| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win 7: Browser stellt nur noch bestimmte Seiten darWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
13.02.2017, 21:27
| #1 |
 |  Win 7: Browser stellt nur noch bestimmte Seiten dar Hallo, ich habe in der Windows-Abteilung folgendes Problem gepostet. Dort wurde mir empfohlen, erst hier zu klären ob Malware im Spiel ist. http://www.trojaner-board.de/184374-...te-seiten.html So ist also die Situation: Ich habe hier einen Rechner mit Windows 7 Home Premium, bei dem ich mit allen Browsern gewisse Seiten (Google, Facebook, Amazon, ...) nicht erreichen kann. Andere gehen aber einwandfrei (Spiegel Online, ebay, ...). Alle anderen Geräte im Netz haben dieses Problem nicht. Ein Pingen der nicht erreichbaren Seiten ist erfolgreich. Folgende Maßnahmen habe ich bisher durchgeführt - alle erfolglos. - Verbinden über LAN statt WLAN - Nutzung in einem anderen Netz - Installation eines neuen Browsers (Opera) - Löschen/Zurücksetzen der Browser-Profile - Erstellen eines neuen Windows-Kontos - Eingeben der IPs vom Pingen in den Browser - Prüfen der Hosts-Datei => keine verdächtigen Eintragungen - Prüfen, dass kein Proxy eingstellt ist - TCP/IP in den Ausgangszustand zurückversetzt - Firewall Reset - ipconfig /flushdns Außerdem habe ich Malwarbytes Anti-Malware und AdwCleaner durchlaufen lassen. Beide hatten Funde, die ich habe beheben lassen, aber die Protokolle habe ich versehentlich gelöscht. Hier das Protokoll von ipconfig und tracert www.google.de Code:
ATTFilter Windows-IP-Konfiguration
Hostname . . . . . . . . . . . . : Franzi-PC
Prim„res DNS-Suffix . . . . . . . :
Knotentyp . . . . . . . . . . . . : Hybrid
IP-Routing aktiviert . . . . . . : Nein
WINS-Proxy aktiviert . . . . . . : Nein
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung:
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Broadcom 802.11n-Netzwerkadapter
Physikalische Adresse . . . . . . : 5C-AC-4C-8A-0E-49
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::9e2:86ed:6279:e38a%12(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.2.149(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Lease erhalten. . . . . . . . . . : Sonntag, 12. Februar 2017 19:17:34
Lease l„uft ab. . . . . . . . . . : Montag, 13. Februar 2017 21:56:53
Standardgateway . . . . . . . . . : 192.168.2.1
DHCP-Server . . . . . . . . . . . : 192.168.2.1
DHCPv6-IAID . . . . . . . . . . . : 425503820
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-14-19-75-D4-20-6A-8A-14-FC-12
DNS-Server . . . . . . . . . . . : 192.168.2.1
NetBIOS ber TCP/IP . . . . . . . : Deaktiviert
Ethernet-Adapter LAN-Verbindung:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix: fritz.box
Beschreibung. . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
Physikalische Adresse . . . . . . : 20-6A-8A-14-FC-12
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Tunneladapter isatap.fritz.box:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 2:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-6zu4-Adapter
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 15:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #4
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 16:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 20:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #7
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter isatap.{0833FF45-8E19-4CAF-854A-9ABDB98BA7CD}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #8
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 21:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #9
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Routenverfolgung zu www.google.de [216.58.209.35] ber maximal 30 Abschnitte:
1 1 ms 5 ms 2 ms easy.box [192.168.2.1]
2 18 ms 31 ms 15 ms dslb-188-098-192-001.188.098.pools.vodafone-ip.de [188.98.192.1]
3 1273 ms 1315 ms 2004 ms 188.111.163.228
4 15 ms 14 ms 14 ms 88.79.10.12
5 27 ms 16 ms 15 ms 92.79.213.101
6 23 ms 24 ms 26 ms 145.254.2.191
7 43 ms 23 ms 30 ms 145.254.2.191
8 24 ms 29 ms 63 ms de-cix20.net.google.com [80.81.193.108]
9 25 ms 24 ms 24 ms 216.239.56.26
10 29 ms 45 ms 24 ms 209.85.243.131
11 42 ms 41 ms 40 ms 209.85.241.230
12 36 ms 35 ms 44 ms 209.85.254.149
13 37 ms 35 ms 46 ms 216.239.40.155
14 38 ms 35 ms 54 ms waw02s05-in-f35.1e100.net [216.58.209.35]
Ablaufverfolgung beendet.
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2017
durchgeführt von Franzi (Administrator) auf FRANZI-PC (12-02-2017 22:22:19)
Gestartet von E:\
Geladene Profile: Franzi (Verfügbare Profile: Franzi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Opera)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Dropbox, Inc.) C:\Users\Franzi\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Franzi\AppData\Local\Google\Update\GoogleUpdate.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-23] (Alcor Micro Corp.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9643552 2009-12-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-04-23] (Acer Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [908368 2010-04-08] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-01-11] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-28] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-05-07] (Google Inc.)
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [Google Update] => C:\Users\Franzi\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2017-01-13] (Google Inc.)
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-04-30] (TomTom)
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [vnxvqiou] => C:\Users\Franzi\AppData\Roaming\Eprpvp\nnrsshiqiou.exe
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [hlpm] => "C:\Users\Franzi\AppData\Roaming\hlpm.exe" -autorun
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [Dropbox Update] => C:\Users\Franzi\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\MountPoints2: {4d2f771c-6e8a-11e1-8157-5cac4c8a0e49} - E:\AutoRun.exe
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\MountPoints2: {be2b3e36-5d74-11e1-ad2b-5cac4c8a0e49} - E:\AutoRun.exe
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\MountPoints2: {be2b3e55-5d74-11e1-ad2b-5cac4c8a0e49} - E:\AutoRun.exe
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-01] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [346440 2013-09-14] (Apple Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-07-19]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Franzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-08]
ShortcutTarget: Dropbox.lnk -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Franzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011-12-16]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0833FF45-8E19-4CAF-854A-9ABDB98BA7CD}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{DDB23E67-7B03-402C-8BE4-DDEF15F64CE5}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F74F9FCF-AC91-46F0-B55D-53E4609B3CA3}: [NameServer] 193.189.244.225 193.189.244.206
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7741&r=27360211i106l0418z1j5t4761o985
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-1924580533-820736867-3977892425-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE419DE419
SearchScopes: HKU\S-1-5-21-1924580533-820736867-3977892425-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE419DE419
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll" => Keine Datei
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-12] (Google Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30] (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-12] (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-12-16] (Sun Microsystems, Inc.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll" Keine Datei
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-12] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-12] (Google Inc.)
Toolbar: HKU\S-1-5-21-1924580533-820736867-3977892425-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-12] (Google Inc.)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
FireFox:
========
FF ProfilePath: C:\Users\Franzi\AppData\Roaming\TomTom\HOME\Profiles\m31ka1z5.default [2015-06-24]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2015-06-24] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: (DivX Plus Web Player HTML5 &video&) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-02-22] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: (DivX HiQ) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-02-22] [ist nicht signiert]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-01-24] (DivX, LLC.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-12-16] (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-1924580533-820736867-3977892425-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-1924580533-820736867-3977892425-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-13] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default [2017-02-12]
CHR Extension: (YouTube) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Cast) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-03-28]
CHR Extension: (Google-Suche) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Avira Browserschutz) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-01-13]
CHR Extension: (DivX HiQ) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-02-23]
CHR Extension: (Skype) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-08]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-02-23]
CHR Extension: (Google Mail) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Profile: C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-02-12]
CHR Extension: (Docs) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-11]
CHR Extension: (Google Drive) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-11]
CHR Extension: (YouTube) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-11]
CHR Extension: (DivX HiQ) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2017-02-11]
CHR Extension: (Skype Click to Call) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-02-11]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2017-02-11]
CHR Extension: (Google Mail) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-11]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]
StartMenuInternet: Google Chrome - C:\Users\Franzi\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-28] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-28] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [276424 2016-05-04] (Avira Operations GmbH & Co. KG)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [794624 2016-05-12] (Microsoft Corporation) [Datei ist nicht signiert]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [246112 2012-02-22] ()
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.) [Datei ist nicht signiert]
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [502272 2016-05-12] (Microsoft Corporation) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444928 2016-05-11] (Microsoft Corporation) [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-21] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141920 2016-05-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-28] (Avira Operations GmbH & Co. KG)
S1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [262144 2016-05-11] (Microsoft Corporation) [Datei ist nicht signiert]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-12 22:22 - 2017-02-12 22:22 - 00000000 ____D C:\FRST
2017-02-12 22:11 - 2017-02-12 22:12 - 00005042 _____ C:\Users\Franzi\Desktop\ipsi.txt
2017-02-12 01:08 - 2017-02-12 01:09 - 00000000 ____D C:\0875c85ccaeb6afedd
2017-02-12 01:02 - 2016-08-12 17:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-02-12 01:02 - 2016-08-12 17:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-02-12 01:02 - 2016-08-12 17:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-02-12 01:01 - 2016-05-12 18:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2017-02-12 01:01 - 2016-05-12 18:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2017-02-12 01:01 - 2016-05-12 18:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2017-02-12 01:01 - 2016-05-12 18:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2017-02-12 01:01 - 2016-05-12 18:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2017-02-12 01:01 - 2016-05-12 18:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2017-02-12 01:01 - 2016-05-12 16:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2017-02-12 01:01 - 2016-05-12 16:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2017-02-12 01:01 - 2016-05-12 16:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2017-02-12 01:01 - 2016-05-12 16:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2017-02-12 01:01 - 2016-05-11 18:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-02-12 01:01 - 2016-05-11 18:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2017-02-12 01:01 - 2016-05-11 18:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2017-02-12 01:01 - 2016-05-11 16:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-02-12 01:01 - 2016-05-11 16:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2017-02-12 01:01 - 2016-05-11 16:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2017-02-12 01:01 - 2016-05-11 16:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-02-12 01:01 - 2016-05-11 16:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-02-12 01:01 - 2016-05-11 15:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-02-12 00:59 - 2016-08-16 21:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-02-12 00:59 - 2016-08-16 21:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-02-12 00:59 - 2016-08-16 21:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-02-12 00:59 - 2016-08-16 21:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-02-12 00:59 - 2016-08-16 21:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-02-12 00:59 - 2016-08-16 21:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-02-12 00:59 - 2016-08-16 21:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-02-12 00:59 - 2016-07-22 15:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-02-12 00:59 - 2016-07-22 15:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-02-12 00:59 - 2016-05-11 18:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-02-12 00:59 - 2016-05-11 16:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-02-12 00:59 - 2016-03-09 20:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2017-02-12 00:59 - 2016-03-09 19:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2017-02-11 23:08 - 2017-02-11 23:08 - 00002366 _____ C:\Users\Franzi\Desktop\Google Chrome.lnk
2017-02-11 22:24 - 2017-02-11 22:24 - 00003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1486848243
2017-02-11 22:24 - 2017-02-11 22:24 - 00001139 _____ C:\Users\Public\Desktop\Opera.lnk
2017-02-11 22:24 - 2017-02-11 22:24 - 00001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-02-11 22:24 - 2017-02-11 22:24 - 00000000 ____D C:\Users\Franzi\AppData\Roaming\Opera Software
2017-02-11 22:24 - 2017-02-11 22:24 - 00000000 ____D C:\Users\Franzi\AppData\Local\Opera Software
2017-02-11 22:23 - 2017-02-12 19:25 - 00000000 ____D C:\Program Files (x86)\Opera
2017-02-11 22:21 - 2017-02-11 22:23 - 46171480 _____ (Opera Software) C:\Users\Franzi\Downloads\Opera_43.0.2442.806_Setup.exe
2017-02-11 22:20 - 2017-02-11 22:20 - 01159888 _____ (Opera Software) C:\Users\Franzi\Downloads\OperaSetup.exe
2017-02-07 21:03 - 2017-02-07 21:04 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-07 21:03 - 2017-02-07 21:03 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2017-02-07 21:03 - 2017-02-07 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2017-02-07 21:03 - 2017-02-07 21:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-07 21:03 - 2017-02-07 21:03 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2017-02-07 21:03 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2017-02-07 21:03 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-02-07 21:03 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-02-07 20:45 - 2017-02-11 22:15 - 00000000 ____D C:\AdwCleaner
2017-02-07 20:45 - 2017-02-07 22:21 - 00000000 ____D C:\temp
2017-01-13 11:06 - 2017-01-13 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2017-01-13 10:36 - 2017-02-07 22:29 - 00000000 ____D C:\ProgramData\boost_interprocess
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-12 21:58 - 2015-06-20 04:01 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000UA.job
2017-02-12 19:37 - 2009-07-14 05:45 - 00025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-12 19:37 - 2009-07-14 05:45 - 00025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-12 19:28 - 2011-02-18 03:20 - 00000000 ____D C:\Users\Franzi\AppData\Local\VirtualStore
2017-02-12 19:24 - 2012-05-07 13:34 - 00000000 ___RD C:\Users\Franzi\Dropbox
2017-02-12 19:17 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-12 01:10 - 2013-04-01 01:15 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-02-12 01:10 - 2013-04-01 01:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-02-12 01:07 - 2013-04-01 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-02-12 00:57 - 2013-08-15 03:23 - 00000000 ____D C:\Windows\system32\MRT
2017-02-12 00:56 - 2011-03-07 17:46 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-12 00:42 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-02-11 23:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2017-02-11 22:51 - 2010-05-07 01:07 - 00000000 ____D C:\Program Files (x86)\EgisTec MyWinLocker
2017-02-11 22:46 - 2010-05-07 00:23 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-11 22:06 - 2017-01-08 17:56 - 00000000 ____D C:\ProgramData\Google Updater
2017-02-11 22:03 - 2011-02-18 04:02 - 00002374 _____ C:\Users\Franzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 22:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Vss
2017-02-07 22:10 - 2011-02-22 11:17 - 00000000 ____D C:\Program Files (x86)\softonic-Germany
2017-02-07 20:47 - 2010-09-09 03:38 - 00699682 _____ C:\Windows\system32\perfh007.dat
2017-02-07 20:47 - 2010-09-09 03:38 - 00149790 _____ C:\Windows\system32\perfc007.dat
2017-02-07 20:47 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-07 20:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-13 14:12 - 2015-06-20 04:01 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000Core.job
2017-01-13 11:43 - 2011-02-18 04:01 - 00003720 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000UA
2017-01-13 11:43 - 2011-02-18 04:01 - 00003448 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000Core
2017-01-13 11:42 - 2011-03-17 09:16 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-01-13 11:42 - 2011-03-17 09:16 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-01-13 11:27 - 2014-12-11 16:13 - 00000000 ____D C:\Windows\system32\appraiser
2017-01-13 11:27 - 2014-05-06 22:56 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-01-13 11:27 - 2011-02-18 03:20 - 00000000 ____D C:\Users\Franzi
2017-01-13 11:27 - 2010-05-07 01:13 - 00000000 ___RD C:\Users\Public\Recorded TV
2017-01-13 11:27 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2017-01-13 11:26 - 2012-02-21 21:07 - 00000000 ____D C:\Users\Public\CyberLink
2017-01-13 11:26 - 2011-02-18 03:56 - 00000000 ____D C:\Users\Public\OEM
2017-01-13 11:26 - 2010-05-07 01:06 - 00000000 ____D C:\ProgramData\Symantec
2017-01-13 11:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\servicing
2017-01-13 11:26 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-01-13 11:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2017-01-13 11:21 - 2015-06-20 04:01 - 00000000 ____D C:\Users\Franzi\AppData\Local\Dropbox
2017-01-13 11:21 - 2010-09-08 18:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-13 10:33 - 2011-02-18 03:24 - 00000000 ____D C:\Users\Franzi\AppData\Local\Google
2017-01-13 10:30 - 2011-02-18 03:21 - 00115432 _____ C:\Users\Franzi\AppData\Local\GDIPFONTCACHEV1.DAT
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2011-02-18 04:30 - 2011-02-18 04:30 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-05-07 00:57 - 2010-01-27 15:40 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2011-02-23 12:34 - 2011-02-23 12:34 - 0005065 _____ () C:\ProgramData\xqkcebzs.dik
Einige Dateien in TEMP:
====================
2013-10-01 10:00 - 2017-01-13 11:26 - 0000000 ____D () C:\Users\Franzi\AppData\Local\Temp\avgnt.exe
2006-10-28 13:17 - 2006-10-28 13:17 - 0145184 ____R (Microsoft Corporation) C:\Users\Franzi\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-05-17 21:48
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-02-2017
durchgeführt von Franzi (12-02-2017 22:23:51)
Gestartet von E:\
Windows 7 Home Premium Service Pack 1 (X64) (2011-02-18 02:20:09)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1924580533-820736867-3977892425-500 - Administrator - Disabled)
Franzi (S-1-5-21-1924580533-820736867-3977892425-1000 - Administrator - Enabled) => C:\Users\Franzi
Gast (S-1-5-21-1924580533-820736867-3977892425-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1924580533-820736867-3977892425-1002 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.60 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.3.5 - Liteon)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0423.2010 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Reader X (10.0.1) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA0000000001}) (Version: 10.0.1 - Adobe Systems Incorporated)
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{6030FCD7-8F1A-427D-AF05-8DD1A2EA2ABA}) (Version: 1.5.17.05094 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.05094 - Alcor Micro Corp.) Hidden
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media)
Apple Application Support (32-Bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{8B79B3A9-6E49-5FFB-2017-A822BBDC4992}) (Version: 3.0.758.0 - ATI Technologies, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{28d41884-9b36-4f54-bed2-92863f08e65d}) (Version: 1.1.62.21333 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.62.21333 - Avira Operations GmbH & Co. KG) Hidden
Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 12.52.03 - Broadcom Corporation)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
ccc-core-static (x32 Version: 2010.0122.858.16002 - Ihr Firmenname) Hidden
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
ChromecastApp (HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Command & Conquer 3 (HKLM-x32\...\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}) (Version: 1.00.0000 - Ihr Firmenname)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2529.50 - CyberLink Corp.)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media)
DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.3.1.2 - DivX, LLC)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
Dropbox (HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media)
Free Audio CD Burner version 1.4.7 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.9.31 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: - DVDVideoSoft Limited.)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Google Chrome (HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version: - Oberon Media)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media)
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.8 - Acer Inc.)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office XP Small Business (HKLM-x32\...\{91130407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.15.00.705 - Huawei Technologies Co.,Ltd)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need4 YouTube to MP3 Converter 5.6 (HKLM-x32\...\Need4 YouTube to MP3 Converter 5.6) (Version: 5.6 - Need4Video)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.628 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.628 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6630 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Opera Stable 43.0.2442.806 (HKLM-x32\...\Opera 43.0.2442.806) (Version: 43.0.2442.806 - Opera Software)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6000 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
softonic-Germany Toolbar (HKLM-x32\...\softonic-Germany Toolbar) (Version: 6.2.7.3 - softonic-Germany) <==== ACHTUNG
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version: - Oberon Media)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.01.3002 - Acer Incorporated)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\ChromeHTML: -> C:\Users\Franzi\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) <==== ACHTUNG
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02BCD091-BE17-4A37-8695-F1FA83F7C47D} - System32\Tasks\{DE346BFB-5D6E-43E9-9FD3-20FBA2ED78B8} => C:\Users\Franzi\AppData\Local\Google\Chromecast\ChromecastApp.exe [2015-09-10] (Google)
Task: {167231FD-1E4D-4DEE-A06D-CF1664EB225F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.)
Task: {4C90583F-266F-4DA9-B923-ED370557ACE2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000Core => C:\Users\Franzi\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {4EEE32F8-4637-44BA-A327-91AC8E5C3509} - System32\Tasks\Opera scheduled Autoupdate 1486848243 => C:\Program Files (x86)\Opera\launcher.exe [2017-02-06] (Opera Software)
Task: {748B2551-D9F7-46E3-8582-9699DBE3A9E0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000Core => C:\Users\Franzi\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.)
Task: {75A645B8-83B3-42D1-BF26-D2EB99C717CD} - System32\Tasks\{B01F7A7A-1EFF-4FC5-AF9F-D0F4AD5C344D} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {780AA989-0545-4B0F-A1F5-7A5EF03A11AB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {8BCD9F8D-990A-4216-A650-14BDE6AEFECC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000UA => C:\Users\Franzi\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.)
Task: {97A9CD2D-34CB-47DC-9B4E-63051D4A2285} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000UA => C:\Users\Franzi\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {B243C61E-D64E-4586-AB47-B8AE38B99ADB} - System32\Tasks\{0055CEA5-0FE6-4653-9441-85096AF83180} => C:\Users\Franzi\AppData\Local\Google\Chromecast\ChromecastApp.exe [2015-09-10] (Google)
Task: {DCB0EB2B-5128-42EF-B611-B8B51B26E9E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.)
Task: {E4C13A3F-880A-4642-8830-B346E3D54D40} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-09-14] (Apple Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000Core.job => C:\Users\Franzi\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000UA.job => C:\Users\Franzi\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2008-09-08 10:19 - 2008-09-08 10:19 - 00022016 _____ () C:\Windows\System32\cl31cl6.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2012-02-22 17:54 - 2012-02-22 17:53 - 00246112 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2011-01-11 00:25 - 2011-01-11 00:25 - 01230704 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2010-01-07 13:42 - 2010-01-07 13:42 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-09-08 17:50 - 2010-09-08 17:50 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-02-22 17:54 - 2012-02-22 17:53 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2012-02-22 17:54 - 2012-02-22 17:53 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2012-02-22 17:54 - 2012-02-22 17:53 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2012-02-22 17:54 - 2012-02-22 17:53 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2012-02-22 17:54 - 2012-02-22 17:53 - 00384512 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2012-02-22 17:54 - 2012-02-22 17:53 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2010-03-09 01:18 - 2010-03-09 01:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-03-09 01:13 - 2010-03-09 01:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2015-09-27 16:42 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2015-09-27 16:42 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2011-01-17 16:19 - 2011-12-16 19:01 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2010-09-09 03:27 - 2009-05-20 23:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2011-01-11 00:25 - 2011-01-11 00:25 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2017-02-11 22:24 - 2017-02-06 07:29 - 39820376 _____ () C:\Program Files (x86)\Opera\43.0.2442.806\opera_browser.dll
2017-02-11 22:24 - 2017-02-06 07:29 - 45837912 _____ () C:\Program Files (x86)\Opera\43.0.2442.806\opera_child.dll
2017-02-11 22:24 - 2017-02-06 07:29 - 01930328 _____ () C:\Program Files (x86)\Opera\43.0.2442.806\libglesv2.dll
2017-02-11 22:24 - 2017-02-06 07:29 - 00087640 _____ () C:\Program Files (x86)\Opera\43.0.2442.806\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0 [135]
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F [278]
AlternateDataStreams: C:\ProgramData\Temp:798A3728 [130]
AlternateDataStreams: C:\ProgramData\Temp:93DE1838 [136]
AlternateDataStreams: C:\ProgramData\Temp:93EB7685 [135]
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA [145]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Franzi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
08-06-2016 11:39:03 Windows Update
12-06-2016 03:49:50 Windows Update
15-06-2016 21:43:02 Windows Update
15-06-2016 21:56:26 Windows Update
13-01-2017 11:05:30 Windows Update
13-01-2017 11:17:23 Wiederherstellungsvorgang
07-02-2017 22:53:05 Installiert MyWinLocker Suite
11-02-2017 22:43:01 Entfernt MyWinLocker Suite
12-02-2017 00:52:51 Windows Update
12-02-2017 01:20:49 Windows Update
12-02-2017 19:22:46 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/12/2017 07:43:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13432
Error: (02/12/2017 07:43:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13432
Error: (02/12/2017 07:43:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/12/2017 07:43:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12386
Error: (02/12/2017 07:43:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12386
Error: (02/12/2017 07:43:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/12/2017 07:43:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11372
Error: (02/12/2017 07:43:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11372
Error: (02/12/2017 07:43:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/12/2017 07:43:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10374
Systemfehler:
=============
Error: (02/12/2017 10:18:29 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.
Error: (02/12/2017 10:07:49 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.
Error: (02/12/2017 10:02:28 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.
Error: (02/12/2017 10:01:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "TCP/IP-NetBIOS-Hilfsdienst" ist vom Dienst "NetBT" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (02/12/2017 10:01:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetBT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (02/12/2017 09:59:48 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.
Error: (02/12/2017 09:58:27 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.
Error: (02/12/2017 09:57:46 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.
Error: (02/12/2017 09:57:23 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.
Error: (02/12/2017 09:57:00 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.
CodeIntegrity:
===================================
Date: 2017-02-12 22:21:34.049
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\ws2_32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-02-12 22:01:10.128
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\netbt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2017-02-12 22:01:10.128
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\ws2_32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-02-12 22:01:09.909
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\netbt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2017-02-12 19:28:00.330
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\ws2_32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-02-12 19:19:53.526
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\ws2_32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-02-12 19:18:50.049
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\netbt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2017-02-12 19:18:49.815
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\netbt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2017-02-12 19:17:11.535
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\netbt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2017-02-12 19:17:11.332
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\netbt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
Prozentuale Nutzung des RAM: 74%
Installierter physikalischer RAM: 3956.5 MB
Verfügbarer physikalischer RAM: 1016.35 MB
Summe virtueller Speicher: 7911.18 MB
Verfügbarer virtueller Speicher: 4993.59 MB
==================== Laufwerke ================================
Drive c: (ACER) (Fixed) (Total:452.48 GB) (Free:304.29 GB) NTFS
Drive e: () (Removable) (Total:0.98 GB) (Free:0.94 GB) FAT
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: FA63FA63)
Partition 1: (Not Active) - (Size=13.2 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 1008.8 MB) (Disk ID: 00B1E467)
Partition 1: (Active) - (Size=1009 MB) - (Type=06)
==================== Ende von Addition.txt ============================
|
|
14.02.2017, 12:04
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Win 7: Browser stellt nur noch bestimmte Seiten dar Hi,
__________________du hast da aber ganz schön viel Schrott drauf. Uralt-Programme und viele dieser kleinen Games, die nach Adware fast schon riechen  muss das alles sein?Außerdem ist da Avira drauf. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Wir deinstallieren jetzt erstmal Avira und anderen unnötige bzw veraltete Software ; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren! Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
__________________ |
|
14.02.2017, 21:27
| #3 |
| | Win 7: Browser stellt nur noch bestimmte Seiten dar Vielen Dank für die Antwort. Deinstallation ist erledigt.
__________________Nach Neustart sind die Seiten wieder erreichbar. Geändert von joooachim (14.02.2017 um 22:12 Uhr) |
|
15.02.2017, 12:43
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7: Browser stellt nur noch bestimmte Seiten dar 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.02.2017, 22:12
| #5 |
| | Win 7: Browser stellt nur noch bestimmte Seiten dar Hallo Cosinus, ist erledigt - keine Funde. MBAR: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.02.15.07
rootkit: v2017.02.15.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18537
Franzi :: FRANZI-PC [administrator]
15.02.2017 21:20:00
mbar-log-2017-02-15 (21-20-00).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 374063
Time elapsed: 43 minute(s), 46 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 22:04:41.0693 0x16e0 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
22:04:45.0971 0x16e0 ============================================================
22:04:45.0971 0x16e0 Current date / time: 2017/02/15 22:04:45.0971
22:04:45.0971 0x16e0 SystemInfo:
22:04:45.0971 0x16e0
22:04:45.0971 0x16e0 OS Version: 6.1.7601 ServicePack: 1.0
22:04:45.0971 0x16e0 Product type: Workstation
22:04:45.0971 0x16e0 ComputerName: FRANZI-PC
22:04:45.0971 0x16e0 UserName: Franzi
22:04:45.0971 0x16e0 Windows directory: C:\Windows
22:04:45.0971 0x16e0 System windows directory: C:\Windows
22:04:45.0971 0x16e0 Running under WOW64
22:04:45.0972 0x16e0 Processor architecture: Intel x64
22:04:45.0972 0x16e0 Number of processors: 4
22:04:45.0972 0x16e0 Page size: 0x1000
22:04:45.0972 0x16e0 Boot type: Normal boot
22:04:45.0972 0x16e0 CodeIntegrityOptions = 0x00000001
22:04:45.0972 0x16e0 ============================================================
22:04:46.0175 0x16e0 KLMD registered as C:\Windows\system32\drivers\98912718.sys
22:04:46.0175 0x16e0 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
22:04:46.0602 0x16e0 System UUID: {B7F51B95-038A-741E-F95A-BFB986DB2321}
22:04:47.0358 0x16e0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:04:47.0363 0x16e0 ============================================================
22:04:47.0363 0x16e0 \Device\Harddisk0\DR0:
22:04:47.0364 0x16e0 MBR partitions:
22:04:47.0364 0x16e0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A5E800, BlocksNum 0x32000
22:04:47.0364 0x16e0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A90800, BlocksNum 0x388F5030
22:04:47.0364 0x16e0 ============================================================
22:04:47.0458 0x16e0 C: <-> \Device\Harddisk0\DR0\Partition2
22:04:47.0494 0x16e0 ============================================================
22:04:47.0495 0x16e0 Initialize success
22:04:47.0495 0x16e0 ============================================================
22:05:20.0177 0x062c ============================================================
22:05:20.0177 0x062c Scan started
22:05:20.0177 0x062c Mode: Manual; SigCheck; TDLFS;
22:05:20.0177 0x062c ============================================================
22:05:20.0177 0x062c KSN ping started
22:05:20.0407 0x062c KSN ping finished: true
22:05:21.0159 0x062c ================ Scan system memory ========================
22:05:21.0159 0x062c System memory - ok
22:05:21.0160 0x062c ================ Scan services =============================
22:05:21.0417 0x062c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:05:21.0565 0x062c 1394ohci - ok
22:05:21.0649 0x062c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:05:21.0689 0x062c ACPI - ok
22:05:21.0743 0x062c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:05:21.0808 0x062c AcpiPmi - ok
22:05:21.0881 0x062c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:05:21.0935 0x062c adp94xx - ok
22:05:21.0974 0x062c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:05:21.0996 0x062c adpahci - ok
22:05:22.0022 0x062c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:05:22.0038 0x062c adpu320 - ok
22:05:22.0077 0x062c [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:05:22.0139 0x062c AeLookupSvc - ok
22:05:22.0239 0x062c [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
22:05:22.0306 0x062c AFD - ok
22:05:22.0369 0x062c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
22:05:22.0395 0x062c agp440 - ok
22:05:22.0441 0x062c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
22:05:22.0478 0x062c ALG - ok
22:05:22.0538 0x062c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
22:05:22.0556 0x062c aliide - ok
22:05:22.0628 0x062c [ 3D90CF67DB75823A8480E56BBCD2E028, 775D58B99ACA606D434713BC00132D43061C37CFEEAECD194FCFDF45792944A3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:05:22.0672 0x062c AMD External Events Utility - ok
22:05:22.0733 0x062c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
22:05:22.0746 0x062c amdide - ok
22:05:22.0786 0x062c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:05:22.0829 0x062c AmdK8 - ok
22:05:23.0103 0x062c [ 52679612D742BF74CA1BA6AB86DDF431, 9D7A8FA8952519AD83CD36038F85B958BC97D1A25596EDC01CA1F6DD45DB542A ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
22:05:23.0461 0x062c amdkmdag - ok
22:05:23.0514 0x062c [ 414E0788920A8C856032BE2CBF29F984, 2DD027ADA24C871167C80A2F5C5ED5CB3AEA1E3A4E8C5FD352FA82C33B24479B ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
22:05:23.0569 0x062c amdkmdap - ok
22:05:23.0606 0x062c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:05:23.0653 0x062c AmdPPM - ok
22:05:23.0706 0x062c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:05:23.0722 0x062c amdsata - ok
22:05:23.0753 0x062c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:05:23.0772 0x062c amdsbs - ok
22:05:23.0790 0x062c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:05:23.0804 0x062c amdxata - ok
22:05:23.0858 0x062c [ 391887990CDAA83DE5C56C3FDE966DA1, BC55E21E03B3FE7BBDBB13D56AADB8FBA74F58521AC73B105AD9788E7AE18F0B ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
22:05:23.0896 0x062c AmUStor - ok
22:05:23.0957 0x062c [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID C:\Windows\system32\drivers\appid.sys
22:05:24.0003 0x062c AppID - ok
22:05:24.0009 0x062c [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:05:24.0053 0x062c AppIDSvc - ok
22:05:24.0088 0x062c [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\Windows\System32\appinfo.dll
22:05:24.0129 0x062c Appinfo - ok
22:05:24.0278 0x062c [ 3E7C6639E424FD28952C29D66B7E5277, B10AD3FA5CB36328C5DF33AF58F76770E2B54CFBCB70BD84934F925B8E19FA1F ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:05:24.0299 0x062c Apple Mobile Device Service - ok
22:05:24.0338 0x062c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
22:05:24.0357 0x062c arc - ok
22:05:24.0380 0x062c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:05:24.0400 0x062c arcsas - ok
22:05:24.0535 0x062c [ 08FC11F6416923BBC614C28B4180E9A7, C829380F10E3EE92A38F2D59ED0D5B1D27B577021307E0C2C23EC901D0479006 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:05:24.0566 0x062c aspnet_state - ok
22:05:24.0597 0x062c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:05:24.0667 0x062c AsyncMac - ok
22:05:24.0713 0x062c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
22:05:24.0725 0x062c atapi - ok
22:05:24.0791 0x062c [ FB7602C5C508BE281368AAE0B61B51C6, 81FB4ABFA006974C20CA0E9FEB279A51CC4A9F0C1DA67075AA0EAD13F43B3782 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
22:05:24.0824 0x062c AtiHdmiService - ok
22:05:24.0893 0x062c [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:05:24.0969 0x062c AudioEndpointBuilder - ok
22:05:25.0006 0x062c [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:05:25.0037 0x062c AudioSrv - ok
22:05:25.0109 0x062c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:05:25.0190 0x062c AxInstSV - ok
22:05:25.0268 0x062c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:05:25.0352 0x062c b06bdrv - ok
22:05:25.0437 0x062c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:05:25.0503 0x062c b57nd60a - ok
22:05:25.0666 0x062c [ FDE8C8DC07E75347E4C6B455A0964217, A5CFF5BDBE9989328269FB422A0DBE18CF9CA6974F530A6DE9BCF66A2B766A68 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
22:05:25.0840 0x062c BCM43XX - ok
22:05:25.0888 0x062c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
22:05:25.0915 0x062c BDESVC - ok
22:05:25.0958 0x062c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
22:05:26.0046 0x062c Beep - ok
22:05:26.0144 0x062c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
22:05:26.0213 0x062c BFE - ok
22:05:26.0291 0x062c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
22:05:26.0412 0x062c BITS - ok
22:05:26.0448 0x062c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:05:26.0504 0x062c blbdrive - ok
22:05:26.0598 0x062c [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:05:26.0627 0x062c Bonjour Service - ok
22:05:26.0682 0x062c [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:05:26.0750 0x062c bowser - ok
22:05:26.0792 0x062c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:05:26.0887 0x062c BrFiltLo - ok
22:05:26.0918 0x062c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:05:26.0985 0x062c BrFiltUp - ok
22:05:27.0057 0x062c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
22:05:27.0113 0x062c Browser - ok
22:05:27.0166 0x062c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:05:27.0224 0x062c Brserid - ok
22:05:27.0246 0x062c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:05:27.0285 0x062c BrSerWdm - ok
22:05:27.0315 0x062c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:05:27.0372 0x062c BrUsbMdm - ok
22:05:27.0400 0x062c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:05:27.0448 0x062c BrUsbSer - ok
22:05:27.0483 0x062c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:05:27.0521 0x062c BTHMODEM - ok
22:05:27.0583 0x062c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
22:05:27.0662 0x062c bthserv - ok
22:05:27.0689 0x062c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:05:27.0750 0x062c cdfs - ok
22:05:27.0816 0x062c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
22:05:27.0872 0x062c cdrom - ok
22:05:27.0938 0x062c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
22:05:27.0992 0x062c CertPropSvc - ok
22:05:28.0018 0x062c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:05:28.0063 0x062c circlass - ok
22:05:28.0120 0x062c [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS C:\Windows\system32\CLFS.sys
22:05:28.0150 0x062c CLFS - ok
22:05:28.0234 0x062c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:05:28.0259 0x062c clr_optimization_v2.0.50727_32 - ok
22:05:28.0333 0x062c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:05:28.0361 0x062c clr_optimization_v2.0.50727_64 - ok
22:05:28.0448 0x062c [ 40554ADA608F31A73BC002041BFBCED4, 8A4FB3B824EC49392A206BF14381AAE389C0E683B4ED0E89F5362746222E1FBA ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:05:28.0481 0x062c clr_optimization_v4.0.30319_32 - ok
22:05:28.0503 0x062c [ 7CD17E6A27D64F672DEA52E9D144B08E, 566CB07531BEBFB704E2BE2D33F49B5D9F962D7931B2BABC1BA2F4015C651CBE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:05:28.0519 0x062c clr_optimization_v4.0.30319_64 - ok
22:05:28.0560 0x062c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:05:28.0573 0x062c CmBatt - ok
22:05:28.0598 0x062c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:05:28.0610 0x062c cmdide - ok
22:05:28.0669 0x062c [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys
22:05:28.0707 0x062c CNG - ok
22:05:28.0743 0x062c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:05:28.0754 0x062c Compbatt - ok
22:05:28.0802 0x062c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:05:28.0833 0x062c CompositeBus - ok
22:05:28.0845 0x062c COMSysApp - ok
22:05:28.0863 0x062c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:05:28.0876 0x062c crcdisk - ok
22:05:28.0936 0x062c [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:05:28.0988 0x062c CryptSvc - ok
22:05:29.0055 0x062c [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
22:05:29.0104 0x062c DcomLaunch - ok
22:05:29.0143 0x062c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
22:05:29.0213 0x062c defragsvc - ok
22:05:29.0238 0x062c [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:05:29.0287 0x062c DfsC - ok
22:05:29.0356 0x062c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:05:29.0416 0x062c Dhcp - ok
22:05:29.0559 0x062c [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
22:05:29.0674 0x062c DiagTrack - ok
22:05:29.0711 0x062c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
22:05:29.0774 0x062c discache - ok
22:05:29.0839 0x062c [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
22:05:29.0867 0x062c Disk - ok
22:05:29.0908 0x062c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:05:29.0944 0x062c Dnscache - ok
22:05:29.0993 0x062c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
22:05:30.0083 0x062c dot3svc - ok
22:05:30.0122 0x062c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
22:05:30.0186 0x062c DPS - ok
22:05:30.0248 0x062c [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:05:30.0273 0x062c drmkaud - ok
22:05:30.0371 0x062c [ E2B2853A0210D6EDAB2261870BD80C1A, BAC20DFFCFD8C324BC5B9CDA7BAFD553BBA8E3ED9224FDCF471357A456AC0A61 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
22:05:30.0403 0x062c DsiWMIService - ok
22:05:30.0513 0x062c [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:05:30.0568 0x062c DXGKrnl - ok
22:05:30.0623 0x062c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
22:05:30.0721 0x062c EapHost - ok
22:05:30.0890 0x062c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:05:31.0084 0x062c ebdrv - ok
22:05:31.0149 0x062c [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] EFS C:\Windows\System32\lsass.exe
22:05:31.0188 0x062c EFS - ok
22:05:31.0286 0x062c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:05:31.0377 0x062c ehRecvr - ok
22:05:31.0421 0x062c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
22:05:31.0468 0x062c ehSched - ok
22:05:31.0539 0x062c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:05:31.0576 0x062c elxstor - ok
22:05:31.0686 0x062c [ 09DDC2D4724A4FF844F738B60E63D872, 698F4BFABD6A5F822B40EC81413702BC6F04B49B5DF4DECE844AFC27E3FAE28D ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
22:05:31.0717 0x062c ePowerSvc - ok
22:05:31.0752 0x062c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:05:31.0778 0x062c ErrDev - ok
22:05:31.0859 0x062c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
22:05:31.0950 0x062c EventSystem - ok
22:05:32.0050 0x062c [ 334C907536E815E56CD13108A6D5FB9D, 0CEA0A330607B44A4CF0F0D5C92E91C7E2157404410F651CC4F8BA14A74523AE ] ewusbmbb C:\Windows\system32\DRIVERS\ewusbwwan.sys
22:05:32.0128 0x062c ewusbmbb - ok
22:05:32.0179 0x062c [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
22:05:32.0223 0x062c ew_hwusbdev - ok
22:05:32.0271 0x062c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
22:05:32.0353 0x062c exfat - ok
22:05:32.0380 0x062c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:05:32.0448 0x062c fastfat - ok
22:05:32.0524 0x062c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
22:05:32.0592 0x062c Fax - ok
22:05:32.0625 0x062c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:05:32.0665 0x062c fdc - ok
22:05:32.0701 0x062c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
22:05:32.0807 0x062c fdPHost - ok
22:05:32.0832 0x062c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
22:05:32.0913 0x062c FDResPub - ok
22:05:32.0948 0x062c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:05:32.0960 0x062c FileInfo - ok
22:05:32.0994 0x062c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:05:33.0055 0x062c Filetrace - ok
22:05:33.0078 0x062c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:05:33.0111 0x062c flpydisk - ok
22:05:33.0161 0x062c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:05:33.0183 0x062c FltMgr - ok
22:05:33.0286 0x062c [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache C:\Windows\system32\FntCache.dll
22:05:33.0379 0x062c FontCache - ok
22:05:33.0452 0x062c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:05:33.0461 0x062c FontCache3.0.0.0 - ok
22:05:33.0491 0x062c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:05:33.0502 0x062c FsDepends - ok
22:05:33.0547 0x062c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:05:33.0558 0x062c Fs_Rec - ok
22:05:33.0618 0x062c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:05:33.0637 0x062c fvevol - ok
22:05:33.0664 0x062c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:05:33.0676 0x062c gagp30kx - ok
22:05:33.0718 0x062c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:05:33.0726 0x062c GEARAspiWDM - ok
22:05:33.0803 0x062c [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
22:05:33.0845 0x062c gpsvc - detected UnsignedFile.Multi.Generic ( 1 )
22:05:34.0108 0x062c Detect skipped due to KSN trusted
22:05:34.0108 0x062c gpsvc - ok
22:05:34.0209 0x062c [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
22:05:34.0223 0x062c GREGService - ok
22:05:34.0336 0x062c [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:05:34.0364 0x062c gupdate - ok
22:05:34.0425 0x062c [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:05:34.0450 0x062c gupdatem - ok
22:05:34.0499 0x062c [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:05:34.0513 0x062c gusvc - ok
22:05:34.0540 0x062c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:05:34.0595 0x062c hcw85cir - ok
22:05:34.0694 0x062c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:05:34.0750 0x062c HdAudAddService - ok
22:05:34.0813 0x062c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
22:05:34.0861 0x062c HDAudBus - ok
22:05:34.0901 0x062c [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:05:34.0922 0x062c HECIx64 - ok
22:05:34.0956 0x062c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:05:34.0993 0x062c HidBatt - ok
22:05:35.0019 0x062c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:05:35.0059 0x062c HidBth - ok
22:05:35.0100 0x062c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:05:35.0144 0x062c HidIr - ok
22:05:35.0179 0x062c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
22:05:35.0232 0x062c hidserv - ok
22:05:35.0274 0x062c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
22:05:35.0289 0x062c HidUsb - ok
22:05:35.0337 0x062c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:05:35.0418 0x062c hkmsvc - ok
22:05:35.0460 0x062c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:05:35.0500 0x062c HomeGroupListener - ok
22:05:35.0539 0x062c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:05:35.0593 0x062c HomeGroupProvider - ok
22:05:35.0654 0x062c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:05:35.0682 0x062c HpSAMD - ok
22:05:35.0754 0x062c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:05:35.0826 0x062c HTTP - ok
22:05:35.0887 0x062c [ 1642C62F1FD5E1FF44608283994A7BB8, 4646AA0EF74A2AEE6C17D12206FCFE1E84D6FA712AD95A171F16D11BC9D3F11A ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
22:05:35.0923 0x062c huawei_enumerator - ok
22:05:36.0008 0x062c [ 4B80AF36EE9F31361C1DCB2EE563719A, 6729ABDFBADA03DF0EBC71B4A898951B797B9640E718D42B9669A0396F1BE730 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
22:05:36.0056 0x062c hwdatacard - ok
22:05:36.0170 0x062c [ E90DA42B87D684DEBFB73B38A718A006, BB18C63C1982F5CB99C9B65D2B801E8C1909AD7CD0171326DC0015D6B781B451 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
22:05:36.0195 0x062c HWDeviceService64.exe - ok
22:05:36.0235 0x062c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:05:36.0247 0x062c hwpolicy - ok
22:05:36.0308 0x062c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:05:36.0334 0x062c i8042prt - ok
22:05:36.0402 0x062c [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:05:36.0429 0x062c iaStor - ok
22:05:36.0476 0x062c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:05:36.0502 0x062c iaStorV - ok
22:05:36.0638 0x062c [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:05:36.0649 0x062c IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
22:05:36.0773 0x062c Detect skipped due to KSN trusted
22:05:36.0773 0x062c IDriverT - ok
22:05:36.0872 0x062c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:05:36.0929 0x062c idsvc - ok
22:05:36.0972 0x062c IEEtwCollectorService - ok
22:05:37.0371 0x062c [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:05:37.0714 0x062c igfx - ok
22:05:37.0767 0x062c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:05:37.0778 0x062c iirsp - ok
22:05:37.0865 0x062c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
22:05:37.0935 0x062c IKEEXT - ok
22:05:38.0073 0x062c [ 53019327813FF5AB2964B33B2C61307C, DFE61235DA59E4AD122201F0054E6073A9538764DD4FD18A11588949089FFBA9 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:05:38.0189 0x062c IntcAzAudAddService - ok
22:05:38.0225 0x062c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
22:05:38.0235 0x062c intelide - ok
22:05:38.0274 0x062c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:05:38.0314 0x062c intelppm - ok
22:05:38.0352 0x062c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:05:38.0430 0x062c IPBusEnum - ok
22:05:38.0462 0x062c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:05:38.0523 0x062c IpFilterDriver - ok
22:05:38.0594 0x062c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:05:38.0666 0x062c iphlpsvc - ok
22:05:38.0711 0x062c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:05:38.0746 0x062c IPMIDRV - ok
22:05:38.0783 0x062c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:05:38.0849 0x062c IPNAT - ok
22:05:38.0936 0x062c [ 7C109F2155E962A5700165D9AD6868FD, 85F595EFADBA4604C70FB9DBD24D872EB91F7D384D26EA82CFC8754559453026 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:05:38.0970 0x062c iPod Service - ok
22:05:39.0002 0x062c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:05:39.0047 0x062c IRENUM - ok
22:05:39.0112 0x062c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:05:39.0134 0x062c isapnp - ok
22:05:39.0175 0x062c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:05:39.0197 0x062c iScsiPrt - ok
22:05:39.0244 0x062c [ 9D7EA8C7215D8D4AE7BE110EEE61085D, C8AEC99985AEAD52FA4FA14DA98EE465594EA1392E2010D0B474CD467D766EE8 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
22:05:39.0262 0x062c k57nd60a - ok
22:05:39.0285 0x062c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
22:05:39.0298 0x062c kbdclass - ok
22:05:39.0353 0x062c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:05:39.0385 0x062c kbdhid - ok
22:05:39.0415 0x062c [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] KeyIso C:\Windows\system32\lsass.exe
22:05:39.0435 0x062c KeyIso - ok
22:05:39.0473 0x062c [ 6F5F0C6160EF237F0243C1E416EEBA98, 8BA8AA0D71350A74E294A731226B1638C6059013D645ABDE7188F7733E320FBD ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:05:39.0494 0x062c KSecDD - ok
22:05:39.0536 0x062c [ 05529E53B286FD60E7EF04EF138CABFD, 6C045750DCD3EE76F748582513AD4FA99C0E8E56B616725CD48DCA1068FF8923 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:05:39.0561 0x062c KSecPkg - ok
22:05:39.0598 0x062c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:05:39.0647 0x062c ksthunk - ok
22:05:39.0690 0x062c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
22:05:39.0767 0x062c KtmRm - ok
22:05:39.0817 0x062c [ 2AC603C3188C704CFCE353659AA7AD71, 0DAC2E8858221145FA35883BAE0D6484E60EB624158DE9F063FF209951CD1CDF ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
22:05:39.0844 0x062c L1E - ok
22:05:39.0888 0x062c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:05:39.0969 0x062c LanmanServer - ok
22:05:40.0003 0x062c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:05:40.0064 0x062c LanmanWorkstation - ok
22:05:40.0107 0x062c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:05:40.0186 0x062c lltdio - ok
22:05:40.0233 0x062c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:05:40.0286 0x062c lltdsvc - ok
22:05:40.0314 0x062c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:05:40.0390 0x062c lmhosts - ok
22:05:40.0497 0x062c [ 23DE5B62B0445A6F874BE633C95B483E, 39A8E5BD057F5EE049FA48848C5881DCD2CFB16CD9E2A03CC9DDF35F116FEE0B ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:05:40.0521 0x062c LMS - ok
22:05:40.0557 0x062c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:05:40.0572 0x062c LSI_FC - ok
22:05:40.0592 0x062c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:05:40.0607 0x062c LSI_SAS - ok
22:05:40.0622 0x062c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:05:40.0635 0x062c LSI_SAS2 - ok
22:05:40.0655 0x062c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:05:40.0669 0x062c LSI_SCSI - ok
22:05:40.0685 0x062c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
22:05:40.0756 0x062c luafv - ok
22:05:40.0794 0x062c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:05:40.0812 0x062c Mcx2Svc - ok
22:05:40.0845 0x062c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:05:40.0869 0x062c megasas - ok
22:05:40.0901 0x062c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:05:40.0922 0x062c MegaSR - ok
22:05:40.0959 0x062c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
22:05:41.0017 0x062c MMCSS - ok
22:05:41.0131 0x062c [ 1CE0621B591913C12BECAA5B50E88BB2, 115068C57570140C9389BD923A4E68236ACEBB4F733DA09D05AEEDAD7317AB46 ] Mobile Partner. RunOuc C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
22:05:41.0166 0x062c Mobile Partner. RunOuc - ok
22:05:41.0196 0x062c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
22:05:41.0254 0x062c Modem - ok
22:05:41.0291 0x062c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:05:41.0340 0x062c monitor - ok
22:05:41.0374 0x062c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
22:05:41.0388 0x062c mouclass - ok
22:05:41.0424 0x062c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:05:41.0440 0x062c mouhid - ok
22:05:41.0474 0x062c [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:05:41.0491 0x062c mountmgr - ok
22:05:41.0517 0x062c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
22:05:41.0532 0x062c mpio - ok
22:05:41.0552 0x062c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:05:41.0609 0x062c mpsdrv - ok
22:05:41.0685 0x062c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:05:41.0766 0x062c MpsSvc - ok
22:05:41.0813 0x062c [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:05:41.0857 0x062c MRxDAV - ok
22:05:41.0908 0x062c [ 632E8A00090E4F85F304E152C92C7F2C, A3098941251A8327C95E6B1122384D54FB0ED705A9215577D968EA5B5FD88C87 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:05:41.0956 0x062c mrxsmb - ok
22:05:41.0989 0x062c [ 0D9C05484F2F4BD9D33A615D5DBE67EA, 1E164B631B1CD85DD5B205284CB547B189609946490AAABD22741743BFB413DF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:05:42.0028 0x062c mrxsmb10 - ok
22:05:42.0070 0x062c [ 6123E6FECC1C164022868FB1982271BE, 417E6C7AFF8B014B31AFCC202B0DCEECBDBB73205DF8C3EFC7E313664E284178 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:05:42.0108 0x062c mrxsmb20 - ok
22:05:42.0145 0x062c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
22:05:42.0157 0x062c msahci - ok
22:05:42.0207 0x062c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:05:42.0237 0x062c msdsm - ok
22:05:42.0258 0x062c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
22:05:42.0298 0x062c MSDTC - ok
22:05:42.0337 0x062c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:05:42.0404 0x062c Msfs - ok
22:05:42.0439 0x062c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:05:42.0505 0x062c mshidkmdf - ok
22:05:42.0538 0x062c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:05:42.0550 0x062c msisadrv - ok
22:05:42.0576 0x062c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:05:42.0664 0x062c MSiSCSI - ok
22:05:42.0668 0x062c msiserver - ok
22:05:42.0734 0x062c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:05:42.0787 0x062c MSKSSRV - ok
22:05:42.0812 0x062c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:05:42.0852 0x062c MSPCLOCK - ok
22:05:42.0871 0x062c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:05:42.0927 0x062c MSPQM - ok
22:05:42.0966 0x062c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:05:42.0986 0x062c MsRPC - ok
22:05:43.0026 0x062c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:05:43.0038 0x062c mssmbios - ok
22:05:43.0067 0x062c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:05:43.0145 0x062c MSTEE - ok
22:05:43.0170 0x062c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:05:43.0213 0x062c MTConfig - ok
22:05:43.0251 0x062c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
22:05:43.0273 0x062c Mup - ok
22:05:43.0328 0x062c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
22:05:43.0409 0x062c napagent - ok
22:05:43.0471 0x062c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:05:43.0546 0x062c NativeWifiP - ok
22:05:43.0612 0x062c [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:05:43.0677 0x062c NDIS - ok
22:05:43.0715 0x062c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:05:43.0800 0x062c NdisCap - ok
22:05:43.0828 0x062c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:05:43.0888 0x062c NdisTapi - ok
22:05:43.0958 0x062c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:05:44.0039 0x062c Ndisuio - ok
22:05:44.0079 0x062c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:05:44.0161 0x062c NdisWan - ok
22:05:44.0187 0x062c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:05:44.0243 0x062c NDProxy - ok
22:05:44.0298 0x062c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:05:44.0356 0x062c NetBIOS - ok
22:05:44.0387 0x062c [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:05:44.0419 0x062c NetBT - detected UnsignedFile.Multi.Generic ( 1 )
22:05:44.0549 0x062c Detect skipped due to KSN trusted
22:05:44.0549 0x062c NetBT - ok
22:05:44.0592 0x062c [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] Netlogon C:\Windows\system32\lsass.exe
22:05:44.0620 0x062c Netlogon - ok
22:05:44.0677 0x062c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
22:05:44.0763 0x062c Netman - ok
22:05:44.0821 0x062c [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:05:44.0855 0x062c NetMsmqActivator - ok
22:05:44.0899 0x062c [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:05:44.0928 0x062c NetPipeActivator - ok
22:05:44.0975 0x062c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
22:05:45.0030 0x062c netprofm - ok
22:05:45.0042 0x062c [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:05:45.0058 0x062c NetTcpActivator - ok
22:05:45.0064 0x062c [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:05:45.0080 0x062c NetTcpPortSharing - ok
22:05:45.0120 0x062c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:05:45.0133 0x062c nfrd960 - ok
22:05:45.0181 0x062c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
22:05:45.0232 0x062c NlaSvc - ok
22:05:45.0252 0x062c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:05:45.0295 0x062c Npfs - ok
22:05:45.0312 0x062c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
22:05:45.0369 0x062c nsi - ok
22:05:45.0389 0x062c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:05:45.0462 0x062c nsiproxy - ok
22:05:45.0570 0x062c [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:05:45.0650 0x062c Ntfs - ok
22:05:45.0732 0x062c [ 5B3CE960C62DBE864BE9A0BD043A3E30, 8474C68B0A8F94945C3278C682143F289245FC31C28DBB4609E993F90F7AD309 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
22:05:45.0766 0x062c NTI IScheduleSvc - detected UnsignedFile.Multi.Generic ( 1 )
22:05:45.0885 0x062c Detect skipped due to KSN trusted
22:05:45.0885 0x062c NTI IScheduleSvc - ok
22:05:45.0941 0x062c [ 15221DD637D9D0FFC60848EBBF1DF538, 72E20DAAC3BF7CA9303DB515A7C93C629D7EEDA04C9A7CE91AFBCBB574F257D4 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
22:05:45.0961 0x062c NTIBackupSvc - ok
22:05:45.0990 0x062c [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
22:05:45.0999 0x062c NTIDrvr - ok
22:05:46.0047 0x062c [ B5071E15D4C3F5EF5018AFF7E85A85E5, FF3ACAEDD127CC4BB0A6FD2D34B5E4D98478A86122BE31DB84702A12567288E0 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
22:05:46.0144 0x062c NTISchedulerSvc - ok
22:05:46.0167 0x062c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
22:05:46.0239 0x062c Null - ok
22:05:46.0296 0x062c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:05:46.0325 0x062c nvraid - ok
22:05:46.0374 0x062c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:05:46.0400 0x062c nvstor - ok
22:05:46.0454 0x062c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:05:46.0485 0x062c nv_agp - ok
22:05:46.0572 0x062c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:05:46.0608 0x062c odserv - ok
22:05:46.0648 0x062c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:05:46.0678 0x062c ohci1394 - ok
22:05:46.0713 0x062c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:05:46.0727 0x062c ose - ok
22:05:46.0757 0x062c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:05:46.0797 0x062c p2pimsvc - ok
22:05:46.0837 0x062c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
22:05:46.0889 0x062c p2psvc - ok
22:05:46.0928 0x062c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:05:46.0967 0x062c Parport - ok
22:05:47.0009 0x062c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:05:47.0025 0x062c partmgr - ok
22:05:47.0067 0x062c [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
22:05:47.0107 0x062c PcaSvc - ok
22:05:47.0152 0x062c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
22:05:47.0179 0x062c pci - ok
22:05:47.0203 0x062c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
22:05:47.0215 0x062c pciide - ok
22:05:47.0253 0x062c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:05:47.0271 0x062c pcmcia - ok
22:05:47.0295 0x062c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
22:05:47.0308 0x062c pcw - ok
22:05:47.0376 0x062c [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:05:47.0441 0x062c PEAUTH - ok
22:05:47.0542 0x062c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:05:47.0590 0x062c PerfHost - ok
22:05:47.0712 0x062c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
22:05:47.0866 0x062c pla - ok
22:05:47.0936 0x062c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:05:47.0983 0x062c PlugPlay - ok
22:05:48.0003 0x062c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:05:48.0035 0x062c PNRPAutoReg - ok
22:05:48.0068 0x062c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:05:48.0091 0x062c PNRPsvc - ok
22:05:48.0146 0x062c [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:05:48.0206 0x062c PolicyAgent - detected UnsignedFile.Multi.Generic ( 1 )
22:05:48.0388 0x062c Detect skipped due to KSN trusted
22:05:48.0388 0x062c PolicyAgent - ok
22:05:48.0429 0x062c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
22:05:48.0496 0x062c Power - ok
22:05:48.0536 0x062c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:05:48.0582 0x062c PptpMiniport - ok
22:05:48.0629 0x062c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:05:48.0673 0x062c Processor - ok
22:05:48.0737 0x062c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
22:05:48.0789 0x062c ProfSvc - ok
22:05:48.0804 0x062c [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] ProtectedStorage C:\Windows\system32\lsass.exe
22:05:48.0819 0x062c ProtectedStorage - ok
22:05:48.0870 0x062c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:05:48.0933 0x062c Psched - ok
22:05:49.0036 0x062c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:05:49.0142 0x062c ql2300 - ok
22:05:49.0177 0x062c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:05:49.0191 0x062c ql40xx - ok
22:05:49.0228 0x062c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
22:05:49.0254 0x062c QWAVE - ok
22:05:49.0269 0x062c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:05:49.0309 0x062c QWAVEdrv - ok
22:05:49.0338 0x062c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:05:49.0393 0x062c RasAcd - ok
22:05:49.0432 0x062c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:05:49.0479 0x062c RasAgileVpn - ok
22:05:49.0518 0x062c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
22:05:49.0598 0x062c RasAuto - ok
22:05:49.0645 0x062c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:05:49.0704 0x062c Rasl2tp - ok
22:05:49.0750 0x062c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
22:05:49.0820 0x062c RasMan - ok
22:05:49.0849 0x062c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:05:49.0906 0x062c RasPppoe - ok
22:05:49.0938 0x062c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:05:50.0003 0x062c RasSstp - ok
22:05:50.0069 0x062c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:05:50.0184 0x062c rdbss - ok
22:05:50.0209 0x062c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:05:50.0250 0x062c rdpbus - ok
22:05:50.0281 0x062c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:05:50.0335 0x062c RDPCDD - ok
22:05:50.0344 0x062c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:05:50.0397 0x062c RDPENCDD - ok
22:05:50.0431 0x062c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:05:50.0489 0x062c RDPREFMP - ok
22:05:50.0522 0x062c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:05:50.0560 0x062c RDPWD - ok
22:05:50.0606 0x062c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:05:50.0634 0x062c rdyboost - ok
22:05:50.0672 0x062c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:05:50.0744 0x062c RemoteAccess - ok
22:05:50.0772 0x062c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:05:50.0840 0x062c RemoteRegistry - ok
22:05:50.0859 0x062c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:05:50.0926 0x062c RpcEptMapper - ok
22:05:50.0967 0x062c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
22:05:51.0014 0x062c RpcLocator - ok
22:05:51.0076 0x062c [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
22:05:51.0111 0x062c RpcSs - ok
22:05:51.0144 0x062c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:05:51.0204 0x062c rspndr - ok
22:05:51.0226 0x062c [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] SamSs C:\Windows\system32\lsass.exe
22:05:51.0238 0x062c SamSs - ok
22:05:51.0272 0x062c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:05:51.0286 0x062c sbp2port - ok
22:05:51.0309 0x062c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:05:51.0357 0x062c SCardSvr - ok
22:05:51.0397 0x062c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:05:51.0436 0x062c scfilter - ok
22:05:51.0532 0x062c [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
22:05:51.0622 0x062c Schedule - ok
22:05:51.0657 0x062c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:05:51.0702 0x062c SCPolicySvc - ok
22:05:51.0750 0x062c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:05:51.0792 0x062c SDRSVC - ok
22:05:51.0828 0x062c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:05:51.0862 0x062c secdrv - ok
22:05:51.0903 0x062c [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
22:05:51.0940 0x062c seclogon - ok
22:05:51.0978 0x062c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
22:05:52.0061 0x062c SENS - ok
22:05:52.0078 0x062c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:05:52.0115 0x062c SensrSvc - ok
22:05:52.0150 0x062c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:05:52.0189 0x062c Serenum - ok
22:05:52.0221 0x062c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:05:52.0260 0x062c Serial - ok
22:05:52.0322 0x062c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:05:52.0357 0x062c sermouse - ok
22:05:52.0409 0x062c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
22:05:52.0492 0x062c SessionEnv - ok
22:05:52.0551 0x062c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:05:52.0568 0x062c sffdisk - ok
22:05:52.0580 0x062c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:05:52.0625 0x062c sffp_mmc - ok
22:05:52.0645 0x062c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:05:52.0695 0x062c sffp_sd - ok
22:05:52.0724 0x062c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:05:52.0758 0x062c sfloppy - ok
22:05:52.0804 0x062c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:05:52.0884 0x062c SharedAccess - ok
22:05:52.0928 0x062c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:05:52.0994 0x062c ShellHWDetection - ok
22:05:53.0024 0x062c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:05:53.0036 0x062c SiSRaid2 - ok
22:05:53.0065 0x062c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:05:53.0078 0x062c SiSRaid4 - ok
22:05:53.0187 0x062c [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:05:53.0224 0x062c SkypeUpdate - ok
22:05:53.0244 0x062c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:05:53.0286 0x062c Smb - ok
22:05:53.0338 0x062c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:05:53.0363 0x062c SNMPTRAP - ok
22:05:53.0384 0x062c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
22:05:53.0401 0x062c spldr - ok
22:05:53.0474 0x062c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
22:05:53.0542 0x062c Spooler - ok
22:05:53.0709 0x062c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
22:05:53.0948 0x062c sppsvc - ok
22:05:53.0986 0x062c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:05:54.0051 0x062c sppuinotify - ok
22:05:54.0104 0x062c [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:05:54.0151 0x062c srv - ok
22:05:54.0166 0x062c [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:05:54.0191 0x062c srv2 - ok
22:05:54.0222 0x062c [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:05:54.0256 0x062c srvnet - ok
22:05:54.0299 0x062c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:05:54.0376 0x062c SSDPSRV - ok
22:05:54.0406 0x062c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:05:54.0465 0x062c SstpSvc - ok
22:05:54.0502 0x062c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:05:54.0525 0x062c stexstor - ok
22:05:54.0613 0x062c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
22:05:54.0701 0x062c stisvc - ok
22:05:54.0745 0x062c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
22:05:54.0761 0x062c swenum - ok
22:05:54.0808 0x062c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
22:05:54.0908 0x062c swprv - ok
22:05:54.0978 0x062c [ ED6D1424E5B0C21A57B28DD8508D6843, EF3BBBBD376F22520060BC6D637CDF79E2D8B43A95E746FC1463E7CDC407C2D9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:05:55.0005 0x062c SynTP - ok
22:05:55.0111 0x062c [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
22:05:55.0210 0x062c SysMain - ok
22:05:55.0250 0x062c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:05:55.0315 0x062c TabletInputService - ok
22:05:55.0346 0x062c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
22:05:55.0414 0x062c TapiSrv - ok
22:05:55.0560 0x062c [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:05:55.0682 0x062c Tcpip - ok
22:05:55.0807 0x062c [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:05:55.0870 0x062c TCPIP6 - ok
22:05:55.0896 0x062c [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:05:55.0910 0x062c tcpipreg - ok
22:05:55.0956 0x062c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:05:55.0978 0x062c TDPIPE - ok
22:05:56.0017 0x062c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:05:56.0057 0x062c TDTCP - ok
22:05:56.0094 0x062c [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:05:56.0141 0x062c tdx - ok
22:05:56.0201 0x062c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
22:05:56.0228 0x062c TermDD - ok
22:05:56.0326 0x062c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
22:05:56.0361 0x062c TermService - ok
22:05:56.0397 0x062c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
22:05:56.0439 0x062c Themes - ok
22:05:56.0471 0x062c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
22:05:56.0531 0x062c THREADORDER - ok
22:05:56.0616 0x062c [ 0A62A2153A8D8C6EB00AB969764A90D6, 3A620DCCD237700162B03BA2E0F57BBF29A020B70FADFBF13CCF37EEFD358313 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
22:05:56.0638 0x062c TomTomHOMEService - ok
22:05:56.0676 0x062c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
22:05:56.0751 0x062c TrkWks - ok
22:05:56.0824 0x062c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:05:56.0910 0x062c TrustedInstaller - ok
22:05:56.0957 0x062c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:05:56.0997 0x062c tssecsrv - ok
22:05:57.0076 0x062c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:05:57.0103 0x062c TsUsbFlt - ok
22:05:57.0159 0x062c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:05:57.0217 0x062c tunnel - ok
22:05:57.0240 0x062c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:05:57.0253 0x062c uagp35 - ok
22:05:57.0293 0x062c [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
22:05:57.0302 0x062c UBHelper - ok
22:05:57.0344 0x062c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:05:57.0417 0x062c udfs - ok
22:05:57.0462 0x062c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:05:57.0492 0x062c UI0Detect - ok
22:05:57.0515 0x062c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:05:57.0528 0x062c uliagpkx - ok
22:05:57.0572 0x062c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
22:05:57.0588 0x062c umbus - ok
22:05:57.0621 0x062c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:05:57.0634 0x062c UmPass - ok
22:05:57.0842 0x062c [ CC3775100ABA633984F73DFAE1F55CAE, 845F129289BB73FD78A6C3B497F17BA973FD691BC9242200F81993417C803FE9 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:05:57.0907 0x062c UNS - ok
22:05:57.0996 0x062c [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
22:05:58.0025 0x062c Updater Service - ok
22:05:58.0064 0x062c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
22:05:58.0149 0x062c upnphost - ok
22:05:58.0201 0x062c [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
22:05:58.0224 0x062c USBAAPL64 - ok
22:05:58.0261 0x062c [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
22:05:58.0300 0x062c usbccgp - ok
22:05:58.0334 0x062c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:05:58.0381 0x062c usbcir - ok
22:05:58.0417 0x062c [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:05:58.0432 0x062c usbehci - ok
22:05:58.0475 0x062c [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\Windows\system32\drivers\usbhub.sys
22:05:58.0517 0x062c usbhub - ok
22:05:58.0552 0x062c [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:05:58.0598 0x062c usbohci - ok
22:05:58.0638 0x062c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:05:58.0687 0x062c usbprint - ok
22:05:58.0733 0x062c [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:05:58.0776 0x062c USBSTOR - ok
22:05:58.0823 0x062c [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:05:58.0870 0x062c usbuhci - ok
22:05:58.0940 0x062c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:05:58.0991 0x062c usbvideo - ok
22:05:59.0024 0x062c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
22:05:59.0117 0x062c UxSms - ok
22:05:59.0136 0x062c [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] VaultSvc C:\Windows\system32\lsass.exe
22:05:59.0149 0x062c VaultSvc - ok
22:05:59.0226 0x062c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:05:59.0246 0x062c vdrvroot - ok
22:05:59.0326 0x062c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
22:05:59.0432 0x062c vds - ok
22:05:59.0462 0x062c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:05:59.0513 0x062c vga - ok
22:05:59.0534 0x062c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
22:05:59.0607 0x062c VgaSave - ok
22:05:59.0650 0x062c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:05:59.0684 0x062c vhdmp - ok
22:05:59.0721 0x062c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
22:05:59.0732 0x062c viaide - ok
22:05:59.0793 0x062c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:05:59.0818 0x062c volmgr - ok
22:05:59.0878 0x062c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:05:59.0928 0x062c volmgrx - ok
22:05:59.0947 0x062c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:05:59.0967 0x062c volsnap - ok
22:06:00.0011 0x062c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:06:00.0043 0x062c vsmraid - ok
22:06:00.0146 0x062c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
22:06:00.0272 0x062c VSS - ok
22:06:00.0297 0x062c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:06:00.0313 0x062c vwifibus - ok
22:06:00.0337 0x062c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:06:00.0378 0x062c vwififlt - ok
22:06:00.0423 0x062c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
22:06:00.0491 0x062c W32Time - ok
22:06:00.0514 0x062c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:06:00.0542 0x062c WacomPen - ok
22:06:00.0590 0x062c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:06:00.0675 0x062c WANARP - ok
22:06:00.0680 0x062c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:06:00.0719 0x062c Wanarpv6 - ok
22:06:00.0824 0x062c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
22:06:00.0936 0x062c wbengine - ok
22:06:00.0986 0x062c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:06:01.0037 0x062c WbioSrvc - ok
22:06:01.0089 0x062c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:06:01.0148 0x062c wcncsvc - ok
22:06:01.0172 0x062c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:06:01.0187 0x062c WcsPlugInService - ok
22:06:01.0232 0x062c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:06:01.0244 0x062c Wd - ok
22:06:01.0308 0x062c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:06:01.0360 0x062c Wdf01000 - ok
22:06:01.0397 0x062c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:06:01.0444 0x062c WdiServiceHost - ok
22:06:01.0452 0x062c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:06:01.0469 0x062c WdiSystemHost - ok
22:06:01.0510 0x062c [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
22:06:01.0532 0x062c WebClient - ok
22:06:01.0588 0x062c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:06:01.0681 0x062c Wecsvc - ok
22:06:01.0704 0x062c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:06:01.0746 0x062c wercplsupport - ok
22:06:01.0779 0x062c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
22:06:01.0824 0x062c WerSvc - ok
22:06:01.0857 0x062c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:06:01.0900 0x062c WfpLwf - ok
22:06:01.0920 0x062c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:06:01.0931 0x062c WIMMount - ok
22:06:01.0958 0x062c WinDefend - ok
22:06:01.0971 0x062c WinHttpAutoProxySvc - ok
22:06:02.0048 0x062c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:06:02.0141 0x062c Winmgmt - ok
22:06:02.0257 0x062c [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
22:06:02.0396 0x062c WinRM - ok
22:06:02.0448 0x062c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
22:06:02.0465 0x062c WinUsb - ok
22:06:02.0544 0x062c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:06:02.0637 0x062c Wlansvc - ok
22:06:02.0686 0x062c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:06:02.0723 0x062c WmiAcpi - ok
22:06:02.0766 0x062c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:06:02.0789 0x062c wmiApSrv - ok
22:06:02.0825 0x062c WMPNetworkSvc - ok
22:06:02.0841 0x062c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:06:02.0874 0x062c WPCSvc - ok
22:06:02.0913 0x062c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:06:02.0935 0x062c WPDBusEnum - ok
22:06:02.0969 0x062c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:06:03.0056 0x062c ws2ifsl - ok
22:06:03.0104 0x062c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
22:06:03.0142 0x062c wscsvc - ok
22:06:03.0146 0x062c WSearch - ok
22:06:03.0289 0x062c [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
22:06:03.0409 0x062c wuauserv - ok
22:06:03.0452 0x062c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:06:03.0467 0x062c WudfPf - ok
22:06:03.0507 0x062c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:06:03.0542 0x062c WUDFRd - ok
22:06:03.0582 0x062c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:06:03.0629 0x062c wudfsvc - ok
22:06:03.0670 0x062c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
22:06:03.0717 0x062c WwanSvc - ok
22:06:03.0771 0x062c ================ Scan global ===============================
22:06:03.0805 0x062c [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
22:06:03.0852 0x062c [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
22:06:03.0885 0x062c [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
22:06:03.0928 0x062c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:06:03.0991 0x062c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
22:06:04.0023 0x062c [ Global ] - ok
22:06:04.0024 0x062c ================ Scan MBR ==================================
22:06:04.0047 0x062c [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
22:06:04.0476 0x062c \Device\Harddisk0\DR0 - ok
22:06:04.0477 0x062c ================ Scan VBR ==================================
22:06:04.0481 0x062c [ A824A0D943ACBCE3F294E45521E9E328 ] \Device\Harddisk0\DR0\Partition1
22:06:04.0484 0x062c \Device\Harddisk0\DR0\Partition1 - ok
22:06:04.0489 0x062c [ 5322B678C6A131046E9E9E19E7A090AD ] \Device\Harddisk0\DR0\Partition2
22:06:04.0492 0x062c \Device\Harddisk0\DR0\Partition2 - ok
22:06:04.0493 0x062c ================ Scan generic autorun ======================
22:06:04.0581 0x062c [ E19B41A5537C96D577DD796439DDDC29, 0B3DCD531207F13A677EEF46FF04C9FABA36308BC3F1041EE624FD946CAB0E10 ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
22:06:04.0609 0x062c AmIcoSinglun64 - detected UnsignedFile.Multi.Generic ( 1 )
22:06:05.0785 0x062c Detect skipped due to KSN trusted
22:06:05.0785 0x062c AmIcoSinglun64 - ok
22:06:05.0822 0x062c mwlDaemon - ok
22:06:06.0179 0x062c [ 37F1D9DE11A9888D014D5BE966084B34, 992B87FF41A811418C0166B48B5509090F9A66E3CF5B85BB19ED6059A6460C55 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
22:06:06.0424 0x062c RtHDVCpl - ok
22:06:06.0435 0x062c SynTPEnh - ok
22:06:06.0571 0x062c [ B34FE21E2DB91CA5D40E98D70FD2A25B, 2AE9F6FB237D48A3B087B37E12E12D6699ABBE415FFC2288F933035EA4FE699D ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
22:06:06.0623 0x062c Acer ePower Management - ok
22:06:06.0666 0x062c [ 4F249E7F6B1513C6CE6080566D12096D, 8CD68DA14FAD3EA91DB10632A0CE4A17FDEA31DE37729017A0D205FC25756719 ] C:\Program Files\iTunes\iTunesHelper.exe
22:06:06.0679 0x062c iTunesHelper - ok
22:06:06.0724 0x062c [ 2782D83D9B1071E28E2A4D9C6F5307C6, A0AD020D58D4759EB4F4DDF4E8B7397CDEF095ECD2E2804E250DEBA9117B1E30 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
22:06:06.0754 0x062c BackupManagerTray - detected UnsignedFile.Multi.Generic ( 1 )
22:06:06.0859 0x062c Detect skipped due to KSN trusted
22:06:06.0860 0x062c BackupManagerTray - ok
22:06:06.0933 0x062c [ 981E539199217491DF663368C02F4B94, BF17C28733E94D986FEA311DCD6D6507A4FD58515FD5F7C6ABA5A2A92045A511 ] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe
22:06:06.0978 0x062c NortonOnlineBackupReminder - ok
22:06:07.0063 0x062c [ 77AC8322178FB8F3117CDD3B6DC6E126, 2786198EE920D7788FA0DE376231D4E42AB68F6D5A1E87FAC1F3D7424D1ED493 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
22:06:07.0091 0x062c StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
22:06:07.0415 0x062c Detect skipped due to KSN trusted
22:06:07.0415 0x062c StartCCC - ok
22:06:07.0518 0x062c [ B283F9A1DEABD43ACC7481F893CF21E9, D3DE06E20C64917917541F31E132161F4CF9FB26BCB0214B1CEADB0CF7D3FB81 ] C:\Program Files (x86)\Launch Manager\LManager.exe
22:06:07.0548 0x062c LManager - ok
22:06:07.0663 0x062c [ BAD6BEA0DE1F69C82BDB74378CE0C20A, ADA84B75173E9D03C180B527E31475ACA16CB19532C3EDA11357BD37049927E3 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
22:06:07.0692 0x062c Adobe ARM - ok
22:06:07.0794 0x062c [ CB7CA3DC268CA9D3FC1349A60EA48211, 666FEBDE2F4FFDE141956795096027003B1F01028B2940C42D217C306F60B0AC ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
22:06:07.0832 0x062c DivXUpdate - ok
22:06:07.0907 0x062c [ 14206B12215588EF5A91EFD4FC5C7DC7, AF5DD314BDE44E6AFCEE95267D22DA620C0EFC433BEFB2DC6484DDAEDCA3B4FC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
22:06:07.0927 0x062c APSDaemon - ok
22:06:08.0043 0x062c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:06:08.0123 0x062c Sidebar - ok
22:06:08.0155 0x062c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:06:08.0199 0x062c mctadmin - ok
22:06:08.0235 0x062c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:06:08.0276 0x062c Sidebar - ok
22:06:08.0282 0x062c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:06:08.0301 0x062c mctadmin - ok
22:06:08.0375 0x062c [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
22:06:08.0393 0x062c swg - ok
22:06:08.0640 0x062c [ FE9E6388A039441098EB09C070EA5049, 3888822AF992F3BE27E9F973E31EBEE5302901E4A8260A9A6CF6B2BB2A12D173 ] C:\Users\Franzi\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
22:06:08.0689 0x062c Google Update - ok
22:06:08.0714 0x062c [ 44D6FD66E87CE5918B549EF84867B452, 967E6EAA0C1DC1FFA8CF4F46415FDA7F4EFDE01BE990827C5EA66D8FFA773B59 ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
22:06:08.0730 0x062c TomTomHOME.exe - ok
22:06:08.0760 0x062c vnxvqiou - ok
22:06:08.0760 0x062c hlpm - ok
22:06:08.0829 0x062c [ 23C2FCAA50C4F80F7D1B8A0771D45328, AE5BC1B2FC15AFFB5F38037AE4C87BB85F9C85D4AC0DCDD51F48A0F77E8EC094 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
22:06:08.0849 0x062c iCloudServices - ok
22:06:08.0879 0x062c [ 5883D86F8C22B1E5F78627E4AF19B234, 7DEE0ED168CBE012CAB1552586FDA945DF5151773E5523F0C7E4091F1DF1578F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
22:06:08.0895 0x062c ApplePhotoStreams - ok
22:06:09.0008 0x062c [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\Franzi\AppData\Local\Dropbox\Update\DropboxUpdate.exe
22:06:09.0032 0x062c Dropbox Update - ok
22:06:09.0034 0x062c Waiting for KSN requests completion. In queue: 85
22:06:10.0098 0x062c Win FW state via NFP2: enabled ( trusted )
22:06:10.0246 0x062c ============================================================
22:06:10.0246 0x062c Scan finished
22:06:10.0246 0x062c ============================================================
22:06:10.0264 0x16d8 Detected object count: 0
22:06:10.0264 0x16d8 Actual detected object count: 0
|
|
16.02.2017, 10:43
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7: Browser stellt nur noch bestimmte Seiten dar Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ --> Win 7: Browser stellt nur noch bestimmte Seiten dar |
|
16.02.2017, 22:36
| #7 |
| | Win 7: Browser stellt nur noch bestimmte Seiten dar Erledigt! Es gab Funde: AdwCleaner: Code:
ATTFilter # AdwCleaner v6.043 - Bericht erstellt am 16/02/2017 um 22:16:22
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-13.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : Franzi - FRANZI-PC
# Gestartet von : C:\Users\Franzi\Desktop\AdwCleaner_6.043.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98FD652EB4839214E97B69DD8EEA1D29
***** [ Browser ] *****
[-] [C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: ask search
[-] [C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: aaaaacalgebmfelllfiaoknifldpngjh
[-] [C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default] [homepage] Gelöscht: hxxp://avira.search.ask.com/?p2=%5EB0Q%5EYYYYYY%5EYY%5EDE&gct=hp&o=APN11074cr&apn_ptnrs=%5EB0Q&apn_dtid=%5EYYYYYY%5EYY%5EDE&tpid=AVIRA-V7&apn_dbr=cr_28.0.1500.95&trgb=ALL&apn_uid=D0EA033E-8DA5-457F-8B5F-150B80461F56&itbv=12.2.2.663&doi=2013-08-07&psv=
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [17677 Bytes] - [07/02/2017 20:50:53]
C:\AdwCleaner\AdwCleaner[C2].txt - [1758 Bytes] - [16/02/2017 22:16:22]
C:\AdwCleaner\AdwCleaner[S0].txt - [16726 Bytes] - [07/02/2017 20:47:51]
C:\AdwCleaner\AdwCleaner[S1].txt - [1489 Bytes] - [07/02/2017 20:57:17]
C:\AdwCleaner\AdwCleaner[S2].txt - [1562 Bytes] - [07/02/2017 22:20:26]
C:\AdwCleaner\AdwCleaner[S3].txt - [2142 Bytes] - [16/02/2017 22:15:16]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2124 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Home Premium x64
Ran by Franzi (Administrator) on 16.02.2017 at 22:28:34,01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 25
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Users\Franzi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Franzi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4HO6NN34 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Franzi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Franzi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9OILFE8T (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Franzi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9SEILYGS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Franzi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ESC0ZS0B (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Franzi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXLV4I5M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Franzi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Franzi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1SF02TH (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Franzi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\II9PAW0D (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Franzi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Franzi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X8FA7NV6 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4HO6NN34 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9OILFE8T (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9SEILYGS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ESC0ZS0B (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXLV4I5M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1SF02TH (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\II9PAW0D (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X8FA7NV6 (Temporary Internet Files Folder)
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.02.2017 at 22:32:06,86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
16.02.2017, 22:37
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7: Browser stellt nur noch bestimmte Seiten dar Wir haben leider noch ne ältere Anleitung vom adwCleaner, bitte nochmal ausführen und so einstellen: 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.02.2017, 15:26
| #9 |
| | Win 7: Browser stellt nur noch bestimmte Seiten dar Erledigt. Keine Funde! Code:
ATTFilter # AdwCleaner v6.043 - Bericht erstellt am 18/02/2017 um 15:25:34
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-13.1 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : Franzi - FRANZI-PC
# Gestartet von : C:\Users\Franzi\Desktop\AdwCleaner_6.043.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Keine schädlichen Dienste gefunden.
***** [ Ordner ] *****
Keine schädlichen Ordner gefunden.
***** [ Dateien ] *****
Keine schädlichen Dateien gefunden.
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Keine schädlichen Aufgaben gefunden.
***** [ Registrierungsdatenbank ] *****
Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [17677 Bytes] - [07/02/2017 20:50:53]
C:\AdwCleaner\AdwCleaner[C2].txt - [2207 Bytes] - [16/02/2017 22:16:22]
C:\AdwCleaner\AdwCleaner[S0].txt - [16726 Bytes] - [07/02/2017 20:47:51]
C:\AdwCleaner\AdwCleaner[S1].txt - [1489 Bytes] - [07/02/2017 20:57:17]
C:\AdwCleaner\AdwCleaner[S2].txt - [1562 Bytes] - [07/02/2017 22:20:26]
C:\AdwCleaner\AdwCleaner[S3].txt - [2142 Bytes] - [16/02/2017 22:15:16]
C:\AdwCleaner\AdwCleaner[S4].txt - [1650 Bytes] - [18/02/2017 15:25:34]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1723 Bytes] ##########
|
|
18.02.2017, 16:29
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7: Browser stellt nur noch bestimmte Seiten dar Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.02.2017, 16:54
| #11 |
| | Win 7: Browser stellt nur noch bestimmte Seiten dar Erledigt. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-02-2017 01
durchgeführt von Franzi (Administrator) auf FRANZI-PC (18-02-2017 16:44:52)
Gestartet von E:\
Geladene Profile: Franzi (Verfügbare Profile: Franzi & test)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Opera)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Dropbox, Inc.) C:\Users\Franzi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-23] (Alcor Micro Corp.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9643552 2009-12-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-04-23] (Acer Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [908368 2010-04-08] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-01-11] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-09-15] (Apple Inc.)
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-05-07] (Google Inc.)
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [Google Update] => C:\Users\Franzi\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2017-01-13] (Google Inc.)
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-04-30] (TomTom)
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [vnxvqiou] => C:\Users\Franzi\AppData\Roaming\Eprpvp\nnrsshiqiou.exe
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [hlpm] => "C:\Users\Franzi\AppData\Roaming\hlpm.exe" -autorun
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [Dropbox Update] => C:\Users\Franzi\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-15] (Dropbox, Inc.)
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\MountPoints2: {4d2f771c-6e8a-11e1-8157-5cac4c8a0e49} - E:\AutoRun.exe
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\MountPoints2: {be2b3e36-5d74-11e1-ad2b-5cac4c8a0e49} - E:\AutoRun.exe
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\MountPoints2: {be2b3e55-5d74-11e1-ad2b-5cac4c8a0e49} - E:\AutoRun.exe
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-01] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [346440 2013-09-14] (Apple Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
Startup: C:\Users\Franzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-08]
ShortcutTarget: Dropbox.lnk -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0833FF45-8E19-4CAF-854A-9ABDB98BA7CD}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{DDB23E67-7B03-402C-8BE4-DDEF15F64CE5}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F74F9FCF-AC91-46F0-B55D-53E4609B3CA3}: [NameServer] 193.189.244.225 193.189.244.206
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7741&r=27360211i106l0418z1j5t4761o985
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-1924580533-820736867-3977892425-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE419DE419
SearchScopes: HKU\S-1-5-21-1924580533-820736867-3977892425-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE419DE419
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll" => Keine Datei
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-12] (Google Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30] (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-12] (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll" Keine Datei
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-12] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-12] (Google Inc.)
Toolbar: HKU\S-1-5-21-1924580533-820736867-3977892425-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-12] (Google Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
FireFox:
========
FF ProfilePath: C:\Users\Franzi\AppData\Roaming\TomTom\HOME\Profiles\m31ka1z5.default [2015-06-24]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2015-06-24] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: (DivX Plus Web Player HTML5 &video&) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-02-22] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: (DivX HiQ) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-02-22] [ist nicht signiert]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-01-24] (DivX, LLC.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-1924580533-820736867-3977892425-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-1924580533-820736867-3977892425-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-13] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default [2017-02-16]
CHR Extension: (YouTube) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Cast) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-03-28]
CHR Extension: (Google-Suche) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Avira Browserschutz) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-01-13]
CHR Extension: (DivX HiQ) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-02-23]
CHR Extension: (Skype) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-08]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-02-23]
CHR Extension: (Google Mail) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Profile: C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-02-14]
CHR Extension: (Google Docs) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-14]
CHR Extension: (Google Drive) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-14]
CHR Extension: (YouTube) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-14]
CHR Extension: (Avira Browserschutz) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-02-14]
CHR Extension: (DivX HiQ) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2017-02-11]
CHR Extension: (Google Docs Offline) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-14]
CHR Extension: (Skype) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-02-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-14]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2017-02-11]
CHR Extension: (Google Mail) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-14]
CHR Extension: (Chrome Media Router) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-14]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]
StartMenuInternet: Google Chrome - C:\Users\Franzi\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [794624 2016-05-12] (Microsoft Corporation) [Datei ist nicht signiert]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [246112 2012-02-22] ()
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.) [Datei ist nicht signiert]
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [502272 2016-05-12] (Microsoft Corporation) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444928 2016-05-11] (Microsoft Corporation) [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [262144 2016-05-11] (Microsoft Corporation) [Datei ist nicht signiert]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-16 22:32 - 2017-02-16 22:32 - 00004834 _____ C:\Users\Franzi\Desktop\JRT.txt
2017-02-16 22:25 - 2017-02-16 22:25 - 01663040 _____ (Malwarebytes) C:\Users\Franzi\Desktop\JRT.exe
2017-02-16 22:21 - 2017-02-16 22:21 - 00002210 _____ C:\Users\Franzi\Desktop\AdwCleaner[C2].txt
2017-02-16 22:11 - 2017-02-16 22:11 - 04015056 _____ C:\Users\Franzi\Desktop\AdwCleaner_6.043.exe
2017-02-15 22:07 - 2017-02-15 22:07 - 00000000 _____ C:\Users\Franzi\Desktop\tdsskiller.txt
2017-02-15 22:04 - 2017-02-15 22:12 - 00202152 _____ C:\TDSSKiller.3.1.0.12_15.02.2017_22.04.41_log.txt
2017-02-15 21:23 - 2017-02-15 21:23 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Franzi\Desktop\tdsskiller.exe
2017-02-15 21:17 - 2017-02-15 22:04 - 00000000 ____D C:\Users\Franzi\Desktop\mbar
2017-02-15 21:14 - 2017-02-15 21:17 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Franzi\Desktop\mbar-1.09.3.1001.exe
2017-02-14 22:14 - 2017-02-14 22:14 - 00000000 ____D C:\Users\Franzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-14 21:56 - 2017-02-14 21:57 - 00000000 ____D C:\e91a716d17303c103d14
2017-02-14 20:56 - 2017-02-14 20:56 - 00001038 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-02-14 20:56 - 2017-02-14 20:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-02-14 20:56 - 2017-02-14 20:56 - 00000000 ____D C:\Program Files\VS Revo Group
2017-02-13 00:00 - 2017-02-13 00:01 - 00000000 ____D C:\c214f6b1b51ebf36d44f29
2017-02-12 23:47 - 2017-02-12 23:47 - 00000000 ____D C:\Users\test\AppData\Roaming\Opera Software
2017-02-12 23:47 - 2017-02-12 23:47 - 00000000 ____D C:\Users\test\AppData\Roaming\ATI
2017-02-12 23:47 - 2017-02-12 23:47 - 00000000 ____D C:\Users\test\AppData\Roaming\Apple Computer
2017-02-12 23:47 - 2017-02-12 23:47 - 00000000 ____D C:\Users\test\AppData\Local\Opera Software
2017-02-12 23:47 - 2017-02-12 23:47 - 00000000 ____D C:\Users\test\AppData\Local\ATI
2017-02-12 23:46 - 2017-02-12 23:46 - 00115432 _____ C:\Users\test\AppData\Local\GDIPFONTCACHEV1.DAT
2017-02-12 23:46 - 2017-02-12 23:46 - 00001425 _____ C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-02-12 23:46 - 2017-02-12 23:46 - 00000020 ___SH C:\Users\test\ntuser.ini
2017-02-12 23:46 - 2017-02-12 23:46 - 00000000 _SHDL C:\Users\test\Vorlagen
2017-02-12 23:46 - 2017-02-12 23:46 - 00000000 _SHDL C:\Users\test\Startmenü
2017-02-12 23:46 - 2017-02-12 23:46 - 00000000 _SHDL C:\Users\test\Netzwerkumgebung
2017-02-12 23:46 - 2017-02-12 23:46 - 00000000 _SHDL C:\Users\test\Lokale Einstellungen
2017-02-12 23:46 - 2017-02-12 23:46 - 00000000 _SHDL C:\Users\test\Eigene Dateien
2017-02-12 23:46 - 2017-02-12 23:46 - 00000000 _SHDL C:\Users\test\Druckumgebung
2017-02-12 23:46 - 2017-02-12 23:46 - 00000000 _SHDL C:\Users\test\Documents\Eigene Videos
2017-02-12 23:46 - 2017-02-12 23:46 - 00000000 _SHDL C:\Users\test\Documents\Eigene Musik
2017-02-12 23:46 - 2017-02-12 23:46 - 00000000 _SHDL C:\Users\test\Documents\Eigene Bilder
2017-02-12 23:46 - 2017-02-12 23:46 - 00000000 _SHDL C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-12 23:46 - 2017-02-12 23:46 - 00000000 _SHDL C:\Users\test\AppData\Local\Verlauf
2017-02-12 23:46 - 2017-02-12 23:46 - 00000000 _SHDL C:\Users\test\AppData\Local\Anwendungsdaten
2017-02-12 23:46 - 2017-02-12 23:46 - 00000000 _SHDL C:\Users\test\Anwendungsdaten
2017-02-12 23:46 - 2017-02-12 23:46 - 00000000 ____D C:\Users\test\AppData\Roaming\Macromedia
2017-02-12 23:46 - 2017-02-12 23:46 - 00000000 ____D C:\Users\test\AppData\Roaming\Adobe
2017-02-12 23:46 - 2017-02-12 23:46 - 00000000 ____D C:\Users\test\AppData\Local\VirtualStore
2017-02-12 23:46 - 2017-02-12 23:46 - 00000000 ____D C:\Users\test
2017-02-12 23:46 - 2011-02-22 11:01 - 00000000 ____D C:\Users\test\AppData\Local\Microsoft Help
2017-02-12 23:46 - 2010-05-07 01:13 - 00000000 ____D C:\Users\test\AppData\Roaming\Media Center Programs
2017-02-12 22:43 - 2017-02-15 22:04 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-02-12 22:22 - 2017-02-18 16:44 - 00000000 ____D C:\FRST
2017-02-12 22:12 - 2016-05-13 23:09 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-02-12 22:12 - 2016-05-13 23:09 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-02-12 22:12 - 2016-05-13 23:09 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-02-12 22:12 - 2016-05-13 23:07 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-02-12 22:12 - 2016-05-13 22:55 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-02-12 22:12 - 2016-05-13 22:53 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-02-12 22:12 - 2016-05-13 22:53 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-02-12 22:12 - 2016-05-13 22:52 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-02-12 22:12 - 2016-05-13 22:52 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-02-12 22:12 - 2016-05-13 22:52 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-02-12 22:12 - 2016-05-13 22:52 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-02-12 22:12 - 2016-05-13 22:50 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-02-12 22:12 - 2016-05-13 22:38 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-02-12 22:12 - 2016-05-13 22:38 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-02-12 22:12 - 2016-05-13 22:38 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-02-12 22:12 - 2016-05-13 22:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-02-12 22:12 - 2016-05-12 16:18 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-02-12 22:10 - 2017-01-05 19:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-02-12 22:10 - 2017-01-05 19:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-02-12 22:10 - 2017-01-05 19:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-02-12 22:10 - 2017-01-05 19:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-02-12 22:10 - 2017-01-05 19:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-02-12 22:10 - 2017-01-05 19:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-02-12 22:10 - 2017-01-05 19:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-02-12 22:10 - 2017-01-05 19:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-02-12 22:10 - 2017-01-05 19:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-02-12 22:10 - 2017-01-05 19:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-02-12 22:10 - 2017-01-05 19:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-02-12 22:10 - 2017-01-05 19:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-02-12 22:10 - 2017-01-05 19:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-02-12 22:10 - 2017-01-05 19:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-02-12 22:10 - 2017-01-05 19:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-02-12 22:10 - 2017-01-05 19:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-02-12 22:10 - 2017-01-05 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-02-12 22:10 - 2017-01-05 19:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-02-12 22:10 - 2017-01-05 19:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-02-12 22:10 - 2017-01-05 19:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-02-12 22:10 - 2017-01-05 19:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-02-12 22:10 - 2017-01-05 18:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-02-12 22:10 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-02-12 22:10 - 2017-01-05 18:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-02-12 22:10 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-02-12 22:10 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-02-12 22:10 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-02-12 22:10 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-02-12 22:10 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-02-12 22:10 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-02-12 22:10 - 2017-01-05 18:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-02-12 22:10 - 2017-01-05 18:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-02-12 22:10 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-02-12 22:10 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-02-12 22:10 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-02-12 22:10 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-02-12 22:10 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-02-12 22:10 - 2017-01-05 18:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-02-12 22:10 - 2017-01-05 18:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-02-12 22:10 - 2017-01-05 18:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-02-12 22:10 - 2017-01-05 18:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-02-12 22:10 - 2017-01-05 18:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-02-12 22:10 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-02-12 22:10 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-02-12 22:10 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2017-02-12 22:10 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2017-02-12 22:10 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-02-12 22:10 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-02-12 22:10 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-02-12 22:10 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-02-12 22:10 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-02-12 22:10 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-02-12 22:10 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-02-12 22:10 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-02-12 22:10 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-02-12 22:10 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-02-12 22:10 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-02-12 22:10 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-02-12 22:10 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-02-12 22:10 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-02-12 22:10 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-02-12 22:10 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-02-12 22:10 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-02-12 22:10 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-02-12 22:10 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-02-12 22:10 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-02-12 22:10 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-02-12 22:10 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-02-12 22:10 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-02-12 22:10 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-02-12 22:10 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-02-12 22:10 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-02-12 22:10 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-02-12 22:10 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-02-12 22:10 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-02-12 22:10 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-02-12 22:10 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-02-12 22:10 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-02-12 22:10 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-02-12 22:10 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-02-12 22:10 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-02-12 22:10 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-02-12 22:10 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-02-12 22:10 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-02-12 22:10 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-02-12 22:10 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-02-12 22:10 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-02-12 22:10 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-02-12 22:10 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-02-12 22:10 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-02-12 22:10 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-02-12 22:10 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-02-12 22:10 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-02-12 22:10 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-02-12 22:10 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-02-12 22:10 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-02-12 22:10 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-02-12 22:10 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-02-12 22:10 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-02-12 22:10 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-02-12 22:10 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-02-12 22:10 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-02-12 22:10 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-02-12 22:10 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-02-12 22:10 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-02-12 22:10 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-02-12 22:10 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-02-12 22:10 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-02-12 22:10 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-02-12 22:10 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-02-12 22:10 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-02-12 22:10 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-02-12 22:10 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-02-12 22:10 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-02-12 22:10 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-02-12 22:10 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-02-12 22:10 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2017-02-12 22:10 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-02-12 22:10 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-02-12 22:10 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2017-02-12 22:10 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-02-12 22:10 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2017-02-12 22:10 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-02-12 22:10 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2017-02-12 22:10 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-02-12 22:10 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2017-02-12 22:10 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2017-02-12 22:10 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-02-12 22:10 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2017-02-12 22:10 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2017-02-12 22:10 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-02-12 22:10 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-02-12 22:10 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-02-12 22:10 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-02-12 22:10 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-02-12 22:10 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-02-12 22:10 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-02-12 22:10 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-02-12 22:10 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-02-12 22:10 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-02-12 22:10 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-02-12 22:10 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-02-12 22:10 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-02-12 22:10 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-02-12 22:10 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-02-12 22:10 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-02-12 22:10 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-02-12 22:10 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-02-12 22:10 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-02-12 22:10 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-02-12 22:10 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-02-12 22:10 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-02-12 22:10 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-02-12 22:10 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-02-12 22:10 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-02-12 22:10 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-02-12 22:10 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-02-12 22:10 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2017-02-12 22:10 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-02-12 22:10 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-02-12 22:10 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-02-12 22:10 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2017-02-12 22:10 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2017-02-12 22:10 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2017-02-12 22:10 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2017-02-12 22:10 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2017-02-12 22:10 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2017-02-12 22:10 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2017-02-12 22:10 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2017-02-12 22:10 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2017-02-12 22:10 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2017-02-12 22:10 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-02-12 22:10 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-02-12 22:10 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2017-02-12 22:10 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2017-02-12 22:10 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2017-02-12 22:10 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2017-02-12 22:10 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2017-02-12 22:10 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2017-02-12 22:10 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2017-02-12 22:10 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2017-02-12 22:10 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2017-02-12 22:10 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2017-02-12 22:10 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-02-12 22:10 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-02-12 22:10 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-02-12 22:10 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-02-12 22:10 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-02-12 22:10 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-02-12 22:10 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-02-12 22:10 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-02-12 22:10 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-02-12 22:10 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-02-12 22:10 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-02-12 22:10 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-02-12 22:10 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2017-02-12 22:10 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2017-02-12 22:10 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2017-02-12 22:10 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2017-02-12 22:10 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-02-12 22:10 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2017-02-12 22:10 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-02-12 22:10 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-02-12 22:10 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2017-02-12 22:10 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-02-12 22:10 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-02-12 22:10 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2017-02-12 22:10 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-02-12 22:10 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-02-12 22:10 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-02-12 22:10 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-02-12 22:10 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-02-12 22:10 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-02-12 22:10 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-02-12 22:10 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-02-12 22:10 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2017-02-12 22:10 - 2016-09-12 22:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2017-02-12 22:10 - 2016-09-12 21:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2017-02-12 22:10 - 2016-09-12 20:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-02-12 22:10 - 2016-09-12 19:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-02-12 22:10 - 2016-09-12 19:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-02-12 22:10 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-02-12 22:10 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-02-12 22:10 - 2016-09-08 21:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2017-02-12 22:10 - 2016-09-08 21:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2017-02-12 22:10 - 2016-09-08 21:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2017-02-12 22:10 - 2016-09-08 21:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2017-02-12 22:10 - 2016-09-08 15:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2017-02-12 22:10 - 2016-09-08 15:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-02-12 22:10 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-02-12 22:10 - 2016-08-12 18:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-02-12 22:10 - 2016-08-12 18:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-02-12 22:10 - 2016-08-12 18:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-02-12 22:10 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-02-12 22:10 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-02-12 22:10 - 2016-08-12 17:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-02-12 22:10 - 2016-08-12 17:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-02-12 22:10 - 2016-08-12 17:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-02-12 22:10 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-02-12 22:10 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-02-12 22:10 - 2016-08-12 17:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2017-02-12 22:10 - 2016-08-06 16:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-02-12 22:10 - 2016-08-06 16:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-02-12 22:10 - 2016-08-06 16:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2017-02-12 22:10 - 2016-08-06 16:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2017-02-12 22:10 - 2016-08-06 16:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2017-02-12 22:10 - 2016-08-06 16:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2017-02-12 22:10 - 2016-08-06 16:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-02-12 22:10 - 2016-08-06 16:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2017-02-12 22:10 - 2016-08-06 16:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2017-02-12 22:10 - 2016-08-06 16:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2017-02-12 22:10 - 2016-08-06 16:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2017-02-12 22:10 - 2016-08-06 16:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2017-02-12 22:10 - 2016-08-06 16:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2017-02-12 22:10 - 2016-08-06 15:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2017-02-12 22:10 - 2016-08-06 15:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2017-02-12 22:10 - 2016-08-06 15:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2017-02-12 22:10 - 2016-06-14 18:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-02-12 22:10 - 2016-06-14 18:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2017-02-12 22:10 - 2016-06-14 18:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-02-12 22:10 - 2016-06-14 18:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2017-02-12 22:10 - 2016-06-14 16:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-02-12 22:10 - 2016-06-14 16:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-02-12 22:10 - 2016-06-14 16:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2017-02-12 22:10 - 2016-06-14 16:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2017-02-12 22:10 - 2016-06-14 16:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2017-02-12 22:10 - 2016-06-14 16:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2017-02-12 22:10 - 2016-06-14 16:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2017-02-12 22:10 - 2016-06-14 16:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2017-02-12 22:10 - 2016-06-14 16:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2017-02-12 22:10 - 2016-06-14 16:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2017-02-12 22:10 - 2016-06-14 16:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2017-02-12 22:10 - 2016-06-14 16:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-02-12 22:10 - 2016-06-14 16:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2017-02-12 22:10 - 2016-06-14 16:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2017-02-12 22:10 - 2016-06-14 16:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-02-12 22:10 - 2016-06-14 16:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-02-12 22:10 - 2016-06-14 16:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2017-02-12 22:10 - 2016-06-14 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-02-12 22:10 - 2016-06-14 16:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-02-12 22:10 - 2016-06-14 16:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-02-12 22:10 - 2016-06-14 16:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-02-12 22:10 - 2016-06-14 16:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-02-12 22:10 - 2016-06-14 16:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-02-12 22:10 - 2016-06-14 16:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2017-02-12 22:10 - 2016-06-14 16:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2017-02-12 22:10 - 2016-05-12 14:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2017-02-12 22:10 - 2016-05-12 14:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2017-02-12 01:08 - 2017-02-12 01:09 - 00000000 ____D C:\0875c85ccaeb6afedd
2017-02-12 01:02 - 2016-08-29 16:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-02-12 01:02 - 2016-08-29 16:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-02-12 01:02 - 2016-08-29 16:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-02-12 01:02 - 2016-08-29 16:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-02-12 01:02 - 2016-08-29 16:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-02-12 01:02 - 2016-08-29 15:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-02-12 01:02 - 2016-08-12 17:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-02-12 01:02 - 2016-08-12 17:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-02-12 01:02 - 2016-08-12 17:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-02-12 01:02 - 2016-06-26 01:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-02-12 01:02 - 2016-06-26 01:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-02-12 01:02 - 2016-06-26 01:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-02-12 01:02 - 2016-06-26 01:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-02-12 01:02 - 2016-06-25 20:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-02-12 01:02 - 2016-06-25 20:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-02-12 01:02 - 2016-06-25 20:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-02-12 01:02 - 2016-06-25 20:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-02-12 01:01 - 2016-05-12 18:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2017-02-12 01:01 - 2016-05-12 18:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2017-02-12 01:01 - 2016-05-12 18:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2017-02-12 01:01 - 2016-05-12 18:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2017-02-12 01:01 - 2016-05-12 18:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2017-02-12 01:01 - 2016-05-12 18:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2017-02-12 01:01 - 2016-05-12 16:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2017-02-12 01:01 - 2016-05-12 16:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2017-02-12 01:01 - 2016-05-12 16:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2017-02-12 01:01 - 2016-05-12 16:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2017-02-12 01:01 - 2016-05-11 18:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-02-12 01:01 - 2016-05-11 18:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2017-02-12 01:01 - 2016-05-11 18:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2017-02-12 01:01 - 2016-05-11 16:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-02-12 01:01 - 2016-05-11 16:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2017-02-12 01:01 - 2016-05-11 16:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2017-02-12 01:01 - 2016-05-11 16:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-02-12 01:01 - 2016-05-11 16:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-02-12 01:01 - 2016-05-11 15:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-02-12 00:59 - 2016-08-16 21:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-02-12 00:59 - 2016-08-16 21:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-02-12 00:59 - 2016-08-16 21:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-02-12 00:59 - 2016-08-16 21:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-02-12 00:59 - 2016-08-16 21:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-02-12 00:59 - 2016-08-16 21:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-02-12 00:59 - 2016-08-16 21:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-02-12 00:59 - 2016-07-22 15:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-02-12 00:59 - 2016-07-22 15:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-02-12 00:59 - 2016-07-07 16:36 - 01896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-02-12 00:59 - 2016-07-07 16:36 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-02-12 00:59 - 2016-07-07 16:36 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-02-12 00:59 - 2016-07-07 16:08 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2017-02-12 00:59 - 2016-05-11 18:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-02-12 00:59 - 2016-05-11 16:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-02-12 00:59 - 2016-03-09 20:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2017-02-12 00:59 - 2016-03-09 19:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2017-02-11 23:08 - 2017-02-11 23:08 - 00002366 _____ C:\Users\Franzi\Desktop\Google Chrome.lnk
2017-02-11 22:24 - 2017-02-11 22:24 - 00003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1486848243
2017-02-11 22:24 - 2017-02-11 22:24 - 00001139 _____ C:\Users\Public\Desktop\Opera.lnk
2017-02-11 22:24 - 2017-02-11 22:24 - 00001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-02-11 22:24 - 2017-02-11 22:24 - 00000000 ____D C:\Users\Franzi\AppData\Roaming\Opera Software
2017-02-11 22:24 - 2017-02-11 22:24 - 00000000 ____D C:\Users\Franzi\AppData\Local\Opera Software
2017-02-11 22:23 - 2017-02-14 22:12 - 00000000 ____D C:\Program Files (x86)\Opera
2017-02-11 22:21 - 2017-02-11 22:23 - 46171480 _____ (Opera Software) C:\Users\Franzi\Downloads\Opera_43.0.2442.806_Setup.exe
2017-02-11 22:20 - 2017-02-11 22:20 - 01159888 _____ (Opera Software) C:\Users\Franzi\Downloads\OperaSetup.exe
2017-02-07 21:03 - 2017-02-15 21:19 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-07 21:03 - 2017-02-15 21:17 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-02-07 21:03 - 2017-02-07 21:03 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2017-02-07 21:03 - 2017-02-07 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2017-02-07 21:03 - 2017-02-07 21:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-07 21:03 - 2017-02-07 21:03 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2017-02-07 21:03 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2017-02-07 21:03 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-02-07 20:45 - 2017-02-18 15:25 - 00000000 ____D C:\AdwCleaner
2017-02-07 20:45 - 2017-02-07 22:21 - 00000000 ____D C:\temp
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-18 16:43 - 2012-05-07 13:34 - 00000000 ___RD C:\Users\Franzi\Dropbox
2017-02-18 16:41 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-18 15:29 - 2009-07-14 05:45 - 00025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-18 15:29 - 2009-07-14 05:45 - 00025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-15 21:25 - 2015-06-20 04:01 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000Core.job
2017-02-15 21:23 - 2014-04-28 10:25 - 00003424 _____ C:\Windows\System32\Tasks\Apple Diagnostics
2017-02-15 21:18 - 2015-06-20 04:01 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000UA.job
2017-02-15 21:13 - 2015-06-20 04:01 - 00004200 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000UA
2017-02-15 21:13 - 2015-06-20 04:01 - 00003804 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000Core
2017-02-14 23:43 - 2014-02-26 20:23 - 01594964 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-02-14 23:43 - 2010-09-09 03:38 - 00699682 _____ C:\Windows\system32\perfh007.dat
2017-02-14 23:43 - 2010-09-09 03:38 - 00149790 _____ C:\Windows\system32\perfc007.dat
2017-02-14 23:43 - 2009-07-14 06:13 - 01594964 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-14 23:43 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-02-14 23:33 - 2015-06-20 04:01 - 00000000 ____D C:\Users\Franzi\AppData\Local\Dropbox
2017-02-14 22:14 - 2012-05-07 13:32 - 00000000 ____D C:\Users\Franzi\AppData\Roaming\Dropbox
2017-02-14 22:06 - 2009-07-14 05:45 - 00436240 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-14 22:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-02-14 22:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2017-02-14 21:51 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-02-14 21:46 - 2010-05-07 00:23 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-14 21:19 - 2011-02-23 13:12 - 00000000 ____D C:\Users\Franzi\AppData\Local\Apple Computer
2017-02-14 21:12 - 2010-09-08 18:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-02-14 21:12 - 2010-05-07 01:13 - 00000000 ____D C:\Windows\ShellNew
2017-02-14 21:06 - 2012-05-21 12:41 - 00000000 ____D C:\ProgramData\Avira
2017-02-14 20:54 - 2011-02-18 03:21 - 00115432 _____ C:\Users\Franzi\AppData\Local\GDIPFONTCACHEV1.DAT
2017-02-12 23:59 - 2009-07-14 03:34 - 00000499 _____ C:\Windows\win.ini
2017-02-12 19:28 - 2011-02-18 03:20 - 00000000 ____D C:\Users\Franzi\AppData\Local\VirtualStore
2017-02-12 01:10 - 2013-04-01 01:15 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-02-12 01:10 - 2013-04-01 01:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-02-12 01:07 - 2013-04-01 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-02-12 00:57 - 2013-08-15 03:23 - 00000000 ____D C:\Windows\system32\MRT
2017-02-12 00:56 - 2011-03-07 17:46 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-12 00:42 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-02-11 23:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2017-02-11 22:51 - 2010-05-07 01:07 - 00000000 ____D C:\Program Files (x86)\EgisTec MyWinLocker
2017-02-11 22:06 - 2017-01-08 17:56 - 00000000 ____D C:\ProgramData\Google Updater
2017-02-11 22:03 - 2011-02-18 04:02 - 00002374 _____ C:\Users\Franzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 22:29 - 2017-01-13 10:36 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-02-07 22:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Vss
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2011-02-18 04:30 - 2011-02-18 04:30 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-05-07 00:57 - 2010-01-27 15:40 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2011-02-23 12:34 - 2011-02-23 12:34 - 0005065 _____ () C:\ProgramData\xqkcebzs.dik
Einige Dateien in TEMP:
====================
2013-10-01 10:00 - 2017-01-13 11:26 - 0000000 ____D () C:\Users\Franzi\AppData\Local\Temp\avgnt.exe
2006-10-28 13:17 - 2006-10-28 13:17 - 0145184 ____R (Microsoft Corporation) C:\Users\Franzi\AppData\Local\Temp\ose00000.exe
2017-02-12 23:47 - 2017-02-12 23:47 - 0000000 ____D () C:\Users\test\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-05-17 21:48
==================== Ende von FRST.txt ============================
|
|
18.02.2017, 16:55
| #12 |
| | Win 7: Browser stellt nur noch bestimmte Seiten dar addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-02-2017 01
durchgeführt von Franzi (18-02-2017 16:49:35)
Gestartet von E:\
Windows 7 Home Premium Service Pack 1 (X64) (2011-02-18 02:20:09)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1924580533-820736867-3977892425-500 - Administrator - Disabled)
Franzi (S-1-5-21-1924580533-820736867-3977892425-1000 - Administrator - Enabled) => C:\Users\Franzi
Gast (S-1-5-21-1924580533-820736867-3977892425-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1924580533-820736867-3977892425-1002 - Limited - Enabled)
test (S-1-5-21-1924580533-820736867-3977892425-1003 - Administrator - Enabled) => C:\Users\test
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.60 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.3.5 - Liteon)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0423.2010 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Reader X (10.0.1) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA0000000001}) (Version: 10.0.1 - Adobe Systems Incorporated)
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{6030FCD7-8F1A-427D-AF05-8DD1A2EA2ABA}) (Version: 1.5.17.05094 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.05094 - Alcor Micro Corp.) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{8B79B3A9-6E49-5FFB-2017-A822BBDC4992}) (Version: 3.0.758.0 - ATI Technologies, Inc.)
Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 12.52.03 - Broadcom Corporation)
ccc-core-static (x32 Version: 2010.0122.858.16002 - Ihr Firmenname) Hidden
ChromecastApp (HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Command & Conquer 3 (HKLM-x32\...\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}) (Version: 1.00.0000 - Ihr Firmenname)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2529.50 - CyberLink Corp.)
DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.3.1.2 - DivX, LLC)
Dropbox (HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Free Audio CD Burner version 1.4.7 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.9.31 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: - DVDVideoSoft Limited.)
Google Chrome (HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.8 - Acer Inc.)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.15.00.705 - Huawei Technologies Co.,Ltd)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need4 YouTube to MP3 Converter 5.6 (HKLM-x32\...\Need4 YouTube to MP3 Converter 5.6) (Version: 5.6 - Need4Video)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.628 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.628 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6630 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems) Hidden
Opera Stable 43.0.2442.806 (HKLM-x32\...\Opera 43.0.2442.806) (Version: 43.0.2442.806 - Opera Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6000 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.01.3002 - Acer Incorporated)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\ChromeHTML: -> C:\Users\Franzi\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) <==== ACHTUNG
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Franzi\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02BCD091-BE17-4A37-8695-F1FA83F7C47D} - System32\Tasks\{DE346BFB-5D6E-43E9-9FD3-20FBA2ED78B8} => C:\Users\Franzi\AppData\Local\Google\Chromecast\ChromecastApp.exe [2015-09-10] (Google)
Task: {167231FD-1E4D-4DEE-A06D-CF1664EB225F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.)
Task: {4C90583F-266F-4DA9-B923-ED370557ACE2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000Core => C:\Users\Franzi\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2017-02-15] (Dropbox, Inc.)
Task: {4EEE32F8-4637-44BA-A327-91AC8E5C3509} - System32\Tasks\Opera scheduled Autoupdate 1486848243 => C:\Program Files (x86)\Opera\launcher.exe [2017-02-06] (Opera Software)
Task: {748B2551-D9F7-46E3-8582-9699DBE3A9E0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000Core => C:\Users\Franzi\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.)
Task: {75A645B8-83B3-42D1-BF26-D2EB99C717CD} - System32\Tasks\{B01F7A7A-1EFF-4FC5-AF9F-D0F4AD5C344D} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {780AA989-0545-4B0F-A1F5-7A5EF03A11AB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {8BCD9F8D-990A-4216-A650-14BDE6AEFECC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000UA => C:\Users\Franzi\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.)
Task: {97A9CD2D-34CB-47DC-9B4E-63051D4A2285} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000UA => C:\Users\Franzi\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2017-02-15] (Dropbox, Inc.)
Task: {B243C61E-D64E-4586-AB47-B8AE38B99ADB} - System32\Tasks\{0055CEA5-0FE6-4653-9441-85096AF83180} => C:\Users\Franzi\AppData\Local\Google\Chromecast\ChromecastApp.exe [2015-09-10] (Google)
Task: {DCB0EB2B-5128-42EF-B611-B8B51B26E9E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.)
Task: {E4C13A3F-880A-4642-8830-B346E3D54D40} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-09-14] (Apple Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000Core.job => C:\Users\Franzi\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1924580533-820736867-3977892425-1000UA.job => C:\Users\Franzi\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2008-09-08 10:19 - 2008-09-08 10:19 - 00022016 _____ () C:\Windows\System32\cl31cl6.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2012-02-22 17:54 - 2012-02-22 17:53 - 00246112 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2011-01-11 00:25 - 2011-01-11 00:25 - 01230704 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2010-01-07 13:42 - 2010-01-07 13:42 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-09-08 17:50 - 2010-09-08 17:50 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-02-22 17:54 - 2012-02-22 17:53 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2012-02-22 17:54 - 2012-02-22 17:53 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2012-02-22 17:54 - 2012-02-22 17:53 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2012-02-22 17:54 - 2012-02-22 17:53 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2012-02-22 17:54 - 2012-02-22 17:53 - 00384512 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2012-02-22 17:54 - 2012-02-22 17:53 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2010-03-09 01:18 - 2010-03-09 01:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-03-09 01:13 - 2010-03-09 01:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2015-09-27 16:42 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2015-09-27 16:42 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2017-02-14 22:14 - 2017-02-07 05:48 - 00801600 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2016-06-08 11:35 - 2017-01-14 00:53 - 00035792 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-06-08 11:35 - 2017-01-14 00:53 - 00100296 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-06-08 11:34 - 2017-01-14 00:53 - 00018888 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\select.pyd
2016-06-08 11:34 - 2017-02-07 05:50 - 00019776 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-06-08 11:34 - 2017-01-14 00:53 - 00694224 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00020824 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-06-08 11:35 - 2017-01-14 00:54 - 00123856 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 01682768 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00020816 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-02-14 22:14 - 2017-01-14 00:53 - 00145864 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-02-14 22:14 - 2017-01-14 00:54 - 00019408 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-02-14 22:14 - 2017-01-14 00:53 - 00116688 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-06-08 11:34 - 2017-01-14 00:56 - 00105928 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\win32api.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00022864 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00052544 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00038712 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\fastpath.pyd
2017-02-14 22:14 - 2017-01-14 00:53 - 00392144 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-02-14 22:14 - 2017-01-14 00:56 - 00020936 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-06-08 11:34 - 2017-01-14 00:56 - 00024528 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-06-08 11:34 - 2017-01-14 00:57 - 00116176 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-06-08 11:34 - 2017-02-07 05:50 - 00381760 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-06-08 11:34 - 2017-01-14 00:56 - 00124880 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\win32file.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00026456 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-06-08 11:34 - 2017-01-14 00:56 - 00024016 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-06-08 11:34 - 2017-01-14 00:56 - 00175560 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-06-08 11:34 - 2017-01-14 00:57 - 00030160 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-06-08 11:34 - 2017-01-14 00:57 - 00043472 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-06-08 11:34 - 2017-01-14 00:57 - 00048592 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-06-08 11:34 - 2017-01-14 00:56 - 00057808 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-06-08 11:34 - 2017-01-14 00:57 - 00024016 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00246608 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00027488 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-02-14 22:14 - 2017-01-14 00:55 - 00241104 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00022336 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-06-08 11:34 - 2017-01-14 00:57 - 00028616 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 01826104 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-06-08 11:34 - 2017-01-14 00:54 - 00083912 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\sip.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 01972536 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 03928896 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00531264 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-06-08 11:35 - 2017-02-07 05:50 - 00025432 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00133432 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00224064 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00207680 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00021840 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00022872 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00021848 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00022872 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2016-06-08 11:35 - 2017-01-14 00:57 - 00350152 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-06-08 11:35 - 2017-02-07 05:50 - 00023896 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00025936 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-02-14 22:14 - 2017-01-14 00:51 - 00036296 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\librsync.dll
2017-02-14 22:14 - 2017-02-07 05:50 - 00084288 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-02-14 22:14 - 2017-01-14 01:02 - 00017864 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-02-14 22:14 - 2017-01-14 01:02 - 01631184 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-02-14 22:14 - 2017-02-07 05:50 - 00042816 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00171336 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00357688 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-06-08 11:34 - 2017-01-14 00:57 - 00060880 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\win32print.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00026456 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-02-14 22:14 - 2017-02-07 05:50 - 00546104 _____ () C:\Users\Franzi\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2010-09-09 03:27 - 2009-05-20 23:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2011-01-11 00:25 - 2011-01-11 00:25 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2017-02-11 22:24 - 2017-02-06 07:29 - 39820376 _____ () C:\Program Files (x86)\Opera\43.0.2442.806\opera_browser.dll
2017-02-11 22:24 - 2017-02-06 07:29 - 45837912 _____ () C:\Program Files (x86)\Opera\43.0.2442.806\opera_child.dll
2017-02-11 22:24 - 2017-02-06 07:29 - 01930328 _____ () C:\Program Files (x86)\Opera\43.0.2442.806\libglesv2.dll
2017-02-11 22:24 - 2017-02-06 07:29 - 00087640 _____ () C:\Program Files (x86)\Opera\43.0.2442.806\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0 [135]
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F [278]
AlternateDataStreams: C:\ProgramData\Temp:798A3728 [130]
AlternateDataStreams: C:\ProgramData\Temp:93DE1838 [136]
AlternateDataStreams: C:\ProgramData\Temp:93EB7685 [135]
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA [145]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Franzi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
11-02-2017 22:43:01 Entfernt MyWinLocker Suite
12-02-2017 00:52:51 Windows Update
12-02-2017 01:20:49 Windows Update
12-02-2017 19:22:46 Windows Update
12-02-2017 23:57:03 Windows Update
14-02-2017 20:59:07 Revo Uninstaller's restore point - Avira Antivirus
14-02-2017 21:05:03 Revo Uninstaller's restore point - Avira Launcher
14-02-2017 21:07:12 Revo Uninstaller's restore point - Java(TM) 6 Update 22
14-02-2017 21:07:33 Removed Java(TM) 6 Update 22
14-02-2017 21:10:47 Revo Uninstaller's restore point - Microsoft Office XP Small Business
14-02-2017 21:13:50 Revo Uninstaller's restore point - OpenOffice.org 3.3
14-02-2017 21:16:42 Revo Uninstaller's restore point - QuickTime 7
14-02-2017 21:19:53 Revo Uninstaller's restore point - softonic-Germany Toolbar
14-02-2017 21:37:55 Revo Uninstaller's restore point - Amazonia
14-02-2017 21:39:02 Revo Uninstaller's restore point - Cake Mania
14-02-2017 21:40:01 Revo Uninstaller's restore point - Chicken Invaders 2
14-02-2017 21:41:28 Revo Uninstaller's restore point - Dairy Dash
14-02-2017 21:42:54 Revo Uninstaller's restore point - Dream Day First Home
14-02-2017 21:44:44 Revo Uninstaller's restore point - eSobi v2
14-02-2017 21:45:06 Configured eSobi v2
14-02-2017 21:46:35 Revo Uninstaller's restore point - Farm Frenzy 2
14-02-2017 21:48:14 Revo Uninstaller's restore point - Galapago
14-02-2017 21:49:55 Revo Uninstaller's restore point - Granny In Paradise
14-02-2017 21:51:23 Revo Uninstaller's restore point - Heroes of Hellas
14-02-2017 21:53:01 Revo Uninstaller's restore point - Spin & Win
14-02-2017 21:55:22 Windows Update
14-02-2017 23:39:55 Windows Update
16-02-2017 22:28:38 JRT Pre-Junkware Removal
18-02-2017 15:27:46 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/14/2017 08:58:53 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {0a688a66-62b9-48d3-b30e-fcc3b1f82661}
Error: (02/12/2017 11:56:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6240
Error: (02/12/2017 11:56:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6240
Error: (02/12/2017 11:56:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/12/2017 11:56:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5226
Error: (02/12/2017 11:56:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5226
Error: (02/12/2017 11:56:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/12/2017 11:56:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4134
Error: (02/12/2017 11:56:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4134
Error: (02/12/2017 11:56:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Systemfehler:
=============
Error: (02/18/2017 04:41:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "TCP/IP-NetBIOS-Hilfsdienst" ist vom Dienst "NetBT" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (02/18/2017 04:41:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetBT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (02/18/2017 04:41:36 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
NetBT
Error: (02/18/2017 04:41:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (02/18/2017 04:41:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht.
Error: (02/18/2017 04:41:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "TCP/IP-NetBIOS-Hilfsdienst" ist vom Dienst "NetBT" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (02/18/2017 03:21:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "TCP/IP-NetBIOS-Hilfsdienst" ist vom Dienst "NetBT" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (02/18/2017 03:21:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetBT" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (02/18/2017 03:21:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
NetBT
Error: (02/18/2017 03:21:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
CodeIntegrity:
===================================
Date: 2017-02-18 16:41:40.894
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\netbt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2017-02-18 16:41:40.723
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\netbt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2017-02-18 16:41:30.623
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\ws2_32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-02-18 16:41:06.942
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\netbt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2017-02-18 16:41:06.770
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\netbt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2017-02-18 15:21:57.306
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\netbt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2017-02-18 15:21:57.119
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\netbt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2017-02-18 15:21:42.339
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\ws2_32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-02-18 15:21:23.229
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\netbt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2017-02-18 15:21:23.058
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\netbt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
Prozentuale Nutzung des RAM: 59%
Installierter physikalischer RAM: 3956.5 MB
Verfügbarer physikalischer RAM: 1615.8 MB
Summe virtueller Speicher: 7911.18 MB
Verfügbarer virtueller Speicher: 5612.24 MB
==================== Laufwerke ================================
Drive c: (ACER) (Fixed) (Total:452.48 GB) (Free:306.52 GB) NTFS
Drive e: () (Removable) (Total:0.98 GB) (Free:0.93 GB) FAT
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: FA63FA63)
Partition 1: (Not Active) - (Size=13.2 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 1008.8 MB) (Disk ID: 00B1E467)
Partition 1: (Active) - (Size=1009 MB) - (Type=06)
==================== Ende von Addition.txt ============================
|
|
18.02.2017, 17:16
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7: Browser stellt nur noch bestimmte Seiten dar FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [vnxvqiou] => C:\Users\Franzi\AppData\Roaming\Eprpvp\nnrsshiqiou.exe
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [hlpm] => "C:\Users\Franzi\AppData\Roaming\hlpm.exe" -autorun
CHR Extension: (Avira Browserschutz) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-01-13]
CHR Extension: (Avira Browserschutz) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-02-14]
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\ChromeHTML: -> C:\Users\Franzi\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) <==== ACHTUNG
C:\Users\Franzi\AppData\Roaming\Eprpvp
C:\Users\Franzi\AppData\Roaming\hlpm.exe
C:\ProgramData\ezsidmv.dat
C:\ProgramData\FullRemove.exe
C:\ProgramData\xqkcebzs.dik
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.02.2017, 02:37
| #14 |
| | Win 7: Browser stellt nur noch bestimmte Seiten darCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-02-2017 01
durchgeführt von Franzi (19-02-2017 02:24:53) Run:1
Gestartet von E:\
Geladene Profile: Franzi (Verfügbare Profile: Franzi & test)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [vnxvqiou] => C:\Users\Franzi\AppData\Roaming\Eprpvp\nnrsshiqiou.exe
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\Run: [hlpm] => "C:\Users\Franzi\AppData\Roaming\hlpm.exe" -autorun
CHR Extension: (Avira Browserschutz) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-01-13]
CHR Extension: (Avira Browserschutz) - C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-02-14]
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\...\ChromeHTML: -> C:\Users\Franzi\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) <==== ACHTUNG
C:\Users\Franzi\AppData\Roaming\Eprpvp
C:\Users\Franzi\AppData\Roaming\hlpm.exe
C:\ProgramData\ezsidmv.dat
C:\ProgramData\FullRemove.exe
C:\ProgramData\xqkcebzs.dik
emptytemp:
*****************
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\Software\Microsoft\Windows\CurrentVersion\Run\\vnxvqiou => Wert erfolgreich entfernt
HKU\S-1-5-21-1924580533-820736867-3977892425-1000\Software\Microsoft\Windows\CurrentVersion\Run\\hlpm => Wert erfolgreich entfernt
C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => erfolgreich verschoben
C:\Users\Franzi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => erfolgreich verschoben
HKU\S-1-5-21-1924580533-820736867-3977892425-1000_Classes\ChromeHTML => Schlüssel erfolgreich entfernt
C:\Users\Franzi\AppData\Roaming\Eprpvp => erfolgreich verschoben
"C:\Users\Franzi\AppData\Roaming\hlpm.exe" => nicht gefunden.
C:\ProgramData\ezsidmv.dat => erfolgreich verschoben
C:\ProgramData\FullRemove.exe => erfolgreich verschoben
C:\ProgramData\xqkcebzs.dik => erfolgreich verschoben
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6127348 B
Java, Flash, Steam htmlcache => 30375 B
Windows/system/drivers => 1363364590 B
Edge => 0 B
Chrome => 32491840 B
Firefox => 0 B
Opera => 45741534 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 451140 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42345731 B
systemprofile32 => 77171519 B
LocalService => 132244 B
NetworkService => 361924 B
Franzi => 65601453 B
test => 6737007 B
RecycleBin => 93104864 B
EmptyTemp: => 1.6 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 02:26:27 ====
|
|
19.02.2017, 13:41
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7: Browser stellt nur noch bestimmte Seiten dar Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Win 7: Browser stellt nur noch bestimmte Seiten dar |
| antivir, antivirus, avira, bonjour, browser, chromium, converter, desktop, device driver, ebay, error, excel, flash player, google, home, hosts-datei, launch, malware, mp3, problem, proxy, realtek, registry, scan, software, svchost.exe, symantec, system, teredo, vista |
dann auf 
und dann auf 
. 
Linear-Darstellung
