:04:12.0671 0x0448  kbdhid - ok
10:04:12.0687 0x0448  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] KeyIso          C:\Windows\system32\lsass.exe
10:04:12.0703 0x0448  KeyIso - ok
10:04:12.0796 0x0448  [ 6F5F0C6160EF237F0243C1E416EEBA98, 8BA8AA0D71350A74E294A731226B1638C6059013D645ABDE7188F7733E320FBD ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:04:12.0812 0x0448  KSecDD - ok
10:04:12.0859 0x0448  [ 05529E53B286FD60E7EF04EF138CABFD, 6C045750DCD3EE76F748582513AD4FA99C0E8E56B616725CD48DCA1068FF8923 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:04:12.0890 0x0448  KSecPkg - ok
10:04:12.0905 0x0448  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:04:12.0952 0x0448  ksthunk - ok
10:04:12.0999 0x0448  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:04:13.0061 0x0448  KtmRm - ok
10:04:13.0093 0x0448  [ 2AC603C3188C704CFCE353659AA7AD71, 0DAC2E8858221145FA35883BAE0D6484E60EB624158DE9F063FF209951CD1CDF ] L1E             C:\Windows\system32\DRIVERS\L1E62x64.sys
10:04:13.0124 0x0448  L1E - ok
10:04:13.0171 0x0448  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:04:13.0233 0x0448  LanmanServer - ok
10:04:13.0295 0x0448  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:04:13.0342 0x0448  LanmanWorkstation - ok
10:04:13.0373 0x0448  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:04:13.0436 0x0448  lltdio - ok
10:04:13.0467 0x0448  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:04:13.0529 0x0448  lltdsvc - ok
10:04:13.0545 0x0448  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:04:13.0607 0x0448  lmhosts - ok
10:04:13.0670 0x0448  [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:04:13.0685 0x0448  LMS - ok
10:04:13.0779 0x0448  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:04:13.0810 0x0448  LSI_FC - ok
10:04:13.0841 0x0448  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
10:04:13.0857 0x0448  LSI_SAS - ok
10:04:13.0888 0x0448  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:04:13.0904 0x0448  LSI_SAS2 - ok
10:04:13.0935 0x0448  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:04:13.0966 0x0448  LSI_SCSI - ok
10:04:14.0013 0x0448  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:04:14.0075 0x0448  luafv - ok
10:04:14.0107 0x0448  lxcc_device - ok
10:04:14.0169 0x0448  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:04:14.0185 0x0448  Mcx2Svc - ok
10:04:14.0200 0x0448  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
10:04:14.0216 0x0448  megasas - ok
10:04:14.0231 0x0448  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:04:14.0263 0x0448  MegaSR - ok
10:04:14.0294 0x0448  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:04:14.0341 0x0448  MMCSS - ok
10:04:14.0356 0x0448  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:04:14.0419 0x0448  Modem - ok
10:04:14.0434 0x0448  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:04:14.0465 0x0448  monitor - ok
10:04:14.0528 0x0448  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
10:04:14.0543 0x0448  mouclass - ok
10:04:14.0575 0x0448  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:04:14.0621 0x0448  mouhid - ok
10:04:14.0699 0x0448  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:04:14.0715 0x0448  mountmgr - ok
10:04:14.0840 0x0448  [ E464A0A92E2E354D07DDA713D3E10DE4, D5CF213F03DF54EF9933027A7A7D4413371C1ECBFF61E4DE818D50FA72C8C5FC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:04:14.0855 0x0448  MozillaMaintenance - ok
10:04:14.0918 0x0448  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:04:14.0949 0x0448  mpio - ok
10:04:14.0980 0x0448  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:04:15.0027 0x0448  mpsdrv - ok
10:04:15.0105 0x0448  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:04:15.0183 0x0448  MpsSvc - ok
10:04:15.0245 0x0448  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:04:15.0308 0x0448  MRxDAV - ok
10:04:15.0370 0x0448  [ 632E8A00090E4F85F304E152C92C7F2C, A3098941251A8327C95E6B1122384D54FB0ED705A9215577D968EA5B5FD88C87 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:04:15.0401 0x0448  mrxsmb - ok
10:04:15.0464 0x0448  [ 0D9C05484F2F4BD9D33A615D5DBE67EA, 1E164B631B1CD85DD5B205284CB547B189609946490AAABD22741743BFB413DF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:04:15.0511 0x0448  mrxsmb10 - ok
10:04:15.0573 0x0448  [ 6123E6FECC1C164022868FB1982271BE, 417E6C7AFF8B014B31AFCC202B0DCEECBDBB73205DF8C3EFC7E313664E284178 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:04:15.0620 0x0448  mrxsmb20 - ok
10:04:15.0682 0x0448  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:04:15.0698 0x0448  msahci - ok
10:04:15.0760 0x0448  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:04:15.0791 0x0448  msdsm - ok
10:04:15.0807 0x0448  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:04:15.0838 0x0448  MSDTC - ok
10:04:15.0869 0x0448  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:04:15.0916 0x0448  Msfs - ok
10:04:15.0932 0x0448  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:04:15.0994 0x0448  mshidkmdf - ok
10:04:16.0057 0x0448  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:04:16.0072 0x0448  msisadrv - ok
10:04:16.0103 0x0448  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:04:16.0166 0x0448  MSiSCSI - ok
10:04:16.0166 0x0448  msiserver - ok
10:04:16.0197 0x0448  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:04:16.0259 0x0448  MSKSSRV - ok
10:04:16.0275 0x0448  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:04:16.0353 0x0448  MSPCLOCK - ok
10:04:16.0369 0x0448  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:04:16.0431 0x0448  MSPQM - ok
10:04:16.0509 0x0448  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:04:16.0540 0x0448  MsRPC - ok
10:04:16.0603 0x0448  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:04:16.0618 0x0448  mssmbios - ok
10:04:16.0649 0x0448  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:04:16.0712 0x0448  MSTEE - ok
10:04:16.0759 0x0448  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:04:16.0790 0x0448  MTConfig - ok
10:04:16.0852 0x0448  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:04:16.0868 0x0448  Mup - ok
10:04:16.0915 0x0448  [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
10:04:16.0930 0x0448  mwlPSDFilter - ok
10:04:16.0961 0x0448  [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
10:04:16.0977 0x0448  mwlPSDNServ - ok
10:04:17.0008 0x0448  [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
10:04:17.0024 0x0448  mwlPSDVDisk - ok
10:04:17.0117 0x0448  [ 2F139207F618EC2933830227EEFFDDB4, 2942452EC631BF11CCCDA397C756CBBC0337F58B215A3F02DA263818CB3BE9A9 ] MWLService      C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
10:04:17.0133 0x0448  MWLService - ok
10:04:17.0211 0x0448  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:04:17.0320 0x0448  napagent - ok
10:04:17.0351 0x0448  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:04:17.0414 0x0448  NativeWifiP - ok
10:04:17.0507 0x0448  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:04:17.0585 0x0448  NDIS - ok
10:04:17.0601 0x0448  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:04:17.0679 0x0448  NdisCap - ok
10:04:17.0741 0x0448  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:04:17.0804 0x0448  NdisTapi - ok
10:04:17.0866 0x0448  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:04:17.0929 0x0448  Ndisuio - ok
10:04:17.0991 0x0448  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:04:18.0053 0x0448  NdisWan - ok
10:04:18.0131 0x0448  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:04:18.0178 0x0448  NDProxy - ok
10:04:18.0209 0x0448  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:04:18.0256 0x0448  NetBIOS - ok
10:04:18.0319 0x0448  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:04:18.0381 0x0448  NetBT - ok
10:04:18.0412 0x0448  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] Netlogon        C:\Windows\system32\lsass.exe
10:04:18.0428 0x0448  Netlogon - ok
10:04:18.0443 0x0448  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:04:18.0506 0x0448  Netman - ok
10:04:18.0631 0x0448  [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:04:18.0662 0x0448  NetMsmqActivator - ok
10:04:18.0677 0x0448  [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:04:18.0693 0x0448  NetPipeActivator - ok
10:04:18.0709 0x0448  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:04:18.0787 0x0448  netprofm - ok
10:04:18.0802 0x0448  [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:04:18.0818 0x0448  NetTcpActivator - ok
10:04:18.0818 0x0448  [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:04:18.0833 0x0448  NetTcpPortSharing - ok
10:04:18.0880 0x0448  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
10:04:18.0911 0x0448  nfrd960 - ok
10:04:18.0989 0x0448  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:04:19.0052 0x0448  NlaSvc - ok
10:04:19.0161 0x0448  [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess       C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
10:04:19.0177 0x0448  NMSAccess - ok
10:04:19.0208 0x0448  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:04:19.0255 0x0448  Npfs - ok
10:04:19.0301 0x0448  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:04:19.0426 0x0448  nsi - ok
10:04:19.0442 0x0448  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:04:19.0489 0x0448  nsiproxy - ok
10:04:19.0582 0x0448  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:04:19.0723 0x0448  Ntfs - ok
10:04:19.0801 0x0448  [ 14E66F603FB187713AEB02AD3B0390CF, E4025ECBEC50B85E3A860763053243C47E3FCE76F2348429C03827240A8DF3B6 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
10:04:19.0816 0x0448  NTI IScheduleSvc - ok
10:04:19.0863 0x0448  [ FD324CCE1D4D5BB5AF65F8E55B462C7E, 901287499F33EFD3B1EE6CBDAD4E4DD342DC62FCDCCEF5375CB9D7B0673EE1E6 ] NTIBackupSvc    C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
10:04:19.0879 0x0448  NTIBackupSvc - ok
10:04:19.0910 0x0448  [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
10:04:19.0925 0x0448  NTIDrvr - ok
10:04:19.0957 0x0448  [ 3F6268A2EC33CD38CF75C880AF8DED42, 6CA4A527878042C3BB40A7C0F4F9434827C7E60F989EB7C39BBAD0F270404EEE ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
10:04:19.0988 0x0448  NTISchedulerSvc - ok
10:04:20.0003 0x0448  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:04:20.0066 0x0448  Null - ok
10:04:20.0128 0x0448  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:04:20.0159 0x0448  nvraid - ok
10:04:20.0222 0x0448  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:04:20.0237 0x0448  nvstor - ok
10:04:20.0300 0x0448  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:04:20.0315 0x0448  nv_agp - ok
10:04:20.0441 0x0448  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:04:20.0457 0x0448  odserv - ok
10:04:20.0519 0x0448  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:04:20.0535 0x0448  ohci1394 - ok
10:04:20.0613 0x0448  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:04:20.0628 0x0448  ose - ok
10:04:20.0660 0x0448  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:04:20.0722 0x0448  p2pimsvc - ok
10:04:20.0753 0x0448  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:04:20.0784 0x0448  p2psvc - ok
10:04:20.0816 0x0448  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:04:20.0847 0x0448  Parport - ok
10:04:20.0909 0x0448  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:04:20.0940 0x0448  partmgr - ok
10:04:21.0003 0x0448  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:04:21.0034 0x0448  PcaSvc - ok
10:04:21.0128 0x0448  [ 81B5E63131090879AD6EF9F32109B88D, 581680BFE9B2BACBD5E55D807EFB17C69488AE3F5C61358B0955E1494FD3514E ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
10:04:21.0174 0x0448  pccsmcfd - ok
10:04:21.0221 0x0448  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:04:21.0252 0x0448  pci - ok
10:04:21.0315 0x0448  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:04:21.0330 0x0448  pciide - ok
10:04:21.0362 0x0448  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:04:21.0393 0x0448  pcmcia - ok
10:04:21.0408 0x0448  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:04:21.0424 0x0448  pcw - ok
10:04:21.0518 0x0448  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:04:21.0580 0x0448  PEAUTH - ok
10:04:21.0674 0x0448  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:04:21.0705 0x0448  PerfHost - ok
10:04:21.0814 0x0448  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:04:21.0954 0x0448  pla - ok
10:04:22.0017 0x0448  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:04:22.0079 0x0448  PlugPlay - ok
10:04:22.0095 0x0448  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:04:22.0126 0x0448  PNRPAutoReg - ok
10:04:22.0157 0x0448  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:04:22.0173 0x0448  PNRPsvc - ok
10:04:22.0251 0x0448  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:04:22.0313 0x0448  PolicyAgent - ok
10:04:22.0344 0x0448  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:04:22.0407 0x0448  Power - ok
10:04:22.0469 0x0448  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:04:22.0532 0x0448  PptpMiniport - ok
10:04:22.0547 0x0448  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:04:22.0578 0x0448  Processor - ok
10:04:22.0641 0x0448  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:04:22.0703 0x0448  ProfSvc - ok
10:04:22.0719 0x0448  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] ProtectedStorage C:\Windows\system32\lsass.exe
10:04:22.0734 0x0448  ProtectedStorage - ok
10:04:22.0812 0x0448  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:04:22.0875 0x0448  Psched - ok
10:04:22.0984 0x0448  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
10:04:23.0140 0x0448  ql2300 - ok
10:04:23.0187 0x0448  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
10:04:23.0202 0x0448  ql40xx - ok
10:04:23.0249 0x0448  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:04:23.0280 0x0448  QWAVE - ok
10:04:23.0296 0x0448  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:04:23.0327 0x0448  QWAVEdrv - ok
10:04:23.0343 0x0448  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:04:23.0405 0x0448  RasAcd - ok
10:04:23.0436 0x0448  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:04:23.0514 0x0448  RasAgileVpn - ok
10:04:23.0546 0x0448  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:04:23.0592 0x0448  RasAuto - ok
10:04:23.0639 0x0448  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:04:23.0733 0x0448  Rasl2tp - ok
10:04:23.0795 0x0448  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:04:23.0858 0x0448  RasMan - ok
10:04:23.0889 0x0448  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:04:23.0936 0x0448  RasPppoe - ok
10:04:23.0951 0x0448  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:04:23.0998 0x0448  RasSstp - ok
10:04:24.0076 0x0448  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:04:24.0154 0x0448  rdbss - ok
10:04:24.0185 0x0448  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:04:24.0216 0x0448  rdpbus - ok
10:04:24.0232 0x0448  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:04:24.0294 0x0448  RDPCDD - ok
10:04:24.0326 0x0448  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:04:24.0372 0x0448  RDPENCDD - ok
10:04:24.0404 0x0448  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:04:24.0466 0x0448  RDPREFMP - ok
10:04:24.0591 0x0448  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:04:24.0762 0x0448  RDPWD - ok
10:04:24.0872 0x0448  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:04:24.0903 0x0448  rdyboost - ok
10:04:24.0934 0x0448  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:04:24.0981 0x0448  RemoteAccess - ok
10:04:25.0059 0x0448  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:04:25.0121 0x0448  RemoteRegistry - ok
10:04:25.0168 0x0448  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:04:25.0215 0x0448  RpcEptMapper - ok
10:04:25.0230 0x0448  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:04:25.0262 0x0448  RpcLocator - ok
10:04:25.0340 0x0448  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:04:25.0386 0x0448  RpcSs - ok
10:04:25.0418 0x0448  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:04:25.0480 0x0448  rspndr - ok
10:04:25.0527 0x0448  [ 7421A35C45484B95E83B5E9E107CEFC2, 128BB6A7552B9D57284056FB8946A6FE3C620F7B706F709F896828304A6FCD77 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
10:04:25.0542 0x0448  RTHDMIAzAudService - ok
10:04:25.0605 0x0448  [ EA268BCE30691C2DD24F02E617FD2EB5, DD95E7C1C60C773953CE9DB77D8441508CE4A21820AAEDE455A3A6C373278DA4 ] s0016bus        C:\Windows\system32\DRIVERS\s0016bus.sys
10:04:25.0620 0x0448  s0016bus - ok
10:04:25.0652 0x0448  [ F5F9DEB89996D333EF976624D37E24E3, 88DE296EFA6CA2F32318F1807D633C8949D237FB33BA320551B71089CF5EB73B ] s0016mdfl       C:\Windows\system32\DRIVERS\s0016mdfl.sys
10:04:25.0667 0x0448  s0016mdfl - ok
10:04:25.0698 0x0448  [ C17CE2AEE67480FEBCC36ECCB54C0BE8, E13F83608B29988CCDB5A462AA3E56D26222427066651EEDF48223664D3FAFEA ] s0016mdm        C:\Windows\system32\DRIVERS\s0016mdm.sys
10:04:25.0714 0x0448  s0016mdm - ok
10:04:25.0745 0x0448  [ CC267F04C54C5EC5B7BD658D7628469F, 66F2283C8CE15BEED0B933EA82158C91FC77B1BF9FEF057D0E291922D07A8E53 ] s0016mgmt       C:\Windows\system32\DRIVERS\s0016mgmt.sys
10:04:25.0776 0x0448  s0016mgmt - ok
10:04:25.0792 0x0448  [ 30A35BBCE09D9FE67482FD62C61911FC, 8E8B0910F2A4C7DCFF0F8A83AAA8F9B38D53CEB7B7E7DC5B64350A09CBE6F557 ] s0016nd5        C:\Windows\system32\DRIVERS\s0016nd5.sys
10:04:25.0823 0x0448  s0016nd5 - ok
10:04:25.0839 0x0448  [ CA394DCC38579C7AD82E83EE64D798A0, A56DB0C67EF6CF1A95BB8E7FBFFBC7926D3E3A0511DD4389D2002312E72703A9 ] s0016obex       C:\Windows\system32\DRIVERS\s0016obex.sys
10:04:25.0870 0x0448  s0016obex - ok
10:04:25.0886 0x0448  [ EB267CCEA84E6E8598D92F73332AC67B, 3C7F0FDD825D2C50B13E78FB742B09A5E636820C6F47778F1C5E6900B3C9B905 ] s0016unic       C:\Windows\system32\DRIVERS\s0016unic.sys
10:04:25.0917 0x0448  s0016unic - ok
10:04:25.0979 0x0448  [ 032F537623A7B2FB81AAA184C30B70C3, C9E0569322A173D62D357CEA7BFECB0CF9D5817E3AE4B46955760BF98F5D16B3 ] s0017bus        C:\Windows\system32\DRIVERS\s0017bus.sys
10:04:26.0010 0x0448  s0017bus - ok
10:04:26.0073 0x0448  [ 9964A28E569B4FF105B446EF8978FD5C, 7872699B528C31E8B8699B6F8D2127440CD67A3BEAD0E5941BD58FDCD73DBE2C ] s0017mdfl       C:\Windows\system32\DRIVERS\s0017mdfl.sys
10:04:26.0088 0x0448  s0017mdfl - ok
10:04:26.0120 0x0448  [ 06347087D274C23DCFA8C4AB5C4314DB, 757DDAC72524EB59854A05E46A16CE2B0AF0CE1FC411110712576327D3984E91 ] s0017mdm        C:\Windows\system32\DRIVERS\s0017mdm.sys
10:04:26.0135 0x0448  s0017mdm - ok
10:04:26.0198 0x0448  [ F0F0747B3FA50272DE6B1BF575FA4700, FCB9007C630A0FD23CA0A8286BA9E498F6B36F1090F717B4A713286EEC4346C0 ] s0017mgmt       C:\Windows\system32\DRIVERS\s0017mgmt.sys
10:04:26.0229 0x0448  s0017mgmt - ok
10:04:26.0291 0x0448  [ 7224412CEA2FF2DF7D4842C1B0E71045, A2773319909B66F4DEA2E6134BB2723383866A63C482A26E2ADB65F29A405281 ] s0017nd5        C:\Windows\system32\DRIVERS\s0017nd5.sys
10:04:26.0307 0x0448  s0017nd5 - ok
10:04:26.0354 0x0448  [ 3FEADBC7F09B8B596CBFB82F12ABA87F, FBA6209893FF7C07823AB6F89FF7E36CF116C9FE202868DB4289233AF85E659A ] s0017obex       C:\Windows\system32\DRIVERS\s0017obex.sys
10:04:26.0385 0x0448  s0017obex - ok
10:04:26.0447 0x0448  [ 2B63BEA31D939888B2A8F3F14D89B5C1, 0C1333885DB315A63C1FAA53ED2160695F97C1B336B8DA986A48B97F39A46954 ] s0017unic       C:\Windows\system32\DRIVERS\s0017unic.sys
10:04:26.0463 0x0448  s0017unic - ok
10:04:26.0478 0x0448  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] SamSs           C:\Windows\system32\lsass.exe
10:04:26.0494 0x0448  SamSs - ok
10:04:26.0556 0x0448  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:04:26.0572 0x0448  sbp2port - ok
10:04:26.0603 0x0448  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:04:26.0650 0x0448  SCardSvr - ok
10:04:26.0728 0x0448  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:04:26.0775 0x0448  scfilter - ok
10:04:26.0868 0x0448  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
10:04:26.0993 0x0448  Schedule - ok
10:04:27.0040 0x0448  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:04:27.0071 0x0448  SCPolicySvc - ok
10:04:27.0134 0x0448  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:04:27.0180 0x0448  SDRSVC - ok
10:04:27.0227 0x0448  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:04:27.0274 0x0448  secdrv - ok
10:04:27.0321 0x0448  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
10:04:27.0368 0x0448  seclogon - ok
10:04:27.0383 0x0448  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:04:27.0430 0x0448  SENS - ok
10:04:27.0446 0x0448  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:04:27.0461 0x0448  SensrSvc - ok
10:04:27.0508 0x0448  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:04:27.0539 0x0448  Serenum - ok
10:04:27.0555 0x0448  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:04:27.0586 0x0448  Serial - ok
10:04:27.0664 0x0448  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
10:04:27.0695 0x0448  sermouse - ok
10:04:27.0851 0x0448  [ 9D38320BB32230349379DF5DDBBF7FCE, 8AAA8B0B60E65F596C3276DCCD0D8146B40172B6D509B597EDFDA46AC8A72A4C ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
10:04:27.0898 0x0448  ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
10:04:29.0630 0x0448  Detect skipped due to KSN trusted
10:04:29.0630 0x0448  ServiceLayer - ok
10:04:29.0708 0x0448  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:04:29.0754 0x0448  SessionEnv - ok
10:04:29.0801 0x0448  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:04:29.0864 0x0448  sffdisk - ok
10:04:29.0879 0x0448  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:04:29.0926 0x0448  sffp_mmc - ok
10:04:29.0942 0x0448  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:04:29.0973 0x0448  sffp_sd - ok
10:04:29.0988 0x0448  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:04:30.0035 0x0448  sfloppy - ok
10:04:30.0066 0x0448  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:04:30.0144 0x0448  SharedAccess - ok
10:04:30.0207 0x0448  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:04:30.0269 0x0448  ShellHWDetection - ok
10:04:30.0285 0x0448  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:04:30.0300 0x0448  SiSRaid2 - ok
10:04:30.0347 0x0448  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
10:04:30.0363 0x0448  SiSRaid4 - ok
10:04:30.0456 0x0448  [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
10:04:30.0488 0x0448  SkypeUpdate - ok
10:04:30.0503 0x0448  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:04:30.0581 0x0448  Smb - ok
10:04:30.0612 0x0448  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:04:30.0644 0x0448  SNMPTRAP - ok
10:04:30.0675 0x0448  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:04:30.0706 0x0448  spldr - ok
10:04:30.0815 0x0448  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
10:04:30.0862 0x0448  Spooler - ok
10:04:31.0065 0x0448  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:04:31.0190 0x0448  sppsvc - ok
10:04:31.0236 0x0448  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:04:31.0283 0x0448  sppuinotify - ok
10:04:31.0361 0x0448  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:04:31.0424 0x0448  srv - ok
10:04:31.0486 0x0448  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:04:31.0533 0x0448  srv2 - ok
10:04:31.0580 0x0448  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:04:31.0626 0x0448  srvnet - ok
10:04:31.0658 0x0448  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:04:31.0704 0x0448  SSDPSRV - ok
10:04:31.0736 0x0448  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:04:31.0767 0x0448  SstpSvc - ok
10:04:31.0829 0x0448  [ D08FFE34AF5B7AC5F69EEA1E0E8C6ECE, CC43752CE5C879E24229C84443DBEE667CE629ECF992AD0D42F0F77FE04F6751 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
10:04:31.0860 0x0448  ssudmdm - ok
10:04:31.0907 0x0448  [ EF806D212D34B0E173BAEB3564D53E37, 6EF229A7B7AFF0268CDF47B77F961BD44335C3B35499BB00CBA494A22B2BA39E ] ss_bbus         C:\Windows\system32\DRIVERS\ss_bbus.sys
10:04:31.0923 0x0448  ss_bbus - ok
10:04:31.0938 0x0448  [ 08B1B34ABEBEB6AC2DEA06900C56411E, 928EF9B9F194DB07049BA2D7127756B021C2729F562E54F7FECD0F2B2FF5A209 ] ss_bmdfl        C:\Windows\system32\DRIVERS\ss_bmdfl.sys
10:04:31.0970 0x0448  ss_bmdfl - ok
10:04:31.0985 0x0448  [ 71A9DA6BEAA4CB54DFB827FB78600A5D, 6393CA17CF6A6F30447FF599B2D27CAB44BA1A709D986AC5E14463303094BE5F ] ss_bmdm         C:\Windows\system32\DRIVERS\ss_bmdm.sys
10:04:32.0001 0x0448  ss_bmdm - ok
10:04:32.0204 0x0448  [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
10:04:32.0235 0x0448  ss_conn_service - ok
10:04:32.0282 0x0448  [ E57B778208C783D8DEBAB320C16A1B82, D9B0ACAF219D377E91737337466137F1AC78731659C1F0531BA3D9191DADC483 ] StarOpen        C:\Windows\system32\drivers\StarOpen.sys
10:04:32.0297 0x0448  StarOpen - detected UnsignedFile.Multi.Generic ( 1 )
10:04:32.0656 0x0448  Detect skipped due to KSN trusted
10:04:32.0656 0x0448  StarOpen - ok
10:04:32.0703 0x0448  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
10:04:32.0734 0x0448  stexstor - ok
10:04:32.0781 0x0448  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
10:04:32.0828 0x0448  StillCam - ok
10:04:32.0906 0x0448  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:04:32.0999 0x0448  stisvc - ok
10:04:33.0062 0x0448  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:04:33.0077 0x0448  swenum - ok
10:04:33.0124 0x0448  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:04:33.0202 0x0448  swprv - ok
10:04:33.0264 0x0448  [ ED6D1424E5B0C21A57B28DD8508D6843, EF3BBBBD376F22520060BC6D637CDF79E2D8B43A95E746FC1463E7CDC407C2D9 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
10:04:33.0280 0x0448  SynTP - ok
10:04:33.0405 0x0448  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
10:04:33.0514 0x0448  SysMain - ok
10:04:33.0561 0x0448  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:04:33.0592 0x0448  TabletInputService - ok
10:04:33.0670 0x0448  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:04:33.0732 0x0448  TapiSrv - ok
10:04:33.0748 0x0448  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:04:33.0795 0x0448  TBS - ok
10:04:33.0920 0x0448  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:04:34.0060 0x0448  Tcpip - ok
10:04:34.0138 0x0448  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:04:34.0232 0x0448  TCPIP6 - ok
10:04:34.0294 0x0448  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:04:34.0356 0x0448  tcpipreg - ok
10:04:34.0388 0x0448  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:04:34.0434 0x0448  TDPIPE - ok
10:04:34.0481 0x0448  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:04:34.0512 0x0448  TDTCP - ok
10:04:34.0575 0x0448  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:04:34.0622 0x0448  tdx - ok
10:04:34.0840 0x0448  [ 7C8DD5576695B3362202EF09B20C425E, 694A89D6578652A5AFA6C0331A3D76D74C1151BA60FC5B783B2E090BA90FD0CD ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
10:04:34.0934 0x0448  TeamViewer8 - ok
10:04:34.0996 0x0448  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:04:35.0027 0x0448  TermDD - ok
10:04:35.0105 0x0448  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
10:04:35.0183 0x0448  TermService - ok
10:04:35.0261 0x0448  [ 48D9D00C2E0E72C3D4F52772C80355F6, 86F281C7F5FA2FCF1A36C69DD6561531E48483CACB8A873B955F7E93D9A1D259 ] TFsExDisk       C:\Windows\System32\Drivers\TFsExDisk.sys
10:04:35.0277 0x0448  TFsExDisk - ok
10:04:35.0292 0x0448  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:04:35.0324 0x0448  Themes - ok
10:04:35.0339 0x0448  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:04:35.0370 0x0448  THREADORDER - ok
10:04:35.0386 0x0448  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:04:35.0448 0x0448  TrkWks - ok
10:04:35.0526 0x0448  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:04:35.0589 0x0448  TrustedInstaller - ok
10:04:35.0651 0x0448  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:04:35.0682 0x0448  tssecsrv - ok
10:04:35.0745 0x0448  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:04:35.0792 0x0448  TsUsbFlt - ok
10:04:35.0870 0x0448  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:04:35.0932 0x0448  tunnel - ok
10:04:35.0963 0x0448  [ 825E7A1F48FB8BCFBA27C178AAB4E275, 94F039917B52BEFFFE383E14A6169AE81B6E79C30BA7DD017A9CFE15708A1605 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
10:04:35.0979 0x0448  TurboB - ok
10:04:36.0057 0x0448  [ B206BE1174D5964D49A56BB6C4E0524A, 9D7DA11220B69E2EDEA9E55EC0E4CB554DD7F638ABF49B76353CE5A5C75965B8 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
10:04:36.0072 0x0448  TurboBoost - ok
10:04:36.0104 0x0448  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
10:04:36.0119 0x0448  uagp35 - ok
10:04:36.0150 0x0448  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
10:04:36.0182 0x0448  UBHelper - ok
10:04:36.0244 0x0448  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:04:36.0322 0x0448  udfs - ok
10:04:36.0353 0x0448  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:04:36.0384 0x0448  UI0Detect - ok
10:04:36.0400 0x0448  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:04:36.0416 0x0448  uliagpkx - ok
10:04:36.0478 0x0448  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
10:04:36.0525 0x0448  umbus - ok
10:04:36.0556 0x0448  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
10:04:36.0572 0x0448  UmPass - ok
10:04:36.0712 0x0448  [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:04:36.0774 0x0448  UNS - ok
10:04:36.0837 0x0448  [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
10:04:36.0868 0x0448  Updater Service - ok
10:04:36.0899 0x0448  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:04:36.0962 0x0448  upnphost - ok
10:04:37.0024 0x0448  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
10:04:37.0071 0x0448  USBAAPL64 - ok
10:04:37.0102 0x0448  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:04:37.0149 0x0448  usbccgp - ok
10:04:37.0196 0x0448  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:04:37.0242 0x0448  usbcir - ok
10:04:37.0305 0x0448  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
10:04:37.0336 0x0448  usbehci - ok
10:04:37.0352 0x0448  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:04:37.0398 0x0448  usbhub - ok
10:04:37.0445 0x0448  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:04:37.0492 0x0448  usbohci - ok
10:04:37.0523 0x0448  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:04:37.0554 0x0448  usbprint - ok
10:04:37.0617 0x0448  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
10:04:37.0664 0x0448  usbscan - ok
10:04:37.0695 0x0448  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:04:37.0742 0x0448  USBSTOR - ok
10:04:37.0788 0x0448  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:04:37.0820 0x0448  usbuhci - ok
10:04:37.0898 0x0448  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
10:04:37.0960 0x0448  usbvideo - ok
10:04:37.0976 0x0448  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:04:38.0022 0x0448  UxSms - ok
10:04:38.0069 0x0448  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] VaultSvc        C:\Windows\system32\lsass.exe
10:04:38.0085 0x0448  VaultSvc - ok
10:04:38.0147 0x0448  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:04:38.0163 0x0448  vdrvroot - ok
10:04:38.0241 0x0448  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:04:38.0319 0x0448  vds - ok
10:04:38.0350 0x0448  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:04:38.0381 0x0448  vga - ok
10:04:38.0397 0x0448  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:04:38.0444 0x0448  VgaSave - ok
10:04:38.0490 0x0448  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:04:38.0522 0x0448  vhdmp - ok
10:04:38.0584 0x0448  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:04:38.0600 0x0448  viaide - ok
10:04:38.0631 0x0448  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:04:38.0646 0x0448  volmgr - ok
10:04:38.0724 0x0448  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:04:38.0756 0x0448  volmgrx - ok
10:04:38.0818 0x0448  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:04:38.0849 0x0448  volsnap - ok
10:04:38.0896 0x0448  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
10:04:38.0912 0x0448  vsmraid - ok
10:04:39.0036 0x0448  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:04:39.0224 0x0448  VSS - ok
10:04:39.0239 0x0448  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:04:39.0286 0x0448  vwifibus - ok
10:04:39.0302 0x0448  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:04:39.0348 0x0448  vwififlt - ok
10:04:39.0364 0x0448  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
10:04:39.0411 0x0448  vwifimp - ok
10:04:39.0458 0x0448  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:04:39.0520 0x0448  W32Time - ok
10:04:39.0551 0x0448  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
10:04:39.0598 0x0448  WacomPen - ok
10:04:39.0660 0x0448  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:04:39.0723 0x0448  WANARP - ok
10:04:39.0738 0x0448  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:04:39.0785 0x0448  Wanarpv6 - ok
10:04:39.0894 0x0448  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:04:40.0019 0x0448  wbengine - ok
10:04:40.0050 0x0448  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:04:40.0097 0x0448  WbioSrvc - ok
10:04:40.0144 0x0448  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:04:40.0206 0x0448  wcncsvc - ok
10:04:40.0222 0x0448  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:04:40.0253 0x0448  WcsPlugInService - ok
10:04:40.0284 0x0448  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
10:04:40.0300 0x0448  Wd - ok
10:04:40.0394 0x0448  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:04:40.0472 0x0448  Wdf01000 - ok
10:04:40.0534 0x0448  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:04:40.0581 0x0448  WdiServiceHost - ok
10:04:40.0596 0x0448  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:04:40.0612 0x0448  WdiSystemHost - ok
10:04:40.0659 0x0448  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
10:04:40.0690 0x0448  WebClient - ok
10:04:40.0721 0x0448  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:04:40.0784 0x0448  Wecsvc - ok
10:04:40.0799 0x0448  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:04:40.0846 0x0448  wercplsupport - ok
10:04:40.0908 0x0448  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:04:40.0955 0x0448  WerSvc - ok
10:04:41.0002 0x0448  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:04:41.0049 0x0448  WfpLwf - ok
10:04:41.0064 0x0448  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:04:41.0096 0x0448  WIMMount - ok
10:04:41.0111 0x0448  WinDefend - ok
10:04:41.0127 0x0448  WinHttpAutoProxySvc - ok
10:04:41.0189 0x0448  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:04:41.0252 0x0448  Winmgmt - ok
10:04:41.0376 0x0448  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:04:41.0517 0x0448  WinRM - ok
10:04:41.0626 0x0448  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:04:41.0657 0x0448  WinUsb - ok
10:04:41.0720 0x0448  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:04:41.0813 0x0448  Wlansvc - ok
10:04:41.0969 0x0448  [ E23A257A54FA12C2AEF8AD51E6556357, 003C6BD755AE143F13AA633F286A974AE9644631B070DB103B8574EEDE358B7E ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:04:42.0032 0x0448  wlidsvc - ok
10:04:42.0125 0x0448  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:04:42.0172 0x0448  WmiAcpi - ok
10:04:42.0203 0x0448  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:04:42.0234 0x0448  wmiApSrv - ok
10:04:42.0266 0x0448  WMPNetworkSvc - ok
10:04:42.0297 0x0448  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:04:42.0328 0x0448  WPCSvc - ok
10:04:42.0390 0x0448  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:04:42.0422 0x0448  WPDBusEnum - ok
10:04:42.0453 0x0448  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:04:42.0515 0x0448  ws2ifsl - ok
10:04:42.0531 0x0448  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:04:42.0562 0x0448  wscsvc - ok
10:04:42.0562 0x0448  WSearch - ok
10:04:42.0702 0x0448  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:04:42.0890 0x0448  wuauserv - ok
10:04:42.0921 0x0448  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:04:42.0983 0x0448  WudfPf - ok
10:04:43.0077 0x0448  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:04:43.0139 0x0448  WUDFRd - ok
10:04:43.0186 0x0448  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:04:43.0233 0x0448  wudfsvc - ok
10:04:43.0280 0x0448  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:04:43.0311 0x0448  WwanSvc - ok
10:04:43.0389 0x0448  [ 74983ADDCA2D9618512C088D856D6615, C4592EFC1206BD813221814FD529AD38ED26E4AE086613EB95D3D5E20448A1F0 ] {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl
10:04:43.0404 0x0448  {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
10:04:43.0451 0x0448  ================ Scan global ===============================
10:04:43.0514 0x0448  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
10:04:43.0576 0x0448  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
10:04:43.0592 0x0448  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
10:04:43.0607 0x0448  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:04:43.0685 0x0448  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
10:04:43.0701 0x0448  [ Global ] - ok
10:04:43.0701 0x0448  ================ Scan MBR ==================================
10:04:43.0779 0x0448  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
10:04:44.0184 0x0448  \Device\Harddisk0\DR0 - ok
10:04:44.0184 0x0448  ================ Scan VBR ==================================
10:04:44.0184 0x0448  [ C1FE70E64E8C352417A3DEF595411784 ] \Device\Harddisk0\DR0\Partition1
10:04:44.0184 0x0448  \Device\Harddisk0\DR0\Partition1 - ok
10:04:44.0184 0x0448  [ CDF33B48002AA43EC9B01D0BC2DB39E9 ] \Device\Harddisk0\DR0\Partition2
10:04:44.0184 0x0448  \Device\Harddisk0\DR0\Partition2 - ok
10:04:44.0200 0x0448  ================ Scan generic autorun ======================
10:04:44.0262 0x0448  [ 42EB7A79867ED8AD99349FF0F0A7F39A, AF289350D625123BB697532B53A35B48D574ADB9861A288DA68F8EC2AB6F2E3A ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
10:04:44.0294 0x0448  AmIcoSinglun64 - detected UnsignedFile.Multi.Generic ( 1 )
10:04:44.0434 0x0448  Detect skipped due to KSN trusted
10:04:44.0434 0x0448  AmIcoSinglun64 - ok
10:04:44.0496 0x0448  [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
10:04:44.0512 0x0448  IAAnotif - ok
10:04:44.0559 0x0448  [ 3F09D12C0DF3BFF61E80309063F165D2, BE2EDF10141094112EE79A457E6C0B547C2F424E9ADEC3F5C89F6B2604F8288D ] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
10:04:44.0590 0x0448  mwlDaemon - ok
10:04:44.0886 0x0448  [ 0D7CF635D9888072015EBE3B232DFB99, 25F8BB678DA47D4C7D002964597A04EE651E1492C43C217E3987FBC8DA66FDE6 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
10:04:45.0105 0x0448  RtHDVCpl - ok
10:04:45.0167 0x0448  [ FBFA45B2D8ABB107C79E0CA0F8ED0A6D, 4D00D414C0205A0BDBB570B158EF841CD5DC4C8E2A2A1AC582E27A663F46388D ] C:\Windows\PLFSetI.exe
10:04:45.0183 0x0448  PLFSetI - detected UnsignedFile.Multi.Generic ( 1 )
10:04:46.0868 0x0448  Detect skipped due to KSN trusted
10:04:46.0868 0x0448  PLFSetI - ok
10:04:46.0868 0x0448  SynTPEnh - ok
10:04:46.0992 0x0448  [ E64270B5DB7218E60AD62ED0C52E3A09, E9CC0CA9A19868C34EC782FA9F45617DB81C791393BED68EBF8E38BE2C27F8FA ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
10:04:47.0024 0x0448  Acer ePower Management - ok
10:04:47.0024 0x0448  LXCCCATS - ok
10:04:47.0117 0x0448  [ AE5C504605722EE76538CB026D44C135, 0938145EBF7736C833AD3ED2F548A317CDCEBE79608E41EAB469E6E557E7F69B ] C:\Program Files (x86)\Lexmark 3300 Series\lxccmon.exe
10:04:47.0133 0x0448  lxccmon.exe - ok
10:04:47.0148 0x0448  [ 306FE8EB65C06C0DB13BA25850F961BA, EA89800587BD437212DDFEBDDC1C6E33EF33484EF7CEED218414B3F55B55D5D9 ] C:\Program Files (x86)\Lexmark 3300 Series\ezprint.exe
10:04:47.0164 0x0448  EzPrint - ok
10:04:47.0258 0x0448  [ 1BF113E377E570DB915EE7D228E594D6, FF4D198D412CA21C49E0A3E6FE52EAD69786B305429095B5BD25CB4FAFD33B51 ] C:\Program Files\iTunes\iTunesHelper.exe
10:04:47.0273 0x0448  iTunesHelper - ok
10:04:47.0367 0x0448  [ 9713EB9E1CBC6803E8D088311F5E10F4, F724103C4E808AE49419829E9D1478ECD6D929DC9C81F39C94F0CB391623E0DE ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
10:04:47.0382 0x0448  BackupManagerTray - ok
10:04:47.0414 0x0448  [ EF533F9D1E4F51C783D4349A7C3F518F, 5A4B84CFC96F13AF4B5EC1F693152A37DA37FC08150EE37913EC5D6EEEFD490E ] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
10:04:47.0429 0x0448  EgisTecLiveUpdate - ok
10:04:47.0492 0x0448  [ 56D1890D74A8999F756E338210846AF1, 9A5F771B4665D3735B04DD5FBDCED18B1BE99CD97AD4F92B3835CC51E3F5E191 ] C:\Program Files (x86)\Launch Manager\LManager.exe
10:04:47.0538 0x0448  LManager - ok
10:04:47.0585 0x0448  [ B569E48B3A30E24601FCE6C98501E383, 7F147961F74AFEB9D0150050844C13AB10A167F65B01337C2F7179C56BFF563B ] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
10:04:47.0616 0x0448  ArcadeDeluxeAgent - ok
10:04:47.0632 0x0448  [ EA96FBD8C937FBA76E48EF0A820C4B18, D0A3BFAFFAAAC837A83922FF9DDF9CF135F320278F124762BE96EE8FFF90C8D8 ] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
10:04:47.0648 0x0448  PlayMovie - ok
10:04:47.0710 0x0448  [ 4EC4260D778FB923BA1AB697AFF6C0E3, 72372369153F675C26F938C5106BFD8704FC518348BC95961214B76DECB68689 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
10:04:47.0741 0x0448  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
10:04:47.0960 0x0448  Detect skipped due to KSN trusted
10:04:47.0960 0x0448  StartCCC - ok
10:04:48.0069 0x0448  [ 42CDFB2273EEC623B903C311B19FB484, D0FF021BF53FB6CB994D2455D9B5AE69EC2990216738424731D5EAFBA8EE8506 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
10:04:48.0084 0x0448  AppleSyncNotifier - ok
10:04:48.0147 0x0448  [ 9F3B239443E7AF5840454D8D3A0772CF, 82E135AA844B3170D030CE27259BF7BACBA1FA18670C10B74BD3F402CA9AD29E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
10:04:48.0162 0x0448  APSDaemon - ok
10:04:48.0225 0x0448  [ 887E31727394E2998A471A01A521EAB4, E68D0C778BAAB307E6BDDA151787D31FC16AD83ADE3FE848353998D111A9AC0C ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
10:04:48.0240 0x0448  DivXMediaServer - detected UnsignedFile.Multi.Generic ( 1 )
10:04:49.0941 0x0448  Detect skipped due to KSN trusted
10:04:49.0941 0x0448  DivXMediaServer - ok
10:04:50.0066 0x0448  [ C7F05A3FD4A8DC4EE7A7866876E1534C, 03B8D0E44DC4EF0051B791FCADBADA4589E643436EF76F4A62C14979E7D0E9DA ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
10:04:50.0112 0x0448  DivXUpdate - ok
10:04:50.0190 0x0448  [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe
10:04:50.0222 0x0448  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
10:04:50.0502 0x0448  Detect skipped due to KSN trusted
10:04:50.0502 0x0448  QuickTime Task - ok
10:04:50.0955 0x0448  [ CE99AA11D0274BE5BDEF3991508852E9, C129B50010508603C6F2CDB4442ACA4E7FC6CD44DBDB6153D5E1D37E1BC32036 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
10:04:51.0267 0x0448  AvastUI.exe - ok
10:04:51.0360 0x0448  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
10:04:51.0360 0x0448  HP Software Update - ok
10:04:51.0485 0x0448  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:04:51.0594 0x0448  Sidebar - ok
10:04:51.0626 0x0448  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:04:51.0657 0x0448  mctadmin - ok
10:04:51.0704 0x0448  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:04:51.0750 0x0448  Sidebar - ok
10:04:51.0750 0x0448  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:04:51.0782 0x0448  mctadmin - ok
10:04:52.0140 0x0448  [ 2269768074F6A93E454BA384ED9652E2, 3BB698018941471327A3031CC0F4011D69EBA03B00E9E6F2D99922639DCCDA59 ] C:\Program Files\CCleaner\CCleaner64.exe
10:04:52.0390 0x0448  CCleaner Monitoring - ok
10:04:52.0780 0x0448  [ 2269768074F6A93E454BA384ED9652E2, 3BB698018941471327A3031CC0F4011D69EBA03B00E9E6F2D99922639DCCDA59 ] C:\Program Files\CCleaner\CCleaner64.exe
10:04:53.0030 0x0448  CCleaner - ok
10:04:53.0232 0x0448  [ 501E808B5832505C51F539874E586353, 2F0C36BBB52052DD86E31BD7E0D3B7DD3BB7CF84E212900518E9CBE0C935DC43 ] C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe
10:04:53.0326 0x0448  HP Officejet Pro 8610 (NET) - ok
10:04:53.0529 0x0448  [ 445697F20D7BD3BB3B7C40741DBEAF0C, F40B9F9A71EF15325D1DB8E845878086D88EDB5997A9A44153B1C848E0F352A3 ] C:\Users\Christian\AppData\Roaming\Browser-Security\s4400.exe
10:04:53.0872 0x0448  safe_urls4400 - ok
10:04:53.0872 0x0448  Waiting for KSN requests completion. In queue: 156
10:04:54.0902 0x0448  AV detected via SS2: Avast Antivirus, C:\Program Files\AVAST Software\Avast\wsc_proxy.exe ( 12.3.3154.0 ), 0x41000 ( enabled : updated )
10:04:54.0902 0x0448  FW detected via SS2: Avast Antivirus, C:\Program Files\AVAST Software\Avast\wsc_proxy.exe ( 12.3.3154.0 ), 0x41010 ( enabled )
10:05:05.0572 0x0448  ============================================================
10:05:05.0572 0x0448  Scan finished
10:05:05.0572 0x0448  ============================================================
10:05:05.0572 0x16a8  Detected object count: 0
10:05:05.0572 0x16a8  Actual detected object count: 0
         

Alt 24.01.2017, 10:48   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
s4400.exe im Autostart gefunden - Standard

s4400.exe im Autostart gefunden



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 24.01.2017, 21:32   #8
Chris1910
 
s4400.exe im Autostart gefunden - Standard

s4400.exe im Autostart gefunden



Code:
ATTFilter
# AdwCleaner v6.042 - Bericht erstellt am 24/01/2017 um 21:02:32
# Aktualisiert am 06/01/2017 von Malwarebytes
# Datenbank : 2017-01-24.2 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : Christian - CHRISTIANS
# Gestartet von : C:\Users\Christian\Desktop\AdwCleaner_6.042.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Christian\AppData\Local\eSupport.com
[-] Ordner gelöscht: C:\Users\Christian\AppData\Roaming\Browser-Security
[-] Ordner gelöscht: C:\Users\Christian\AppData\Roaming\dvdvideosoftiehelpers
[-] Ordner gelöscht: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default\FoxTab
[-] Ordner gelöscht: C:\ProgramData\Partner
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Partner


***** [ Dateien ] *****

[-] Datei gelöscht: C:\END
[-] Datei gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
[-] Datei gelöscht: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default\extensions\{b64d9b05-48e1-4ceb-bf58-e0643994e900}.xpi
[-] Datei gelöscht: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default\extensions\firefox@browser-security.de.xpi
[-] Datei gelöscht: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default\searchplugins\Search Provided by Yahoo.xml
[-] Datei gelöscht: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\t10hag4n.default\searchplugins\Search Provided by Yahoo.xml


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Wert gelöscht: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Schlüssel gelöscht: HKU\S-1-5-21-3681001805-2050292409-840652081-1000\Software\Conduit
[-] Schlüssel gelöscht: HKU\S-1-5-21-3681001805-2050292409-840652081-1000\Software\eSupport.com
[-] Schlüssel gelöscht: HKU\S-1-5-21-3681001805-2050292409-840652081-1000\Software\PRODUCTSETUP
[-] Schlüssel gelöscht: HKU\S-1-5-21-3681001805-2050292409-840652081-1000\Software\Softonic
[-] Schlüssel gelöscht: HKU\S-1-5-21-3681001805-2050292409-840652081-1000\Software\YahooPartnerToolbar
[-] Schlüssel gelöscht: HKU\S-1-5-21-3681001805-2050292409-840652081-1000\Software\csastats
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Conduit
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\eSupport.com
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\PRODUCTSETUP
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\YahooPartnerToolbar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\csastats
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Conduit
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser-Security
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\yahooprovidedsearch
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Conduit
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\eSupport.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\PRODUCTSETUP
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\YahooPartnerToolbar
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\csastats
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
[-] Daten  wiederhergestellt: HKU\S-1-5-21-3681001805-2050292409-840652081-1000\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] 
[-] Schlüssel gelöscht: HKU\S-1-5-21-3681001805-2050292409-840652081-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
[-] Daten  wiederhergestellt: HKU\S-1-5-21-3681001805-2050292409-840652081-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
[-] Daten  wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
[-] Daten  wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Wert gelöscht: HKU\S-1-5-21-3681001805-2050292409-840652081-1000\Software\Microsoft\Windows\CurrentVersion\Run [safe_urls4400]
[#] Wert mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [safe_urls4400]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [safe_urls4400]


***** [ Browser ] *****

[-] Firefox Einstellungen bereinigt: "browser.search.defaultenginename" -  "Search Provided by Yahoo"
[-] Firefox Einstellungen bereinigt: "browser.search.selectedEngine" -  "Search Provided by Yahoo"
[-] Firefox Einstellungen bereinigt: "browser.search.defaultenginename" -  "Search Provided by Yahoo"
[-] Firefox Einstellungen bereinigt: "browser.search.selectedEngine" -  "Search Provided by Yahoo"
[-] Firefox Einstellungen bereinigt: "browser.startup.homepage" -  "hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_17&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0FtDyB0B0C0ByEyCtByC0B0A0EyCyE0EtN0D0Tzu0StCyDzztBtN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDyBtDyEtB0D0B0CtGtB0EyCyBtG0EtDzz0CtGtD0CyB0DtG0E0ByDyByEtBzz0A0ByC0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyDzzyCtA0ByE0FtGyE0AyDzztGyEyB0C0BtGzz0C0DtAtGtB0B0DtAtCzzyD0EyDyDtA0E2QtN0A0LzuyE%26cr%3D527851893%26a%3Dwncy_ir_16_17%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium"


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [7627 Bytes] - [24/01/2017 21:02:32]
C:\AdwCleaner\AdwCleaner[S0].txt - [7693 Bytes] - [24/01/2017 20:57:04]
C:\AdwCleaner\AdwCleaner[S1].txt - [7765 Bytes] - [24/01/2017 21:01:27]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [7846 Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Home Premium x64 
Ran by Christian (Administrator) on 24.01.2017 at 21:20:30,74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 147 

Successfully deleted: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default\user.js (File) 
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Program Files (x86)\GUT8B60.tmp (File) 
Successfully deleted: C:\Program Files (x86)\GUTC4E5.tmp (File) 
Successfully deleted: C:\ProgramData\SPL27DA.tmp (File) 
Successfully deleted: C:\ProgramData\SPL2DD5.tmp (File) 
Successfully deleted: C:\ProgramData\SPL3766.tmp (File) 
Successfully deleted: C:\ProgramData\SPL4635.tmp (File) 
Successfully deleted: C:\ProgramData\SPL4E52.tmp (File) 
Successfully deleted: C:\ProgramData\SPL5428.tmp (File) 
Successfully deleted: C:\ProgramData\SPL54CE.tmp (File) 
Successfully deleted: C:\ProgramData\SPL558F.tmp (File) 
Successfully deleted: C:\ProgramData\SPL5FC0.tmp (File) 
Successfully deleted: C:\ProgramData\SPL6E44.tmp (File) 
Successfully deleted: C:\ProgramData\SPL82C7.tmp (File) 
Successfully deleted: C:\ProgramData\SPL9039.tmp (File) 
Successfully deleted: C:\ProgramData\SPL978D.tmp (File) 
Successfully deleted: C:\ProgramData\SPL9D76.tmp (File) 
Successfully deleted: C:\ProgramData\SPLA8B1.tmp (File) 
Successfully deleted: C:\ProgramData\SPLA902.tmp (File) 
Successfully deleted: C:\ProgramData\SPLC531.tmp (File) 
Successfully deleted: C:\ProgramData\SPLCC4E.tmp (File) 
Successfully deleted: C:\ProgramData\SPLD5F3.tmp (File) 
Successfully deleted: C:\ProgramData\SPLD652.tmp (File) 
Successfully deleted: C:\ProgramData\SPLE227.tmp (File) 
Successfully deleted: C:\ProgramData\SPLE5B6.tmp (File) 
Successfully deleted: C:\ProgramData\SPLF90F.tmp (File) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01Z09SPD (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0A826BAW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0GMZESK5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0IJ3D0V6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0OD7K4NH (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\191ZQVP1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FSNFDR8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1H7UQ3AV (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2AZQGCMA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2KHO5TS4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2NV7RPY9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3P90R0E8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3Z0RUFZ1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4084OBHP (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\532AAGP0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5VJ38EXN (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6GL0B9ES (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73DGG2H5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7D17GO51 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7FK1BP1H (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8IV3M4IR (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\90X3N4DS (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9Q3OUCNH (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A84RTQYQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A9OU81IO (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ASLNKI1A (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AXA1VBFU (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C1T34XBO (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CCRJ9JTO (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D19O4QA3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DSUQ3OAB (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZR17FM0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G3CMGA0G (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G6RSOJJN (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HY1KJQ8A (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IH6B7C0M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J1ZG78US (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JM9C8LB3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KQSOW87W (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KVP2TZKT (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M76BTOLA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MAHQ1SCU (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MSTXO507 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OBZIW9Y7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PG1J5194 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PSST1AAX (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q2U68E20 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3BVI6DU (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S9JA0PEG (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T0HJ1EQX (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V8G4MTV7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VM2SJ1KK (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WMQ5A2VX (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WOI7OKZG (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YDV5WCN4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Christian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YV84R9BJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01Z09SPD (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0A826BAW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0GMZESK5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0IJ3D0V6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0OD7K4NH (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\191ZQVP1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FSNFDR8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1H7UQ3AV (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2AZQGCMA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2KHO5TS4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2NV7RPY9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3P90R0E8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3Z0RUFZ1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4084OBHP (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\532AAGP0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5VJ38EXN (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6GL0B9ES (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73DGG2H5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7D17GO51 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7FK1BP1H (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8IV3M4IR (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\90X3N4DS (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9Q3OUCNH (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A84RTQYQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A9OU81IO (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ASLNKI1A (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AXA1VBFU (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C1T34XBO (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CCRJ9JTO (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D19O4QA3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DSUQ3OAB (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZR17FM0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G3CMGA0G (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G6RSOJJN (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HY1KJQ8A (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IH6B7C0M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J1ZG78US (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JM9C8LB3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KQSOW87W (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KVP2TZKT (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M76BTOLA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MAHQ1SCU (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MSTXO507 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OBZIW9Y7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PG1J5194 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PSST1AAX (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q2U68E20 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3BVI6DU (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S9JA0PEG (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T0HJ1EQX (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V8G4MTV7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VM2SJ1KK (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WMQ5A2VX (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WOI7OKZG (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YDV5WCN4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YV84R9BJ (Temporary Internet Files Folder) 



Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.01.2017 at 21:23:28,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 28.01.2017, 10:46   #9
Chris1910
 
s4400.exe im Autostart gefunden - Standard

s4400.exe im Autostart gefunden



Hallo cosinus,
Sind wir durch oder gibt es noch was zu tun?

Alt 29.01.2017, 12:57   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
s4400.exe im Autostart gefunden - Standard

s4400.exe im Autostart gefunden



Wir haben leider noch ne ältere Anleitung vom adwCleaner, bitte nochmal ausführen und so einstellen:

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.01.2017, 20:40   #11
Chris1910
 
s4400.exe im Autostart gefunden - Standard

s4400.exe im Autostart gefunden



Nichts gefunden!

Code:
ATTFilter
# AdwCleaner v6.043 - Bericht erstellt am 31/01/2017 um 20:36:30
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-01-30.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : Christian - CHRISTIANS
# Gestartet von : C:\Users\Christian\Desktop\AdwCleaner_6.043.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Keine schädlichen Ordner gefunden.


***** [ Dateien ] *****

Keine schädlichen Dateien gefunden.


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [7989 Bytes] - [24/01/2017 21:02:32]
C:\AdwCleaner\AdwCleaner[S0].txt - [7693 Bytes] - [24/01/2017 20:57:04]
C:\AdwCleaner\AdwCleaner[S1].txt - [7765 Bytes] - [24/01/2017 21:01:27]
C:\AdwCleaner\AdwCleaner[S2].txt - [1437 Bytes] - [31/01/2017 20:36:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1510 Bytes] ##########
         

Alt 01.02.2017, 01:06   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
s4400.exe im Autostart gefunden - Standard

s4400.exe im Autostart gefunden



Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 01.02.2017, 06:29   #13
Chris1910
 
s4400.exe im Autostart gefunden - Standard

s4400.exe im Autostart gefunden



Hab die andere Haken bzgl. Ausnahmen so gelassen wie sie waren...

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
durchgeführt von Christian (Administrator) auf CHRISTIANS (01-02-2017 06:18:47)
Gestartet von C:\Users\Christian\Downloads
Geladene Profile: Christian (Verfügbare Profile: Christian & Chris)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
( ) C:\Windows\System32\lxcccoms.exe
() C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark 3300 Series\lxccmon.exe
(Lexmark International Inc.) C:\Program Files (x86)\Lexmark 3300 Series\ezprint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Geek Software GmbH) C:\Program Files (x86)\pdf24\pdf24.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-07-22] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-11] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-29] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2010-03-27] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [LXCCCATS] => rundll32 C:\Windows\system32\spool\DRIVERS\x64\3\LXCCtime.dll,RunDLLEntry
HKLM\...\Run: [lxccmon.exe] => C:\Program Files (x86)\Lexmark 3300 Series\lxccmon.exe [205744 2007-05-11] (Lexmark International, Inc.)
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark 3300 Series\ezprint.exe [103344 2007-05-11] (Lexmark International Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-25] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-29] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-11-12] (Acer Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2017-01-04] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\pdf24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\MountPoints2: G - G:\laucher.exe
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\MountPoints2: H - H:\laucher.exe
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\MountPoints2: {0db01714-473d-11e0-8913-00262d99e8fd} - G:\laucher.exe
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\MountPoints2: {8faacd50-39a9-11df-90b2-806e6f6e6963} - D:\index.exe
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [438272 2009-07-08] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-01-04] (AVAST Software)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-11] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-09-11] (Egis Technology Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{90C2A999-56B9-4318-8ACA-7CE488E4188D}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-3681001805-2050292409-840652081-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3681001805-2050292409-840652081-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE375
SearchScopes: HKU\S-1-5-21-3681001805-2050292409-840652081-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO-x32: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-01-04] (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Keine Datei
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-3681001805-2050292409-840652081-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default [2017-01-31]
FF NewTab: Mozilla\Firefox\Profiles\ocnhs87e.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\ocnhs87e.default -> www.google.com
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default\searchplugins\bing-avast.xml [2014-06-11]
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default\searchplugins\google-images.xml [2014-11-10]
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default\searchplugins\google-maps.xml [2014-11-10]
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default\searchplugins\youtube.xml [2016-01-11]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-11-19] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-11-19] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-07]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-01-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ocnhs87e.default\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-12-27] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-03-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-03-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-03-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-03-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-03-04] (Apple Inc.)

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2017-01-04] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2017-01-04] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2012-09-18] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2012-09-18] (BlueStack Systems, Inc.)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [1283376 2017-01-09] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 lxcc_device; C:\Windows\system32\lxcccoms.exe [566704 2007-03-26] ( )
R2 lxcc_device; C:\Windows\SysWOW64\lxcccoms.exe [537520 2007-03-26] ( )
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 NMSAccess; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [125512 2010-12-01] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [125512 2010-12-01] (SlySoft, Inc.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2017-01-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2017-01-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2017-01-04] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [28312 2016-05-18] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [453192 2017-01-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2017-01-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2017-01-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2017-01-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2017-01-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2017-01-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2017-01-04] (AVAST Software)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2012-09-18] (BlueStack Systems)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-03-29] (DT Soft Ltd)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5504 2009-11-12] () [Datei ist nicht signiert]
S3 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2010-11-21] () [Datei ist nicht signiert]
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl [146928 2009-11-12] (CyberLink Corp.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-31 20:33 - 2017-01-31 20:33 - 04015056 _____ C:\Users\Christian\Desktop\AdwCleaner_6.043.exe
2017-01-24 21:23 - 2017-01-24 21:23 - 00022223 _____ C:\Users\Christian\Desktop\JRT.txt
2017-01-24 21:18 - 2017-01-24 21:18 - 00007992 _____ C:\Users\Christian\Desktop\AdwCleaner[C0].txt
2017-01-24 20:55 - 2017-01-31 20:36 - 00000000 ____D C:\AdwCleaner
2017-01-24 20:50 - 2017-01-24 20:50 - 01663040 _____ (Malwarebytes) C:\Users\Christian\Desktop\JRT.exe
2017-01-24 10:01 - 2017-01-24 10:09 - 00233976 _____ C:\TDSSKiller.3.1.0.12_24.01.2017_10.01.15_log.txt
2017-01-24 10:00 - 2017-01-24 10:00 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Christian\Downloads\tdsskiller.exe
2017-01-23 20:39 - 2017-01-24 08:05 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-01-23 20:39 - 2017-01-23 20:39 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-23 20:39 - 2017-01-23 20:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-23 20:38 - 2017-01-24 08:05 - 00000000 ____D C:\Users\Christian\Desktop\mbar
2017-01-23 20:38 - 2017-01-23 20:38 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-01-23 20:36 - 2017-01-23 20:36 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Christian\Downloads\mbar-1.09.3.1001.exe
2017-01-22 10:53 - 2017-01-24 20:40 - 00000000 ____D C:\Users\Christian\Downloads\Baustelle
2017-01-21 23:35 - 2017-01-21 23:36 - 00029563 _____ C:\Users\Christian\Desktop\logfiles.zip
2017-01-21 23:24 - 2017-01-21 23:24 - 00029563 _____ C:\Users\Christian\Documents\MeineZip.zip
2017-01-21 22:51 - 2017-01-21 22:51 - 00008192 ___SH C:\Users\Christian\AppData\Roaming\Thumbs.db
2017-01-21 21:37 - 2017-02-01 06:17 - 00000000 ____D C:\Users\Christian\Downloads\FRST-OlderVersion
2017-01-19 15:20 - 2017-01-19 15:20 - 00000974 _____ C:\Users\Public\Desktop\Pixum Fotoimporter.lnk
2017-01-19 15:20 - 2017-01-19 15:20 - 00000959 _____ C:\Users\Public\Desktop\Pixum Fotoschau.lnk
2017-01-19 15:20 - 2017-01-19 15:20 - 00000954 _____ C:\Users\Public\Desktop\Pixum Fotowelt.lnk
2017-01-19 15:20 - 2017-01-19 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixum Fotowelt
2017-01-19 15:12 - 2017-01-19 15:12 - 00000000 ____D C:\Program Files\Pixum
2017-01-19 15:09 - 2017-01-19 15:09 - 01629912 _____ C:\Users\Christian\Downloads\setup_Pixum_Fotowelt.exe
2017-01-14 14:29 - 2017-01-14 14:29 - 00038650 _____ C:\Users\Christian\Desktop\Addition_1.txt
2017-01-14 14:26 - 2017-01-14 14:26 - 00061076 _____ C:\Users\Christian\Desktop\FRST_1.txt
2017-01-14 14:16 - 2017-01-21 21:44 - 00038018 _____ C:\Users\Christian\Downloads\Addition.txt
2017-01-14 14:11 - 2017-02-01 06:19 - 00026223 _____ C:\Users\Christian\Downloads\FRST.txt
2017-01-14 14:11 - 2017-02-01 06:18 - 00000000 ____D C:\FRST
2017-01-14 14:11 - 2017-02-01 06:17 - 02420736 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2017-01-14 10:05 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-01-14 10:05 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-01-14 10:05 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-01-14 10:05 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-01-14 10:05 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-01-14 10:05 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-01-14 10:05 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-01-14 10:05 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-01-14 10:05 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-01-14 10:05 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-01-14 10:05 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-01-14 10:05 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-01-14 10:05 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-01-14 10:05 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-01-14 10:05 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-01-14 10:05 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-01-14 10:05 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-01-14 10:05 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-01-14 10:05 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-01-14 10:05 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-01-14 10:05 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-01-14 10:05 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-01-14 10:05 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-01-14 10:05 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-01-14 10:05 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-01-14 10:05 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-01-14 10:05 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-01-14 10:05 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-01-14 10:05 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-01-14 10:05 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-01-14 10:05 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-01-14 10:05 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-01-14 10:05 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-01-14 10:05 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-01-14 10:05 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-01-14 10:05 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-01-14 10:05 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-01-14 10:05 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-01-14 10:05 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-01-14 10:05 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-01-14 10:05 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-01-14 10:05 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-01-14 10:05 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-01-14 10:05 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-01-14 10:05 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-01-14 10:05 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-01-14 10:05 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-01-14 10:05 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-01-14 10:05 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-01-14 10:05 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-01-14 10:05 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-01-14 10:05 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-01-14 10:05 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-01-14 10:05 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-01-14 10:05 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-01-14 10:05 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-01-14 10:05 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-01-14 10:05 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-01-14 10:05 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-01-14 10:05 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-01-14 10:05 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-01-14 10:05 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-01-14 10:05 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-01-14 10:05 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-01-14 10:05 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-01-14 10:05 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-01-14 10:05 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-01-14 10:05 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2017-01-14 10:05 - 2016-09-12 20:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-01-14 10:05 - 2016-09-12 19:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-01-14 10:05 - 2016-09-12 19:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-01-14 10:05 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-01-14 10:05 - 2016-08-12 18:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-01-14 10:05 - 2016-08-12 17:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-01-14 10:05 - 2016-06-14 18:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-01-14 10:04 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2017-01-14 10:04 - 2016-06-14 18:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2017-01-14 10:04 - 2016-06-14 16:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-01-14 08:33 - 2017-01-05 19:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-14 08:33 - 2017-01-05 19:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-14 08:33 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-01-14 08:33 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2017-01-14 08:33 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-01-14 08:33 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-01-14 08:33 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-01-14 08:33 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-01-14 08:33 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-01-14 08:33 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-01-14 08:33 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2017-01-14 08:33 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-01-14 08:33 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-01-14 08:33 - 2016-08-12 17:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2017-01-14 08:33 - 2016-08-06 16:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-01-14 08:33 - 2016-08-06 16:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-01-14 08:33 - 2016-06-14 18:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-01-14 08:33 - 2016-06-14 18:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2017-01-14 08:33 - 2016-06-14 18:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2017-01-14 08:33 - 2016-06-14 16:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-01-14 08:33 - 2016-06-14 16:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2017-01-14 08:33 - 2016-06-14 16:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2017-01-14 08:33 - 2016-06-14 16:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2017-01-14 08:32 - 2017-01-05 19:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-14 08:32 - 2017-01-05 19:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-14 08:32 - 2017-01-05 19:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-14 08:32 - 2017-01-05 19:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-01-14 08:32 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-01-14 08:32 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-01-14 08:32 - 2017-01-05 18:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-14 08:32 - 2017-01-05 18:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-14 08:32 - 2017-01-05 18:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-14 08:32 - 2017-01-05 18:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-14 08:32 - 2017-01-05 18:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-14 08:32 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-01-14 08:32 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-01-14 08:32 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2017-01-14 08:32 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2017-01-14 08:32 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-01-14 08:32 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-01-14 08:32 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-01-14 08:32 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-01-14 08:32 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-01-14 08:32 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2017-01-14 08:32 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-01-14 08:32 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2017-01-14 08:32 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-01-14 08:32 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2017-01-14 08:32 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-01-14 08:32 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-01-14 08:32 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2017-01-14 08:32 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2017-01-14 08:32 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-01-14 08:32 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2017-01-14 08:32 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2017-01-14 08:32 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-01-14 08:32 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-01-14 08:32 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-01-14 08:32 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-01-14 08:32 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-01-14 08:32 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-01-14 08:32 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-01-14 08:32 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-01-14 08:32 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-01-14 08:32 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-01-14 08:32 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-01-14 08:32 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-01-14 08:32 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-01-14 08:32 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-01-14 08:32 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-01-14 08:32 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-01-14 08:32 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-01-14 08:32 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-01-14 08:32 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-01-14 08:32 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-01-14 08:32 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-01-14 08:32 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-01-14 08:32 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-01-14 08:32 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-01-14 08:32 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2017-01-14 08:32 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-01-14 08:32 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-01-14 08:32 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-01-14 08:32 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2017-01-14 08:32 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2017-01-14 08:32 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2017-01-14 08:32 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2017-01-14 08:32 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2017-01-14 08:32 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2017-01-14 08:32 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2017-01-14 08:32 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2017-01-14 08:32 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2017-01-14 08:32 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2017-01-14 08:32 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2017-01-14 08:32 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2017-01-14 08:32 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2017-01-14 08:32 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2017-01-14 08:32 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2017-01-14 08:32 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2017-01-14 08:32 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2017-01-14 08:32 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2017-01-14 08:32 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2017-01-14 08:32 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2017-01-14 08:32 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-01-14 08:32 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-01-14 08:32 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-01-14 08:32 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-01-14 08:32 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-01-14 08:32 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-01-14 08:32 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-01-14 08:32 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-01-14 08:32 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-01-14 08:32 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-01-14 08:32 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-01-14 08:32 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-01-14 08:32 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2017-01-14 08:32 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2017-01-14 08:32 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2017-01-14 08:32 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2017-01-14 08:32 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-01-14 08:32 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-01-14 08:32 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-01-14 08:32 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-01-14 08:32 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2017-01-14 08:32 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-01-14 08:32 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-01-14 08:32 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-01-14 08:32 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-01-14 08:32 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-01-14 08:32 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-01-14 08:32 - 2016-09-12 22:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2017-01-14 08:32 - 2016-09-12 21:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2017-01-14 08:32 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-01-14 08:32 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-01-14 08:32 - 2016-09-08 21:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2017-01-14 08:32 - 2016-09-08 21:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2017-01-14 08:32 - 2016-09-08 21:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2017-01-14 08:32 - 2016-09-08 21:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2017-01-14 08:32 - 2016-09-08 15:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2017-01-14 08:32 - 2016-09-08 15:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-01-14 08:32 - 2016-08-12 18:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-01-14 08:32 - 2016-08-12 18:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-01-14 08:32 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-01-14 08:32 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-01-14 08:32 - 2016-08-12 17:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-01-14 08:32 - 2016-08-12 17:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-01-14 08:32 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-01-14 08:32 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-01-14 08:32 - 2016-08-06 16:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-01-14 08:32 - 2016-08-06 16:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2017-01-14 08:32 - 2016-08-06 16:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2017-01-14 08:32 - 2016-08-06 16:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2017-01-14 08:32 - 2016-08-06 16:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2017-01-14 08:32 - 2016-08-06 16:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2017-01-14 08:32 - 2016-08-06 16:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2017-01-14 08:32 - 2016-08-06 16:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2017-01-14 08:32 - 2016-08-06 16:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2017-01-14 08:32 - 2016-08-06 16:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2017-01-14 08:32 - 2016-08-06 16:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2017-01-14 08:32 - 2016-08-06 15:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2017-01-14 08:32 - 2016-08-06 15:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2017-01-14 08:32 - 2016-08-06 15:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2017-01-14 08:32 - 2016-06-14 18:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-01-14 08:32 - 2016-06-14 18:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2017-01-14 08:32 - 2016-06-14 18:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-01-14 08:32 - 2016-06-14 18:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2017-01-14 08:32 - 2016-06-14 16:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2017-01-14 08:32 - 2016-06-14 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-01-14 08:32 - 2016-06-14 16:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-01-14 08:32 - 2016-06-14 16:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-01-14 08:32 - 2016-06-14 16:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-01-14 08:32 - 2016-06-14 16:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-01-14 08:32 - 2016-06-14 16:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-01-14 08:32 - 2016-06-14 16:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2017-01-14 08:32 - 2016-06-14 16:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2017-01-14 08:31 - 2016-08-12 17:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-01-14 08:31 - 2016-08-12 17:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-01-14 08:31 - 2016-08-12 17:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-01-14 08:24 - 2016-07-22 15:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-01-14 08:24 - 2016-07-22 15:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-01-14 01:15 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2017-01-14 01:15 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2017-01-14 01:15 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2017-01-14 01:15 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2017-01-14 01:15 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-01-14 01:15 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-01-14 01:15 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2017-01-14 01:15 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2017-01-14 01:15 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2017-01-14 01:03 - 2012-08-21 22:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2017-01-14 00:30 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2017-01-14 00:30 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2017-01-14 00:30 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2017-01-14 00:30 - 2015-12-16 19:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2017-01-14 00:30 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2017-01-14 00:30 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2017-01-14 00:30 - 2015-08-27 19:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-01-14 00:30 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2017-01-14 00:30 - 2015-08-27 18:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-01-14 00:30 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2017-01-13 23:05 - 2017-01-13 23:05 - 00000000 ____D C:\Program Files (x86)\ESET
2017-01-13 23:03 - 2017-01-13 23:04 - 02870984 _____ (ESET) C:\Users\Christian\Downloads\esetsmartinstaller_deu.exe
2017-01-13 21:08 - 2017-01-13 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-01-13 21:07 - 2017-01-13 21:07 - 00000000 ____D C:\Program Files (x86)\ElsterFormular Update Service
2017-01-13 21:01 - 2016-06-26 01:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-01-13 21:01 - 2016-06-26 01:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-01-13 21:01 - 2016-06-26 01:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-01-13 21:01 - 2016-06-26 01:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-01-13 21:01 - 2016-06-25 20:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-01-13 21:01 - 2016-06-25 20:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-01-13 21:01 - 2016-06-25 20:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-01-13 21:01 - 2016-06-25 20:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-01-13 21:01 - 2016-05-11 18:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-01-13 21:01 - 2016-05-11 18:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-01-13 21:01 - 2016-05-11 18:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2017-01-13 21:01 - 2016-05-11 18:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2017-01-13 21:01 - 2016-05-11 16:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-01-13 21:01 - 2016-05-11 16:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-01-13 21:01 - 2016-05-11 16:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2017-01-13 21:01 - 2016-05-11 16:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2017-01-13 21:01 - 2016-05-11 16:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-01-13 21:01 - 2016-05-11 16:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-01-13 21:01 - 2016-05-11 15:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-01-07 17:36 - 2017-01-07 17:36 - 00044952 _____ () C:\Windows\system32\Drivers\staport.sys
2017-01-07 17:36 - 2017-01-04 16:49 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-01-06 22:05 - 2017-01-06 22:06 - 08803648 _____ (Piriform Ltd) C:\Users\Christian\Downloads\ccsetup525.exe
2017-01-06 21:59 - 2017-01-06 21:59 - 00017354 _____ C:\Users\Christian\Desktop\cc_20170106_215918.reg
2017-01-04 16:49 - 2017-01-04 16:49 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-01-04 16:49 - 2017-01-04 16:49 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-01-04 16:49 - 2017-01-04 16:49 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-01 06:15 - 2013-03-21 19:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-31 21:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-31 20:27 - 2013-01-03 20:20 - 00000000 ____D C:\Users\Christian\Documents\Haus
2017-01-31 19:44 - 2009-07-14 05:45 - 00025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-31 19:44 - 2009-07-14 05:45 - 00025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-31 19:42 - 2016-11-26 14:27 - 00000000 ____D C:\Users\Christian\AppData\LocalLow\Mozilla
2017-01-31 19:32 - 2012-05-02 19:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-31 19:32 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-31 15:36 - 2016-11-19 21:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-31 10:10 - 2016-01-11 20:52 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2017-01-24 21:02 - 2016-05-01 20:47 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-01-20 16:29 - 2011-08-10 07:14 - 00000000 ____D C:\ProgramData\hps
2017-01-20 15:52 - 2011-08-10 07:14 - 00000000 ____D C:\ProgramData\tmp
2017-01-20 15:21 - 2016-01-10 22:07 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-20 15:17 - 2010-03-27 23:58 - 00699666 _____ C:\Windows\system32\perfh007.dat
2017-01-20 15:17 - 2010-03-27 23:58 - 00149774 _____ C:\Windows\system32\perfc007.dat
2017-01-20 15:17 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-19 15:27 - 2010-11-07 18:54 - 00000000 ____D C:\Users\Christian\Documents\Maike
2017-01-19 15:26 - 2013-09-02 18:20 - 01594892 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-01-14 15:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-01-14 14:59 - 2009-07-14 05:45 - 00384000 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-14 14:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-01-14 14:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2017-01-14 14:41 - 2013-08-15 23:19 - 00000000 ____D C:\Windows\system32\MRT
2017-01-14 14:40 - 2010-04-12 21:36 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-14 08:14 - 2010-04-12 16:08 - 00087136 _____ C:\Users\Christian\AppData\Local\GDIPFONTCACHEV1.DAT
2017-01-14 03:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2017-01-13 23:57 - 2010-04-12 16:31 - 00000000 ____D C:\ProgramData\Skype
2017-01-13 21:11 - 2013-05-23 20:30 - 00000000 ____D C:\ProgramData\elsterformular
2017-01-13 21:08 - 2013-05-23 20:30 - 00001233 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2017-01-13 21:07 - 2013-05-23 20:30 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2017-01-13 21:07 - 2010-04-12 16:08 - 00000000 ____D C:\Users\Christian
2017-01-11 23:04 - 2013-03-21 19:53 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-11 23:04 - 2012-05-05 15:11 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-11 23:04 - 2012-01-06 10:03 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-11 23:04 - 2011-05-25 17:10 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-11 23:04 - 2009-11-05 01:39 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-11 21:22 - 2015-07-29 19:20 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-07 20:42 - 2016-01-11 20:57 - 00003916 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1452542265
2017-01-07 19:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\LiveKernelReports
2017-01-07 17:37 - 2016-01-11 20:53 - 00001886 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2017-01-06 22:07 - 2016-01-26 20:39 - 00000786 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-01-04 16:50 - 2016-01-11 20:52 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-01-04 16:50 - 2016-01-11 20:52 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-01-04 16:50 - 2016-01-11 20:52 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-01-04 16:49 - 2016-02-10 20:30 - 00453192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2017-01-04 16:49 - 2016-01-11 20:55 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-01-04 16:49 - 2016-01-11 20:52 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.148354505579207
2017-01-04 16:49 - 2016-01-11 20:52 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148354505741310
2017-01-04 16:49 - 2016-01-11 20:52 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148354505989512
2017-01-04 16:49 - 2016-01-11 20:52 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-01-04 16:49 - 2016-01-11 20:52 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-01-04 16:49 - 2016-01-11 20:52 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-01-04 16:49 - 2016-01-11 20:52 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-01-04 16:49 - 2016-01-11 20:52 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-01-04 16:32 - 2010-04-12 20:26 - 00000000 ____D C:\Program Files\Lx_cats

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2009-11-05 04:32 - 2009-02-10 21:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2017-01-21 22:51 - 2017-01-21 22:51 - 0008192 ___SH () C:\Users\Christian\AppData\Roaming\Thumbs.db
2011-10-22 18:20 - 2011-10-22 18:20 - 0040023 _____ () C:\Users\Christian\AppData\Roaming\UserTile.png
2016-05-02 20:32 - 2016-05-02 20:32 - 0000000 _____ () C:\Users\Christian\AppData\Roaming\wklnhst.dat
2014-11-09 10:02 - 2014-11-09 10:02 - 0000000 ____H () C:\Users\Christian\AppData\Local\BITBC9C.tmp
2014-10-04 12:16 - 2014-10-04 12:16 - 0000000 ____H () C:\Users\Christian\AppData\Local\BITF6E3.tmp
2011-11-12 20:41 - 2012-01-21 21:06 - 0004608 _____ () C:\Users\Christian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-16 11:23 - 2014-08-16 11:23 - 0000000 _____ () C:\Users\Christian\AppData\Local\{7ED8E7B9-4F08-484E-817E-848DD9CDE9F1}
2014-10-04 12:16 - 2014-10-04 12:16 - 0000000 _____ () C:\Users\Christian\AppData\Local\{8858B090-F6C4-46D4-B2C6-029364D62B48}
2014-11-09 10:02 - 2014-11-09 10:02 - 0000000 _____ () C:\Users\Christian\AppData\Local\{97C37D8A-FD78-43E0-A147-B2633B9D913F}
2014-06-19 23:01 - 2014-06-19 23:01 - 0000000 _____ () C:\Users\Christian\AppData\Local\{FC1858E6-211E-4D27-851C-51ECB52E1969}
2011-01-22 20:46 - 2016-01-26 20:28 - 0000040 ___SH () C:\ProgramData\.zreglib
2010-03-27 15:14 - 2010-03-27 15:17 - 0008728 _____ () C:\ProgramData\ArcadeDeluxe3.log
2010-04-12 16:32 - 2010-04-12 16:32 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-11-05 04:33 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-01-23 22:12

==================== Ende von FRST.txt ============================
         

Alt 01.02.2017, 06:30   #14
Chris1910
 
s4400.exe im Autostart gefunden - Standard

s4400.exe im Autostart gefunden



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-01-2017
durchgeführt von Christian (01-02-2017 06:20:17)
Gestartet von C:\Users\Christian\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2010-04-12 15:08:07)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3681001805-2050292409-840652081-500 - Administrator - Disabled)
Chris (S-1-5-21-3681001805-2050292409-840652081-1056 - Limited - Enabled) => C:\Users\Chris
Christian (S-1-5-21-3681001805-2050292409-840652081-1000 - Administrator - Enabled) => C:\Users\Christian
Gast (S-1-5-21-3681001805-2050292409-840652081-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3681001805-2050292409-840652081-1004 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Avast Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.7112 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7112 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.29 - NewTech Infosystems)
Acer Crystal Eye webcam Ver:1.1.124.1120 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.124.1120 - Chicony Electronics Co.,Ltd.)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.5.0715 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{DBCE1208-433D-4D3E-A26A-CB1B5E71A8F5}) (Version: 1.4.17.35005 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.4.17.35005 - Alcor Micro Corp.) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 6.7.7.0 - SlySoft)
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{422691F3-3CFA-6607-06D6-CA579E6B35AD}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.28 - Avanquest Software)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Backup Manager Basic (x32 Version: 2.0.0.29 - NewTech Infosystems) Hidden
BlueStacks (HKLM-x32\...\{B760B0E0-B517-4D0A-85C0-016ABDBA4A73}) (Version: 0.7.4.793 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A325B368-A9EC-40EF-A95C-9DEAD3683AE3}) (Version: 12.33.03 - Broadcom Corporation)
ccc-core-static (x32 Version: 2010.0302.2233.40412 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2356 - CDBurnerXP)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.31 - Cliqz.com)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.0.21763 - Landesfinanzdirektion Thüringen)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Express Zip (HKLM-x32\...\ExpressZip) (Version:  - NCH Software)
Free YouTube Download version 3.2.10.812 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.10.812 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.59.505 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.505 - DVDVideoSoft Ltd.)
GIMP 2.6.10 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.10 - The GIMP Team)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google SketchUp 8 (HKLM-x32\...\{4BA6784F-3B10-473A-B9F5-33A36AC354D5}) (Version: 3.0.14358 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPL Ghostscript 9.01 (HKLM-x32\...\GPL Ghostscript 9.01) (Version:  - )
HP Officejet Pro 8610 - Grundlegende Software für das Gerät (HKLM\...\{C1586445-E3CA-45F0-A754-E6C2784CDDB7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Hilfe (HKLM-x32\...\{2466D8D5-4856-4492-BDEF-48A640F58866}) (Version: 32.0.0 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{A38E954F-9043-42BD-9DE9-246ED183791D}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.05 - Acer Inc.)
Lexmark 3300 Series (HKLM\...\Lexmark 3300 Series) (Version:  - Lexmark International, Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}) (Version: 3.1.6.0 - Apple Inc.)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Mozilla Thunderbird 38.7.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.7.2 (x86 de)) (Version: 38.7.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
NAVIGON Fresh 1.2 (HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\NAVIGON Fresh) (Version: 1.2 - NAVIGON)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
NAVIGON Sync 1.0 (HKLM-x32\...\NAVIGON Sync) (Version: 1.0 - NAVIGON)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
PC Connectivity Solution (HKLM-x32\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version:  - )
Pixum Fotowelt (HKLM-x32\...\Pixum Fotowelt) (Version: 6.2.1 - CEWE Stiftung u Co. KGaA)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5969 - Realtek Semiconductor Corp.)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SamsungConnectivityCableDriver (HKLM-x32\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
SketchUp 2013 (HKLM-x32\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16084.4 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16084.4 - Samsung Electronics Co., Ltd.) Hidden
SUPER © Version 2010.bld.38 (May 2, 2010) (HKLM-x32\...\SUPER ©) (Version: Version 2010.bld.38 (May 2, 2010) - eRightSoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.18051 - TeamViewer)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{B0EFB716-085B-4564-8060-212E41F5CE50}) (Version: 6.500.3146.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (HKLM\...\BC15EA930074932BB2C4B4493C9FD4EA95087D1A) (Version: 10/12/2007 6.85.4.0 - Nokia)
XBMC (HKU\S-1-5-21-3681001805-2050292409-840652081-1000\...\XBMC) (Version:  - Team XBMC)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0904C69E-2684-4C4A-89B3-22842BD7E107} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {0CA99CAC-74B6-4C44-AB23-59729C454221} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {1C9F82FC-A2FB-4BCC-82DE-5BFFA3DBA02F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {2A47C0B9-CFC6-4814-A0A0-36B2E416A682} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {373F34F6-975B-44EE-92DD-DBE4D15028BB} - System32\Tasks\SafeZone scheduled Autoupdate 1452542265 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {7199CCB8-130D-4BF5-AA4B-17B761DE5CBB} - System32\Tasks\{26FF3FB1-352D-450C-BBE8-7627F3AD2527} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-12-20] (Skype Technologies S.A.)
Task: {7F8444B8-6F6A-475B-8CE5-52D952CA1796} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {8FF52E57-D9E2-4579-BEAC-5C75CBA3F752} - System32\Tasks\{44A16C56-8230-48AF-A25A-A6A7E14712AE} => pcalua.exe -a D:\Setup.EXE -d D:\
Task: {A4829921-5CBB-4F82-B1FF-687B56B2C682} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2017-01-04] (AVAST Software)
Task: {ABBF228D-A001-43BC-91F6-E71B433221BA} - System32\Tasks\{DCC2FE68-47E7-4720-820D-0F7D658B3EFE} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe
Task: {ADFDBF3B-AFC1-44A1-9013-8B881C16BAFB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {B8F5E834-3A74-4C7B-8EC2-6DEA05467EA4} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-28] (AVAST Software)
Task: {CAA62C34-E5EF-4975-A926-FA12836D5DEA} - System32\Tasks\{95EC3DCD-D6FC-4B7D-964E-E03B0631DC47} => Firefox.exe hxxp://ui.skype.com/ui/0/4.2.0.158.217/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;ienotdefaultbrowser2
Task: {DDDAD517-AC4C-4529-8E8D-794FE173FB0A} - System32\Tasks\{389418FA-D95B-42C8-98C3-D7B39716704E} => pcalua.exe -a C:\Users\Christian\Downloads\SABnzbd-0.7.3-win32-setup.exe -d C:\Users\Christian\Downloads
Task: {DE18920C-A5A7-4283-821D-5E29E2052FEC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {ECDAC19C-50C3-4E61-B93C-3B801A56751E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Christian\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nchsoftware.com/de/index.htm

ShortcutWithArgument: C:\Users\Public\Desktop\Acer Zubehör Shop.lnk -> C:\Program Files\Acer Accessory Store\StartURL.exe () -> hxxp://store.acer-euro.com/de?utm_source=Icon&utm_medium=Icon&utm_campaign=Acer%2BInternal

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-13 04:45 - 2015-10-13 04:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-16 07:54 - 2013-08-16 07:54 - 00088064 _____ () C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll
2010-09-15 21:11 - 2010-03-04 22:38 - 00071096 _____ () C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
2010-03-27 15:12 - 2010-03-27 15:12 - 00200704 _____ () C:\Windows\PLFSetI.exe
2016-12-06 15:09 - 2016-12-06 15:09 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2013-11-15 01:48 - 2013-11-15 01:48 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2010-04-18 00:19 - 2010-04-18 00:19 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2017-01-04 16:49 - 2017-01-04 16:49 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-01-31 14:11 - 2017-01-31 14:11 - 04377600 _____ () C:\Program Files\AVAST Software\Avast\defs\17013102\algo.dll
2017-01-04 16:49 - 2017-01-04 16:49 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-02-01 06:16 - 2017-02-01 06:16 - 04459608 _____ () C:\Program Files\AVAST Software\Avast\defs\17020100\algo.dll
2009-02-03 02:33 - 2009-02-03 02:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 02:55 - 2008-09-29 02:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2011-03-29 20:18 - 2005-12-13 14:51 - 00122880 _____ () C:\Program Files (x86)\Lexmark 3300 Series\lxccdrec.dll
2011-03-29 20:18 - 2005-06-14 16:08 - 00196608 _____ () C:\Program Files (x86)\Lexmark 3300 Series\iptk.dll
2013-11-15 01:49 - 2013-11-15 01:49 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2017-01-04 16:49 - 2017-01-04 16:49 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3681001805-2050292409-840652081-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: AnyDVD => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{00B8CE5B-4C6D-4D29-90E4-CFEB21E4013B}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{48FE94D9-B0DC-4874-B5D6-2E11B770605F}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DC80E749-3469-467B-B376-4F16F1A685B9}] => C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe
FirewallRules: [{ED013B1C-4F43-4865-8BD0-F0EBCB322345}] => C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe
FirewallRules: [{9C8FC3B5-2404-4350-A316-1A54E7D78462}] => C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe
FirewallRules: [{C3E949CE-546C-452A-A9A5-C9CC3B131788}] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe
FirewallRules: [{ED2CAC22-7FCB-4740-A024-ECF3E79C8C95}] => LPort=5357
FirewallRules: [{BFCA5553-4C79-40D6-8AD1-D1C43D8EB80A}] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{6F466CF5-BB2A-40CC-AFBE-301467B9C2F1}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{D14FC9F7-0C8A-4C89-9B4C-A44A9C1E53AF}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [{882FA790-800B-4B1D-99A4-6507B5404FAE}] => C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Wiederherstellungspunkte =========================

14-01-2017 01:20:53 Windows Update
14-01-2017 14:38:36 Windows Update
19-01-2017 15:12:40 Windows Update
20-01-2017 15:18:50 Windows Update
21-01-2017 21:14:50 Windows Update
24-01-2017 21:20:37 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/01/2017 06:15:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31766109

Error: (02/01/2017 06:15:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31766109

Error: (02/01/2017 06:15:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/31/2017 09:26:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3057

Error: (01/31/2017 09:26:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3057

Error: (01/31/2017 09:26:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/31/2017 09:26:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2043

Error: (01/31/2017 09:26:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2043

Error: (01/31/2017 09:26:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/31/2017 09:26:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1045


Systemfehler:
=============
Error: (01/31/2017 07:34:15 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.

Error: (01/31/2017 07:33:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
Bei der Verarbeitung der Steuerungsanforderung ist ein Ausnahmefehler im Dienst aufgetreten.

Error: (01/31/2017 07:33:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht.

Error: (01/31/2017 07:32:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎31.‎01.‎2017 um 17:25:55 unerwartet heruntergefahren.

Error: (01/30/2017 04:07:47 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
Bei der Verarbeitung der Steuerungsanforderung ist ein Ausnahmefehler im Dienst aufgetreten.

Error: (01/30/2017 04:06:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (01/30/2017 04:06:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device Service erreicht.

Error: (01/30/2017 04:06:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Adobe Acrobat Update Service erreicht.

Error: (01/30/2017 04:05:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avast Firewall" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (01/30/2017 04:05:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avast Firewall erreicht.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 6004.5 MB
Verfügbarer physikalischer RAM: 3511.75 MB
Summe virtueller Speicher: 12007.18 MB
Verfügbarer virtueller Speicher: 9212.69 MB

==================== Laufwerke ================================

Drive c: (ACER) (Fixed) (Total:452.97 GB) (Free:27.85 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: C244C244)
Partition 1: (Not Active) - (Size=12.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 01.02.2017, 09:37   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
s4400.exe im Autostart gefunden - Standard

s4400.exe im Autostart gefunden



Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: MBAM

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: ESET

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu s4400.exe im Autostart gefunden
antivirus, avast, bonjour, browser-security, ccsetup, defender, desktop, firefox, flash player, home, homepage, hängen, iexplore.exe, launch, mozilla, mp3, officejet, prozesse, realtek, registry, rundll, scan, schutz, services.exe, software, svchost.exe, system, usb, windows



Ähnliche Themen: s4400.exe im Autostart gefunden


  1. Autostart unter w8.1
    Alles rund um Windows - 26.11.2014 (4)
  2. nengine.dll im autostart gefunden
    Plagegeister aller Art und deren Bekämpfung - 13.08.2014 (8)
  3. TBHCN im Autostart gefunden
    Plagegeister aller Art und deren Bekämpfung - 28.12.2012 (7)
  4. tbhcn in Autostart
    Log-Analyse und Auswertung - 13.11.2012 (1)
  5. UpgradeChecker.exe etc. im Autostart
    Log-Analyse und Auswertung - 27.09.2012 (7)
  6. Autostart tbhcn, was nun?
    Plagegeister aller Art und deren Bekämpfung - 17.09.2012 (10)
  7. TR/Crypt.XPACK.Gen auf Laptop gefunden + komische Ausführungen im Autostart
    Plagegeister aller Art und deren Bekämpfung - 23.04.2011 (41)
  8. GMX Update im Autostart
    Alles rund um Windows - 12.04.2011 (2)
  9. Unbekannter Autostart
    Log-Analyse und Auswertung - 05.01.2011 (3)
  10. Autostart von eleet
    Plagegeister aller Art und deren Bekämpfung - 15.08.2009 (0)
  11. Autostart abstellen
    Alles rund um Windows - 12.03.2009 (8)
  12. Spyware im Autostart
    Plagegeister aller Art und deren Bekämpfung - 07.09.2008 (1)
  13. Kein Autostart
    Log-Analyse und Auswertung - 09.01.2007 (5)
  14. Systemkonfiguration und Autostart
    Alles rund um Windows - 06.08.2006 (2)
  15. Autostart geändert?
    Log-Analyse und Auswertung - 23.12.2005 (2)
  16. escan autostart??
    Antiviren-, Firewall- und andere Schutzprogramme - 17.01.2005 (16)
  17. autostart vom virenprog
    Antiviren-, Firewall- und andere Schutzprogramme - 10.11.2004 (2)

Zum Thema s4400.exe im Autostart gefunden - Hallo, bin eher zufällig in der Windows Problembehandlung auf s4400.exe gestoßen, da sie im Autostart liegt. Nach kurzer Recherche scheint dies wohl nichts seriöses zu sein. Irgendwelche Symptome sind mir - s4400.exe im Autostart gefunden...
Archiv
Du betrachtest: s4400.exe im Autostart gefunden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.