| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehlerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.07.2015, 12:11
| #1 |
| |  Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler Guten Tag, ich habe seit einigen ein kombiniertes Problem welche mir sehr merkwürdig vorkommen. Die Firewall lässt sich nicht mehr starten o.g. Fehlercode. Der Zweite Fehler: Ich habe zwar eine Wlan Verbindung und Internet , jedoch zeigt er mir unten das Wlansymbol mit rotem Kreuz an. Das ganze kommt mir sehr verdächtig vor. Habe Antivir bereits laufen lassen . Dieses hat zwar 2 Dinge gefunden diese sind nicht der Auslöser. defogger_disable.txt Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:18 on 15/07/2015 (Hans)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by Hans at 2015-07-15 22:19:48
Running from C:\Users\Hans\Desktop\Trojanerboard
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-480132033-1698870507-4115585903-500 - Administrator - Disabled)
Gast (S-1-5-21-480132033-1698870507-4115585903-501 - Limited - Disabled)
Hans (S-1-5-21-480132033-1698870507-4115585903-1000 - Administrator - Enabled) => C:\Users\Hans
HomeGroupUser$ (S-1-5-21-480132033-1698870507-4115585903-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 8.2.1 - Hewlett-Packard) Hidden
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avira (HKLM-x32\...\{8467e01f-0496-42ce-b247-88ef205b4880}) (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.579 - Avira Operations GmbH & Co. KG)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.1.0.4 - Electronic Arts)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Firefox 39.0 (x86 de) (HKU\S-1-5-21-480132033-1698870507-4115585903-1000\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
PARTHICA Core Gaming Keyboard Driver (HKLM-x32\...\{68F65E0D-F894-4F5A-B9E9-F3CAB29FB59A}) (Version: 1.0 - SPEEDLINK)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7482 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.28.1 - Renesas Electronics Corporation) Hidden
Samsung Link 1.8.0.1401171024 (HKLM\...\8474-7877-9059-0204) (Version: 1.8.0.1401171024 - Copyright 2013 SAMSUNG)
Spotify (HKU\S-1-5-21-480132033-1698870507-4115585903-1000\...\Spotify) (Version: 1.0.8.59.gee82e7e6 - Spotify AB)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.2.1739 - 1&1 Mail & Media GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
15-07-2015 21:29:05 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03F53975-9F92-40BD-9C9C-7A136B6ED6B3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
Task: {19AC6556-840D-41C1-B9B6-AC8E4403A3E3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (Whitelisted) ==============
2015-04-16 06:15 - 2015-04-16 06:15 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-04-18 21:35 - 2014-04-21 11:15 - 01976832 _____ () E:\Programme\Speedlink\Monitor.EXE
2015-04-18 21:35 - 2013-07-11 20:16 - 00169984 _____ () E:\Programme\Speedlink\OSD.exe
2015-03-13 15:54 - 2015-03-13 15:54 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-04-18 21:35 - 2013-08-17 12:22 - 00036864 _____ () E:\Programme\Speedlink\Lang\Lang_EN.dll
2015-04-18 21:35 - 2012-12-12 23:20 - 00061440 _____ () E:\Programme\Speedlink\hiddriver.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-480132033-1698870507-4115585903-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Hans\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Samsung Link => "E:\Programme\Samsung link\Samsung Link\Samsung Link Tray Agent.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Hans\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Hans\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AB33845A-3E7C-492A-A8B7-6ED2CA6A093C}] => (Allow) E:\Programme\Firefox\firefox.exe
FirewallRules: [{C401BED4-591D-4049-ACF2-DCD4D66BAFDC}] => (Allow) E:\Programme\Firefox\firefox.exe
FirewallRules: [{FE0D8DF5-9489-4A07-BB0D-423B677D0DDF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{70ADD02E-EA2F-4FDE-8FD7-0DB348B6A276}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7E4D9857-E2E3-4B76-8065-D9241BE16E26}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{873AC86B-7FE6-4C82-9CD3-340FEB1D65F2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{84CED599-7487-47BA-B9C9-78584E11B40B}C:\users\hans\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hans\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{92280495-36D8-4AFD-9697-9FF87C568996}C:\users\hans\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hans\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{91EB7BA0-AC92-473A-92F7-4961BC21ED4D}C:\users\hans\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hans\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3C83B001-795B-4416-89D1-E668FD523BB0}C:\users\hans\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hans\appdata\roaming\spotify\spotify.exe
FirewallRules: [{F2B10685-9012-4526-9EFD-91290DEFA96D}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{58A7192B-5EC1-4326-9B7A-F3F4ADF6A760}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{41A56C8A-59AE-4B00-9C55-F59CC459E3B5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{4B38A70D-0C66-46FB-A957-F50985C0801C}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{3F4AB27E-7D2A-44B5-801D-2302E8972D38}] => (Allow) LPort=8743
FirewallRules: [{D890947A-86D4-49E9-A07F-E70AA1998EE4}] => (Allow) LPort=8643
FirewallRules: [{B0BEE6F3-B41D-4845-B58E-C033B3E43611}] => (Allow) LPort=7676
FirewallRules: [{F1EA9393-D8F3-437A-9493-27B0C5FBF7A4}] => (Allow) LPort=7679
FirewallRules: [{48A37E9A-0A90-4AE4-B3AF-4339855BACB9}] => (Allow) LPort=24234
FirewallRules: [{3F6F4ACC-796F-4F9D-904D-BD62D9A49F8D}] => (Allow) LPort=7900
FirewallRules: [{310A6C00-EE61-4B2B-ABCC-466410FA8D3D}] => (Allow) LPort=1900
FirewallRules: [{6524C438-3714-45E8-B28D-FECFDE08A15E}] => (Allow) E:\Programme\Samsung link\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{955C73AE-2647-4E69-BEF9-EC50FCAB3DF2}] => (Allow) E:\Programme\Samsung link\Samsung Link\Samsung Link.exe
FirewallRules: [{D365B4BF-8948-437C-BD6A-00097F80E199}] => (Allow) E:\Programme\Samsung link\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{0E585D13-0E3E-43E7-B02B-D3214194C949}] => (Allow) E:\Programme\Samsung link\Samsung Link\Samsung Link.exe
FirewallRules: [TCP Query User{0A42B25A-74F3-4AE7-9227-F28E81F2B50A}E:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) E:\program files (x86)\origin games\bfh\bfh.exe
FirewallRules: [UDP Query User{5E28457A-F08C-4174-BE10-5C1BB1D80BD2}E:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) E:\program files (x86)\origin games\bfh\bfh.exe
FirewallRules: [{9A577602-D29E-46A0-BCFD-10E6826719D6}] => (Allow) E:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{AF8650FB-A8E9-4216-9326-1819215C27B6}] => (Allow) E:\Program Files (x86)\Origin Games\BFH\bfh.exe
==================== Faulty Device Manager Devices =============
Name: Realtek RTL8168D/8111D-Familie-PCI-E-Gigabit-Ethernet-NIC (NDIS 6.20)
Description: Realtek RTL8168D/8111D-Familie-PCI-E-Gigabit-Ethernet-NIC (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/15/2015 10:06:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert
Error: (07/15/2015 10:06:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert
Error: (07/15/2015 10:06:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert
Error: (07/15/2015 09:38:18 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"1". Fehler in Manifest- oder Richtliniendatei "Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"2" in Zeile Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161".
Definition: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (07/15/2015 09:37:52 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"1". Fehler in Manifest- oder Richtliniendatei "Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"2" in Zeile Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161".
Definition: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (07/15/2015 09:37:52 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"1". Fehler in Manifest- oder Richtliniendatei "Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"2" in Zeile Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161".
Definition: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (07/15/2015 09:37:52 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"1". Fehler in Manifest- oder Richtliniendatei "Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"2" in Zeile Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161".
Definition: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (07/15/2015 09:37:52 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"1". Fehler in Manifest- oder Richtliniendatei "Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"2" in Zeile Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161".
Definition: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (07/15/2015 09:37:51 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"1". Fehler in Manifest- oder Richtliniendatei "Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"2" in Zeile Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161".
Definition: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (07/15/2015 09:14:07 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"1". Fehler in Manifest- oder Richtliniendatei "Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"2" in Zeile Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161".
Definition: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
System errors:
=============
Error: (07/15/2015 09:42:32 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Windows 7 für x64-basierte Systeme (KB3040272)
Error: (07/15/2015 09:40:04 PM) (Source: WMPNetworkSvc) (EventID: 14329) (User: )
Description: WMPNetworkSvc0x80070006
Error: (07/15/2015 09:39:16 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (07/15/2015 09:38:50 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%1168.
Error: (07/15/2015 09:38:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Samsung Link Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/15/2015 09:37:37 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%1168.
Error: (07/15/2015 09:36:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (07/15/2015 09:36:13 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (07/15/2015 09:35:39 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%1168.
Error: (07/15/2015 09:34:33 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Microsoft Office:
=========================
Error: (07/15/2015 10:06:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Zugriff verweigert
Error: (07/15/2015 10:06:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Zugriff verweigert
Error: (07/15/2015 10:06:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Zugriff verweigert
Error: (07/15/2015 09:38:18 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files (x86)\Raptr\raptrstub.exeC:\Program Files (x86)\Raptr\Microsoft.VC90.CRT.MANIFEST4
Error: (07/15/2015 09:37:52 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"E:\Programme\Samsung link\Samsung Link\utils\MetaExtractor.exeE:\Programme\Samsung link\Samsung Link\utils\Microsoft.VC90.CRT.MANIFEST11
Error: (07/15/2015 09:37:52 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"E:\Programme\Samsung link\Samsung Link\utils\MetaExtractor.exeE:\Programme\Samsung link\Samsung Link\utils\Microsoft.VC90.CRT.MANIFEST11
Error: (07/15/2015 09:37:52 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"E:\Programme\Samsung link\Samsung Link\utils\MetaExtractor.exeE:\Programme\Samsung link\Samsung Link\utils\Microsoft.VC90.CRT.MANIFEST11
Error: (07/15/2015 09:37:52 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"E:\Programme\Samsung link\Samsung Link\utils\MetaExtractor.exeE:\Programme\Samsung link\Samsung Link\utils\Microsoft.VC90.CRT.MANIFEST11
Error: (07/15/2015 09:37:51 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"E:\Programme\Samsung link\Samsung Link\utils\MetaExtractor.exeE:\Programme\Samsung link\Samsung Link\utils\Microsoft.VC90.CRT.MANIFEST11
Error: (07/15/2015 09:14:07 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"E:\Programme\Samsung link\Samsung Link\utils\MetaExtractor.exeE:\Programme\Samsung link\Samsung Link\utils\Microsoft.VC90.CRT.MANIFEST11
==================== Memory info ===========================
Processor: AMD Phenom(tm) II X6 1090T Processor
Percentage of memory in use: 27%
Total physical RAM: 8189.55 MB
Available physical RAM: 5976.96 MB
Total Virtual: 16377.32 MB
Available Virtual: 13609.61 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:59.62 GB) (Free:20.65 GB) NTFS
Drive d: (Volume) (Fixed) (Total:1863.01 GB) (Free:261.43 GB) NTFS
Drive e: () (Fixed) (Total:465.66 GB) (Free:183.16 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 953DACF5)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 59.6 GB) (Disk ID: 7F94AFDD)
Partition 1: (Active) - (Size=59.6 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7F94AFA5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of log ============================
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by Hans (administrator) on HANS-PC on 15-07-2015 22:19:24
Running from C:\Users\Hans\Desktop\Trojanerboard
Loaded Profiles: Hans (Available Profiles: Hans)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) E:\Programme\Antivir\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) E:\Programme\Antivir\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) E:\Programme\Antivir\Avira\AntiVir Desktop\avshadow.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Spotify Ltd) C:\Users\Hans\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Avira Operations GmbH & Co. KG) E:\Programme\Antivir\Avira\AntiVir Desktop\avgnt.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Advanced Micro Devices Inc.) E:\Programme\AMD\ATI.ACE\Core-Static\MOM.exe
() E:\Programme\Speedlink\Monitor.EXE
() E:\Programme\Speedlink\OSD.exe
(ATI Technologies Inc.) E:\Programme\AMD\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avira Operations GmbH & Co. KG) E:\Programme\Antivir\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Avira Operations GmbH & Co. KG) E:\Programme\Antivir\Avira\AntiVir Desktop\avscan.exe
(Mozilla Corporation) E:\Programme\Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [StartCCC] => E:\Programme\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-15] (Raptr, Inc)
HKLM-x32\...\Run: [avgnt] => E:\Programme\Antivir\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SL-6482 Gaming Keyboard] => E:\Programme\Speedlink\Monitor.exe [1976832 2014-04-21] ()
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-480132033-1698870507-4115585903-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-480132033-1698870507-4115585903-1000\...\Run: [Spotify Web Helper] => C:\Users\Hans\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2030648 2015-07-02] (Spotify Ltd)
HKU\S-1-5-21-480132033-1698870507-4115585903-1000\...\MountPoints2: {31e923f6-0779-11e5-be60-806e6f6e6963} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-480132033-1698870507-4115585903-1000\...\MountPoints2: {31e9246e-0779-11e5-be60-1c6f6580a859} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-04-16] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] ()
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9FA32E91-510A-484A-85BA-916FD69AD390}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> E:\Programme\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF SearchPlugin: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\searchplugins\google-images.xml [2015-05-31]
FF SearchPlugin: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\searchplugins\google-maps.xml [2015-05-31]
FF Extension: WEB.DE MailCheck - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\Extensions\mailcheck@web.de [2015-06-19]
FF Extension: Gutscheinaffe - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\Extensions\{9220f99f-5b7d-4a4d-97ca-209991796400}.xpi [2015-04-16]
FF Extension: {b31b7e5f-973b-4323-bc83-37ee7c836f65} - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\Extensions\{b31b7e5f-973b-4323-bc83-37ee7c836f65}.xpi [2015-04-16]
FF Extension: Adblock Plus - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-15]
StartMenuInternet: FIREFOX.EXE - E:\Programme\Firefox\firefox.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; E:\Programme\Antivir\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; E:\Programme\Antivir\Avira\AntiVir Desktop\sched.exe [450808 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; E:\Programme\Antivir\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; E:\Programme\Antivir\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Origin Client Service; E:\Spiele\Origin\OriginClientService.exe [2004488 2015-06-29] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-04-16] ()
S2 Samsung Link Service; E:\Programme\Samsung link\Samsung Link\Samsung Link.exe [609632 2014-01-17] (Copyright 2013 SAMSUNG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-17] (Avira Operations GmbH & Co. KG)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-15 22:19 - 2015-07-15 22:19 - 00000000 ____D C:\FRST
2015-07-15 22:18 - 2015-07-15 22:18 - 00000000 _____ C:\Users\Hans\defogger_reenable
2015-07-15 22:09 - 2015-07-15 22:19 - 00000000 ____D C:\Users\Hans\Desktop\Trojanerboard
2015-07-15 21:05 - 2015-07-15 21:37 - 00000168 _____ C:\Windows\setupact.log
2015-07-15 21:05 - 2015-07-15 21:05 - 00000000 _____ C:\Windows\setuperr.log
2015-07-15 20:08 - 2015-07-15 20:13 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 20:08 - 2015-07-03 08:43 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-15 20:08 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 20:08 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 20:08 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 20:08 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 20:08 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 20:08 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 20:08 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 20:08 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 20:08 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 20:08 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 20:08 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 20:08 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 19:58 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 19:58 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 19:58 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 19:58 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 19:58 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 19:58 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 19:58 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 19:58 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 19:58 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 19:58 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 19:58 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 19:58 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 19:58 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 19:58 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 19:58 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 19:58 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 19:58 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 19:58 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 19:58 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 19:58 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 19:58 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 19:58 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 19:58 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 19:58 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 19:58 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 19:58 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 19:58 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 19:58 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 19:58 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 19:58 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 19:58 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 19:58 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 19:58 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 19:58 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 19:58 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 19:58 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 19:58 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 19:58 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 19:58 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 19:58 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 19:58 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 19:58 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 19:58 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 19:58 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 19:58 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 19:58 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 19:58 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 19:58 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 19:58 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 19:58 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 19:58 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 19:55 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 19:55 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 19:55 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 19:55 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 19:55 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 19:55 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 19:55 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 19:55 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 19:55 - 2015-06-03 22:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-07-15 19:48 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 19:48 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 19:48 - 2015-07-03 20:05 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-15 19:48 - 2015-07-03 20:05 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-15 19:48 - 2015-07-03 20:05 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-15 19:48 - 2015-07-03 20:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-15 19:48 - 2015-07-03 19:56 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-15 19:48 - 2015-07-03 19:56 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-15 19:48 - 2015-07-03 19:56 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-15 19:48 - 2015-07-03 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-15 19:48 - 2015-07-03 18:52 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-15 19:48 - 2015-07-03 18:42 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-15 19:48 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 19:48 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 19:48 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 19:48 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 19:48 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 19:48 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 19:48 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 19:48 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 19:48 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 19:48 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 19:48 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 19:48 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 19:48 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 19:48 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 19:48 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 19:48 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 19:48 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 19:48 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 19:48 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 19:48 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 19:48 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 19:48 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-07-15 19:48 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-07-15 19:48 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-07-15 19:48 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-07-15 19:48 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-07-15 19:48 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-07-15 19:48 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-07-15 19:48 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-07-15 19:48 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-07-15 19:48 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-07-15 19:48 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-07-15 19:48 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-07-15 19:48 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-07-15 19:45 - 2015-06-11 19:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 19:45 - 2015-06-11 19:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-15 19:45 - 2015-06-11 19:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-09 14:46 - 2015-07-09 14:46 - 00000087 _____ C:\Users\Hans\Desktop\Radlager wechsel.txt
2015-07-07 21:00 - 2015-07-07 20:52 - 03449045 _____ C:\Users\Hans\Desktop\Anhänge_20150707.zip
2015-07-07 20:54 - 2015-07-07 20:54 - 10368054 _____ C:\Users\Hans\Desktop\Neue Bitmap.bmp
2015-07-07 20:05 - 2015-07-07 20:06 - 00001086 _____ C:\Users\Hans\Desktop\querlenkergummilager.txt
2015-07-07 20:04 - 2015-07-07 20:04 - 00000501 _____ C:\Users\Hans\Desktop\Tankgeber einstellen.txt
2015-07-06 20:32 - 2015-07-06 20:32 - 00000000 ____D C:\Program Files (x86)\Avira
2015-06-17 17:27 - 2015-07-13 19:29 - 00000000 ____D C:\Users\Hans\AppData\Local\Microsoft Games
2015-06-17 17:19 - 2015-06-17 17:19 - 00000000 ____D C:\Users\Hans\Documents\Stronghold Crusader
2015-06-17 17:19 - 2015-06-17 17:19 - 00000000 ____D C:\Users\Hans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-06-16 19:55 - 2015-06-16 19:55 - 00000000 ____D C:\Users\Hans\AppData\Local\ESN
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-15 22:18 - 2015-04-15 19:42 - 00000000 ____D C:\Users\Hans
2015-07-15 21:49 - 2015-04-15 20:22 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-15 21:45 - 2009-07-14 06:45 - 00017456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-15 21:45 - 2009-07-14 06:45 - 00017456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-15 21:43 - 2009-07-14 19:58 - 00699092 _____ C:\Windows\system32\perfh007.dat
2015-07-15 21:43 - 2009-07-14 19:58 - 00149232 _____ C:\Windows\system32\perfc007.dat
2015-07-15 21:43 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-15 21:42 - 2015-04-15 19:42 - 01782903 _____ C:\Windows\WindowsUpdate.log
2015-07-15 21:37 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-15 21:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-15 21:02 - 2015-04-16 20:24 - 00000000 ____D C:\Users\Hans\AppData\Roaming\TS3Client
2015-07-15 20:29 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-15 20:28 - 2009-07-14 06:45 - 00296120 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-15 20:27 - 2015-04-16 14:50 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 20:27 - 2015-04-16 14:50 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 20:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-15 20:04 - 2015-04-16 06:15 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-15 20:03 - 2015-04-16 15:06 - 00000000 ____D C:\Users\Hans\AppData\Roaming\vlc
2015-07-15 20:02 - 2015-04-15 21:04 - 00000000 ____D C:\ProgramData\Origin
2015-07-14 21:51 - 2015-04-15 20:22 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 21:51 - 2015-04-15 20:22 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 21:51 - 2015-04-15 20:22 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-14 21:37 - 2015-04-16 06:15 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-13 22:15 - 2015-04-16 15:19 - 00000000 ____D C:\Users\Hans\AppData\Local\Spotify
2015-07-13 22:15 - 2015-04-16 15:18 - 00000000 ____D C:\Users\Hans\AppData\Roaming\Spotify
2015-07-12 18:54 - 2009-07-14 07:08 - 00028602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-07 19:28 - 2015-04-15 21:04 - 00000000 ____D C:\Users\Hans\AppData\Roaming\Raptr
2015-07-06 20:32 - 2015-04-16 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-06 20:32 - 2015-04-15 21:00 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-17 15:46 - 2015-04-16 06:16 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
==================== Files in the root of some directories =======
2015-05-17 14:50 - 2015-05-17 14:50 - 0007605 _____ () C:\Users\Hans\AppData\Local\Resmon.ResmonCfg
2015-04-16 15:47 - 2015-04-16 15:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Hans\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-13 21:48
==================== End of log ============================
antivir: Code:
ATTFilter Exportierte Ereignisse:
16.07.2015 22:16 [System-Scanner] Suche
Suchlauf beendet [Der Suchlauf wurde vollständig durchgeführt.].
Anzahl Dateien: 1307235
Anzahl Verzeichnisse: 36114
Anzahl Malware: 0
Anzahl Warnungen: 0
|
|
19.07.2015, 12:29
| #2 |
| /// the machine /// TB-Ausbilder    | Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
19.07.2015, 13:43
| #3 |
| | Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler Hier schon mal malwarebytes
__________________Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.07.19.01
rootkit: v2015.07.17.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17914
Hans :: HANS-PC [administrator]
19.07.2015 14:12:34
mbar-log-2015-07-19 (14-12-34).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 332276
Time elapsed: 10 minute(s), 7 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 14:45:43.0464 0x0d08 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
14:45:45.0856 0x0d08 ============================================================
14:45:45.0856 0x0d08 Current date / time: 2015/07/19 14:45:45.0856
14:45:45.0856 0x0d08 SystemInfo:
14:45:45.0856 0x0d08
14:45:45.0856 0x0d08 OS Version: 6.1.7601 ServicePack: 1.0
14:45:45.0856 0x0d08 Product type: Workstation
14:45:45.0856 0x0d08 ComputerName: HANS-PC
14:45:45.0856 0x0d08 UserName: Hans
14:45:45.0856 0x0d08 Windows directory: C:\Windows
14:45:45.0856 0x0d08 System windows directory: C:\Windows
14:45:45.0856 0x0d08 Running under WOW64
14:45:45.0856 0x0d08 Processor architecture: Intel x64
14:45:45.0856 0x0d08 Number of processors: 6
14:45:45.0856 0x0d08 Page size: 0x1000
14:45:45.0856 0x0d08 Boot type: Normal boot
14:45:45.0856 0x0d08 ============================================================
14:45:46.0040 0x0d08 KLMD registered as C:\Windows\system32\drivers\64671518.sys
14:45:46.0097 0x0d08 System UUID: {A45BD5BC-6E3B-695D-5A6D-4892125FF2B2}
14:45:46.0396 0x0d08 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
14:45:46.0396 0x0d08 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:45:46.0396 0x0d08 Drive \Device\Harddisk1\DR1 - Size: 0xEE8156000 ( 59.63 Gb ), SectorSize: 0x200, Cylinders: 0x1E67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:45:46.0399 0x0d08 ============================================================
14:45:46.0399 0x0d08 \Device\Harddisk2\DR2:
14:45:46.0399 0x0d08 MBR partitions:
14:45:46.0399 0x0d08 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:45:46.0399 0x0d08 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
14:45:46.0399 0x0d08 \Device\Harddisk0\DR0:
14:45:46.0399 0x0d08 MBR partitions:
14:45:46.0399 0x0d08 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
14:45:46.0399 0x0d08 \Device\Harddisk1\DR1:
14:45:46.0400 0x0d08 MBR partitions:
14:45:46.0400 0x0d08 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x773F800
14:45:46.0400 0x0d08 ============================================================
14:45:46.0401 0x0d08 C: <-> \Device\Harddisk1\DR1\Partition1
14:45:46.0401 0x0d08 D: <-> \Device\Harddisk0\DR0\Partition1
14:45:46.0422 0x0d08 E: <-> \Device\Harddisk2\DR2\Partition2
14:45:46.0422 0x0d08 ============================================================
14:45:46.0422 0x0d08 Initialize success
14:45:46.0422 0x0d08 ============================================================
14:45:51.0958 0x15ec ============================================================
14:45:51.0958 0x15ec Scan started
14:45:51.0958 0x15ec Mode: Manual; SigCheck; TDLFS;
14:45:51.0958 0x15ec ============================================================
14:45:51.0958 0x15ec KSN ping started
14:46:05.0652 0x15ec KSN ping finished: true
14:46:05.0924 0x15ec ================ Scan system memory ========================
14:46:05.0924 0x15ec System memory - ok
14:46:05.0925 0x15ec ================ Scan services =============================
14:46:05.0965 0x15ec [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:46:05.0998 0x15ec 1394ohci - ok
14:46:06.0012 0x15ec [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:46:06.0026 0x15ec ACPI - ok
14:46:06.0030 0x15ec [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:46:06.0040 0x15ec AcpiPmi - ok
14:46:06.0067 0x15ec [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:46:06.0079 0x15ec AdobeFlashPlayerUpdateSvc - ok
14:46:06.0094 0x15ec [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:46:06.0110 0x15ec adp94xx - ok
14:46:06.0122 0x15ec [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:46:06.0136 0x15ec adpahci - ok
14:46:06.0144 0x15ec [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:46:06.0154 0x15ec adpu320 - ok
14:46:06.0161 0x15ec [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:46:06.0170 0x15ec AeLookupSvc - ok
14:46:06.0185 0x15ec [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
14:46:06.0202 0x15ec AFD - ok
14:46:06.0207 0x15ec [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
14:46:06.0216 0x15ec agp440 - ok
14:46:06.0221 0x15ec [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
14:46:06.0231 0x15ec ALG - ok
14:46:06.0234 0x15ec [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
14:46:06.0242 0x15ec aliide - ok
14:46:06.0251 0x15ec [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:46:06.0267 0x15ec AMD External Events Utility - ok
14:46:06.0271 0x15ec [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
14:46:06.0278 0x15ec amdide - ok
14:46:06.0283 0x15ec [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:46:06.0292 0x15ec AmdK8 - ok
14:46:06.0736 0x15ec [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:46:07.0127 0x15ec amdkmdag - ok
14:46:07.0172 0x15ec [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:46:07.0194 0x15ec amdkmdap - ok
14:46:07.0199 0x15ec [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:46:07.0208 0x15ec AmdPPM - ok
14:46:07.0214 0x15ec [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:46:07.0223 0x15ec amdsata - ok
14:46:07.0231 0x15ec [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:46:07.0242 0x15ec amdsbs - ok
14:46:07.0245 0x15ec [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:46:07.0254 0x15ec amdxata - ok
14:46:07.0338 0x15ec [ 3358CAD1887DDDDD2A36B7796B579292, 40BA1A836276C2AA78914F294661C3C918F2D6DFAA9D6EF3FEB6D1EE3B07F584 ] AntiVirMailService E:\Programme\Antivir\Avira\AntiVir Desktop\avmailc7.exe
14:46:07.0360 0x15ec AntiVirMailService - ok
14:46:07.0406 0x15ec [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirSchedulerService E:\Programme\Antivir\Avira\AntiVir Desktop\sched.exe
14:46:07.0421 0x15ec AntiVirSchedulerService - ok
14:46:07.0439 0x15ec [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirService E:\Programme\Antivir\Avira\AntiVir Desktop\avguard.exe
14:46:07.0453 0x15ec AntiVirService - ok
14:46:07.0492 0x15ec [ 6FD5165364D88FDABE4FA59E1768376F, B82D11E6FCC297F822E29A49D46C9985955C9F5676D107A397B00D0468F93504 ] AntiVirWebService E:\Programme\Antivir\Avira\AntiVir Desktop\avwebg7.exe
14:46:07.0519 0x15ec AntiVirWebService - ok
14:46:07.0525 0x15ec [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
14:46:07.0534 0x15ec AppID - ok
14:46:07.0538 0x15ec [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:46:07.0546 0x15ec AppIDSvc - ok
14:46:07.0550 0x15ec [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
14:46:07.0560 0x15ec Appinfo - ok
14:46:07.0568 0x15ec [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
14:46:07.0579 0x15ec AppMgmt - ok
14:46:07.0584 0x15ec [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
14:46:07.0593 0x15ec arc - ok
14:46:07.0599 0x15ec [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:46:07.0608 0x15ec arcsas - ok
14:46:07.0622 0x15ec [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:46:07.0632 0x15ec aspnet_state - ok
14:46:07.0636 0x15ec [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:46:07.0659 0x15ec AsyncMac - ok
14:46:07.0663 0x15ec [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
14:46:07.0671 0x15ec atapi - ok
14:46:07.0710 0x15ec [ 0ACC06FCF46F64ED4F11E57EE461C1F4, F2AB7198C7F7D36AB1D6D03C1FEFD929ED402002AC835B909FC14938BC0EE24B ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:46:07.0746 0x15ec athr - ok
14:46:07.0755 0x15ec [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
14:46:07.0764 0x15ec AtiHDAudioService - ok
14:46:07.0783 0x15ec [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:46:07.0803 0x15ec AudioEndpointBuilder - ok
14:46:07.0822 0x15ec [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:46:07.0842 0x15ec AudioSrv - ok
14:46:07.0850 0x15ec [ CC1ABBD9E61B7AA5CCBB45EA87CB033F, 4E5DE485833721E19B36455C017B9D908BAA7D12637A878934A0FAF2326E000B ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:46:08.0351 0x15ec avgntflt - ok
14:46:08.0358 0x15ec [ 07C8454D3A94BA478752FAFA2B94E0FE, EB19396D4A6D51D6C33ED55C8EF0259045801D39CCE2945931F9163D6006C133 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:46:08.0368 0x15ec avipbb - ok
14:46:08.0377 0x15ec [ 17348FE28C0A0AB4A6CB86D177770335, 633FEDA61F62504534B47090EA142F73C5D80C0D52A22A6C81DF64CD3EAFDAA8 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
14:46:08.0389 0x15ec Avira.ServiceHost - ok
14:46:08.0393 0x15ec [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:46:08.0401 0x15ec avkmgr - ok
14:46:08.0405 0x15ec [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
14:46:08.0414 0x15ec avnetflt - ok
14:46:08.0419 0x15ec [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:46:08.0432 0x15ec AxInstSV - ok
14:46:08.0446 0x15ec [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:46:08.0462 0x15ec b06bdrv - ok
14:46:08.0472 0x15ec [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:46:08.0485 0x15ec b57nd60a - ok
14:46:08.0492 0x15ec [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
14:46:08.0502 0x15ec BDESVC - ok
14:46:08.0505 0x15ec [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
14:46:08.0528 0x15ec Beep - ok
14:46:08.0548 0x15ec [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
14:46:08.0569 0x15ec BFE - ok
14:46:08.0592 0x15ec [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
14:46:08.0630 0x15ec BITS - ok
14:46:08.0635 0x15ec [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:46:08.0644 0x15ec blbdrive - ok
14:46:08.0649 0x15ec [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:46:08.0658 0x15ec bowser - ok
14:46:08.0662 0x15ec [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:46:08.0671 0x15ec BrFiltLo - ok
14:46:08.0674 0x15ec [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:46:08.0684 0x15ec BrFiltUp - ok
14:46:08.0690 0x15ec [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
14:46:08.0701 0x15ec Browser - ok
14:46:08.0710 0x15ec [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:46:08.0724 0x15ec Brserid - ok
14:46:08.0728 0x15ec [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:46:08.0738 0x15ec BrSerWdm - ok
14:46:08.0742 0x15ec [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:46:08.0752 0x15ec BrUsbMdm - ok
14:46:08.0755 0x15ec [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:46:08.0763 0x15ec BrUsbSer - ok
14:46:08.0768 0x15ec [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:46:08.0779 0x15ec BTHMODEM - ok
14:46:08.0785 0x15ec [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
14:46:08.0810 0x15ec bthserv - ok
14:46:08.0815 0x15ec [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:46:08.0840 0x15ec cdfs - ok
14:46:08.0846 0x15ec [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:46:08.0857 0x15ec cdrom - ok
14:46:08.0862 0x15ec [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
14:46:08.0886 0x15ec CertPropSvc - ok
14:46:08.0891 0x15ec [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:46:08.0901 0x15ec circlass - ok
14:46:08.0913 0x15ec [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
14:46:08.0928 0x15ec CLFS - ok
14:46:08.0935 0x15ec [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:46:08.0945 0x15ec clr_optimization_v2.0.50727_32 - ok
14:46:08.0952 0x15ec [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:46:08.0961 0x15ec clr_optimization_v2.0.50727_64 - ok
14:46:08.0972 0x15ec [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:46:08.0983 0x15ec clr_optimization_v4.0.30319_32 - ok
14:46:08.0988 0x15ec [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:46:09.0000 0x15ec clr_optimization_v4.0.30319_64 - ok
14:46:09.0004 0x15ec [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:46:09.0011 0x15ec CmBatt - ok
14:46:09.0015 0x15ec [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:46:09.0023 0x15ec cmdide - ok
14:46:09.0036 0x15ec [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
14:46:09.0057 0x15ec CNG - ok
14:46:09.0061 0x15ec [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:46:09.0069 0x15ec Compbatt - ok
14:46:09.0073 0x15ec [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:46:09.0083 0x15ec CompositeBus - ok
14:46:09.0086 0x15ec COMSysApp - ok
14:46:09.0090 0x15ec [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:46:09.0098 0x15ec crcdisk - ok
14:46:09.0107 0x15ec [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:46:09.0118 0x15ec CryptSvc - ok
14:46:09.0134 0x15ec [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
14:46:09.0151 0x15ec CSC - ok
14:46:09.0170 0x15ec [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
14:46:09.0191 0x15ec CscService - ok
14:46:09.0208 0x15ec [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:46:09.0240 0x15ec DcomLaunch - ok
14:46:09.0251 0x15ec [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
14:46:09.0279 0x15ec defragsvc - ok
14:46:09.0285 0x15ec [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:46:09.0309 0x15ec DfsC - ok
14:46:09.0319 0x15ec [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:46:09.0333 0x15ec Dhcp - ok
14:46:09.0367 0x15ec [ EA8A3E8C674B03CB4AFA1D344DBD7BC1, 564D9370AE4D12973647997684B9637B2A5A7480F66B87018F789CE4E43C8191 ] DiagTrack C:\Windows\system32\diagtrack.dll
14:46:09.0398 0x15ec DiagTrack - ok
14:46:09.0404 0x15ec [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
14:46:09.0427 0x15ec discache - ok
14:46:09.0432 0x15ec [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:46:09.0441 0x15ec Disk - ok
14:46:09.0448 0x15ec [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:46:09.0459 0x15ec Dnscache - ok
14:46:09.0468 0x15ec [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
14:46:09.0495 0x15ec dot3svc - ok
14:46:09.0502 0x15ec [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
14:46:09.0526 0x15ec DPS - ok
14:46:09.0530 0x15ec [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:46:09.0537 0x15ec drmkaud - ok
14:46:09.0563 0x15ec [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:46:09.0589 0x15ec DXGKrnl - ok
14:46:09.0596 0x15ec [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
14:46:09.0621 0x15ec EapHost - ok
14:46:09.0701 0x15ec [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:46:09.0768 0x15ec ebdrv - ok
14:46:09.0777 0x15ec [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] EFS C:\Windows\System32\lsass.exe
14:46:09.0786 0x15ec EFS - ok
14:46:09.0806 0x15ec [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:46:09.0827 0x15ec ehRecvr - ok
14:46:09.0833 0x15ec [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
14:46:09.0844 0x15ec ehSched - ok
14:46:09.0859 0x15ec [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:46:09.0877 0x15ec elxstor - ok
14:46:09.0881 0x15ec [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:46:09.0889 0x15ec ErrDev - ok
14:46:09.0904 0x15ec [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
14:46:09.0935 0x15ec EventSystem - ok
14:46:09.0943 0x15ec [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
14:46:09.0970 0x15ec exfat - ok
14:46:09.0978 0x15ec [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:46:10.0005 0x15ec fastfat - ok
14:46:10.0024 0x15ec [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
14:46:10.0045 0x15ec Fax - ok
14:46:10.0050 0x15ec [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:46:10.0058 0x15ec fdc - ok
14:46:10.0062 0x15ec [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
14:46:10.0086 0x15ec fdPHost - ok
14:46:10.0090 0x15ec [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
14:46:10.0114 0x15ec FDResPub - ok
14:46:10.0118 0x15ec [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:46:10.0127 0x15ec FileInfo - ok
14:46:10.0131 0x15ec [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:46:10.0156 0x15ec Filetrace - ok
14:46:10.0160 0x15ec [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:46:10.0168 0x15ec flpydisk - ok
14:46:10.0178 0x15ec [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:46:10.0191 0x15ec FltMgr - ok
14:46:10.0221 0x15ec [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
14:46:10.0251 0x15ec FontCache - ok
14:46:10.0257 0x15ec [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:46:10.0264 0x15ec FontCache3.0.0.0 - ok
14:46:10.0269 0x15ec [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:46:10.0278 0x15ec FsDepends - ok
14:46:10.0282 0x15ec [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:46:10.0290 0x15ec Fs_Rec - ok
14:46:10.0298 0x15ec [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:46:10.0312 0x15ec fvevol - ok
14:46:10.0316 0x15ec [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:46:10.0325 0x15ec gagp30kx - ok
14:46:10.0346 0x15ec [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
14:46:10.0382 0x15ec gpsvc - ok
14:46:10.0387 0x15ec [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:46:10.0396 0x15ec hcw85cir - ok
14:46:10.0407 0x15ec [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:46:10.0422 0x15ec HdAudAddService - ok
14:46:10.0429 0x15ec [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:46:10.0443 0x15ec HDAudBus - ok
14:46:10.0448 0x15ec [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:46:10.0458 0x15ec HidBatt - ok
14:46:10.0463 0x15ec [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:46:10.0474 0x15ec HidBth - ok
14:46:10.0479 0x15ec [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:46:10.0489 0x15ec HidIr - ok
14:46:10.0493 0x15ec [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
14:46:10.0517 0x15ec hidserv - ok
14:46:10.0521 0x15ec [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:46:10.0529 0x15ec HidUsb - ok
14:46:10.0534 0x15ec [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:46:10.0559 0x15ec hkmsvc - ok
14:46:10.0567 0x15ec [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:46:10.0580 0x15ec HomeGroupListener - ok
14:46:10.0587 0x15ec [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:46:10.0599 0x15ec HomeGroupProvider - ok
14:46:10.0604 0x15ec [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:46:10.0613 0x15ec HpSAMD - ok
14:46:10.0634 0x15ec [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:46:10.0655 0x15ec HTTP - ok
14:46:10.0660 0x15ec [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:46:10.0668 0x15ec hwpolicy - ok
14:46:10.0674 0x15ec [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:46:10.0683 0x15ec i8042prt - ok
14:46:10.0696 0x15ec [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:46:10.0711 0x15ec iaStorV - ok
14:46:10.0734 0x15ec [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:46:10.0757 0x15ec idsvc - ok
14:46:10.0762 0x15ec IEEtwCollectorService - ok
14:46:10.0766 0x15ec [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:46:10.0775 0x15ec iirsp - ok
14:46:10.0797 0x15ec [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
14:46:10.0821 0x15ec IKEEXT - ok
14:46:10.0934 0x15ec [ 82A2ADF15247712BF06B74ACEF9B636E, E9FE382B05FB49377B4A2A2719E0099A13D1AB24748F842077AF15E8A62073C4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:46:11.0028 0x15ec IntcAzAudAddService - ok
14:46:11.0039 0x15ec [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
14:46:11.0047 0x15ec intelide - ok
14:46:11.0051 0x15ec [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:46:11.0060 0x15ec intelppm - ok
14:46:11.0065 0x15ec [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:46:11.0091 0x15ec IPBusEnum - ok
14:46:11.0096 0x15ec [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:46:11.0120 0x15ec IpFilterDriver - ok
14:46:11.0136 0x15ec [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:46:11.0154 0x15ec iphlpsvc - ok
14:46:11.0160 0x15ec [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:46:11.0169 0x15ec IPMIDRV - ok
14:46:11.0175 0x15ec [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:46:11.0200 0x15ec IPNAT - ok
14:46:11.0204 0x15ec [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:46:11.0215 0x15ec IRENUM - ok
14:46:11.0219 0x15ec [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:46:11.0227 0x15ec isapnp - ok
14:46:11.0236 0x15ec [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:46:11.0249 0x15ec iScsiPrt - ok
14:46:11.0254 0x15ec [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:46:11.0262 0x15ec kbdclass - ok
14:46:11.0266 0x15ec [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:46:11.0275 0x15ec kbdhid - ok
14:46:11.0278 0x15ec [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] KeyIso C:\Windows\system32\lsass.exe
14:46:11.0287 0x15ec KeyIso - ok
14:46:11.0292 0x15ec [ F7DFAE6040AC910B7C64EE208A34157D, AEF1100F12391692D9DB78519D843A90C97E199A80DDC4D43E3AF1919A9E8E56 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:46:11.0302 0x15ec KSecDD - ok
14:46:11.0308 0x15ec [ 8FE94F2EF9BF444E93E35D87E210D02F, 78E8F6FD7C1EA3556194947707BE6893538A9E25A550C22045866C5B30251D14 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:46:11.0319 0x15ec KSecPkg - ok
14:46:11.0323 0x15ec [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:46:11.0346 0x15ec ksthunk - ok
14:46:11.0358 0x15ec [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
14:46:11.0388 0x15ec KtmRm - ok
14:46:11.0397 0x15ec [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:46:11.0425 0x15ec LanmanServer - ok
14:46:11.0431 0x15ec [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:46:11.0456 0x15ec LanmanWorkstation - ok
14:46:11.0463 0x15ec [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:46:11.0487 0x15ec lltdio - ok
14:46:11.0498 0x15ec [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:46:11.0527 0x15ec lltdsvc - ok
14:46:11.0531 0x15ec [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:46:11.0555 0x15ec lmhosts - ok
14:46:11.0563 0x15ec [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:46:11.0573 0x15ec LSI_FC - ok
14:46:11.0578 0x15ec [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:46:11.0588 0x15ec LSI_SAS - ok
14:46:11.0592 0x15ec [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:46:11.0601 0x15ec LSI_SAS2 - ok
14:46:11.0607 0x15ec [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:46:11.0616 0x15ec LSI_SCSI - ok
14:46:11.0622 0x15ec [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
14:46:11.0647 0x15ec luafv - ok
14:46:11.0652 0x15ec [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:46:11.0663 0x15ec Mcx2Svc - ok
14:46:11.0667 0x15ec [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:46:11.0675 0x15ec megasas - ok
14:46:11.0685 0x15ec [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:46:11.0697 0x15ec MegaSR - ok
14:46:11.0702 0x15ec [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
14:46:11.0726 0x15ec MMCSS - ok
14:46:11.0731 0x15ec [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
14:46:11.0754 0x15ec Modem - ok
14:46:11.0758 0x15ec [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:46:11.0768 0x15ec monitor - ok
14:46:11.0772 0x15ec [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:46:11.0781 0x15ec mouclass - ok
14:46:11.0784 0x15ec [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:46:11.0793 0x15ec mouhid - ok
14:46:11.0798 0x15ec [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:46:11.0807 0x15ec mountmgr - ok
14:46:11.0813 0x15ec [ 269BDB3CB77EB77BABE2862BEAB1F208, EC693365C73D59244CB77E181042128A9901BA5C1109CD4F1B9A2008DF1F9582 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:46:11.0824 0x15ec MozillaMaintenance - ok
14:46:11.0831 0x15ec [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:46:11.0841 0x15ec mpio - ok
14:46:11.0846 0x15ec [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:46:11.0870 0x15ec mpsdrv - ok
14:46:11.0893 0x15ec [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:46:11.0930 0x15ec MpsSvc - ok
14:46:11.0938 0x15ec [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:46:11.0948 0x15ec MRxDAV - ok
14:46:11.0955 0x15ec [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:46:11.0966 0x15ec mrxsmb - ok
14:46:11.0976 0x15ec [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:46:11.0989 0x15ec mrxsmb10 - ok
14:46:11.0995 0x15ec [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:46:12.0005 0x15ec mrxsmb20 - ok
14:46:12.0009 0x15ec [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
14:46:12.0017 0x15ec msahci - ok
14:46:12.0023 0x15ec [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:46:12.0033 0x15ec msdsm - ok
14:46:12.0039 0x15ec [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
14:46:12.0051 0x15ec MSDTC - ok
14:46:12.0058 0x15ec [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:46:12.0082 0x15ec Msfs - ok
14:46:12.0085 0x15ec [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:46:12.0109 0x15ec mshidkmdf - ok
14:46:12.0112 0x15ec [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:46:12.0120 0x15ec msisadrv - ok
14:46:12.0127 0x15ec [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:46:12.0153 0x15ec MSiSCSI - ok
14:46:12.0156 0x15ec msiserver - ok
14:46:12.0160 0x15ec [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:46:12.0183 0x15ec MSKSSRV - ok
14:46:12.0186 0x15ec [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:46:12.0210 0x15ec MSPCLOCK - ok
14:46:12.0213 0x15ec [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:46:12.0239 0x15ec MSPQM - ok
14:46:12.0250 0x15ec [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:46:12.0265 0x15ec MsRPC - ok
14:46:12.0271 0x15ec [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:46:12.0279 0x15ec mssmbios - ok
14:46:12.0282 0x15ec [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:46:12.0306 0x15ec MSTEE - ok
14:46:12.0310 0x15ec [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:46:12.0318 0x15ec MTConfig - ok
14:46:12.0322 0x15ec [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
14:46:12.0331 0x15ec Mup - ok
14:46:12.0346 0x15ec [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
14:46:12.0377 0x15ec napagent - ok
14:46:12.0388 0x15ec [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:46:12.0404 0x15ec NativeWifiP - ok
14:46:12.0430 0x15ec [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
14:46:12.0455 0x15ec NDIS - ok
14:46:12.0461 0x15ec [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:46:12.0486 0x15ec NdisCap - ok
14:46:12.0489 0x15ec [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:46:12.0513 0x15ec NdisTapi - ok
14:46:12.0517 0x15ec [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:46:12.0541 0x15ec Ndisuio - ok
14:46:12.0548 0x15ec [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:46:12.0573 0x15ec NdisWan - ok
14:46:12.0578 0x15ec [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:46:12.0601 0x15ec NDProxy - ok
14:46:12.0606 0x15ec [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:46:12.0610 0x15ec Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
14:46:15.0426 0x15ec Detect skipped due to KSN trusted
14:46:15.0426 0x15ec Net Driver HPZ12 - ok
14:46:16.0199 0x15ec [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:46:16.0224 0x15ec NetBIOS - ok
14:46:16.0233 0x15ec [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:46:16.0261 0x15ec NetBT - ok
14:46:16.0265 0x15ec [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] Netlogon C:\Windows\system32\lsass.exe
14:46:16.0273 0x15ec Netlogon - ok
14:46:16.0284 0x15ec [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
14:46:16.0314 0x15ec Netman - ok
14:46:16.0321 0x15ec [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:46:16.0333 0x15ec NetMsmqActivator - ok
14:46:16.0339 0x15ec [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:46:16.0350 0x15ec NetPipeActivator - ok
14:46:16.0364 0x15ec [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
14:46:16.0396 0x15ec netprofm - ok
14:46:16.0402 0x15ec [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:46:16.0414 0x15ec NetTcpActivator - ok
14:46:16.0420 0x15ec [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:46:16.0432 0x15ec NetTcpPortSharing - ok
14:46:16.0436 0x15ec [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:46:16.0445 0x15ec nfrd960 - ok
14:46:16.0455 0x15ec [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:46:16.0469 0x15ec NlaSvc - ok
14:46:16.0473 0x15ec [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:46:16.0497 0x15ec Npfs - ok
14:46:16.0501 0x15ec [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
14:46:16.0525 0x15ec nsi - ok
14:46:16.0529 0x15ec [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:46:16.0552 0x15ec nsiproxy - ok
14:46:16.0596 0x15ec [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:46:16.0634 0x15ec Ntfs - ok
14:46:16.0640 0x15ec [ D4012918D3A3847B44B888D56BC095D6, BE78F54CA01E8C37FD9129AA2869CCFE84BA8F5ED015486019305C7F40AE3B1B ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
14:46:16.0647 0x15ec NuidFltr - ok
14:46:16.0651 0x15ec [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
14:46:16.0674 0x15ec Null - ok
14:46:16.0679 0x15ec [ B227E75AD10A142DD326B4CC8D73A6D9, CA76D73381ADAB04E86D417788D4EDAAE8343B90DCC9690ED5FFB1C0B1F09057 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
14:46:16.0688 0x15ec nusb3hub - ok
14:46:16.0696 0x15ec [ 55959DB860E4E484681586824D09E52C, EEA42F7DF194A84F207A8DC3BA9BF9ACDBFFFA9C611DA9289528C7F64599563F ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
14:46:16.0707 0x15ec nusb3xhc - ok
14:46:16.0714 0x15ec [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:46:16.0725 0x15ec nvraid - ok
14:46:16.0731 0x15ec [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:46:16.0742 0x15ec nvstor - ok
14:46:16.0748 0x15ec [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:46:16.0758 0x15ec nv_agp - ok
14:46:16.0763 0x15ec [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:46:16.0773 0x15ec ohci1394 - ok
14:46:16.0875 0x15ec [ 880CD3C9ACE342F29AB2F90C751B91A4, 7882ED604EE443E182B323D9A38E35B49FD8C28EDC1196B65EDFABB22CBF6161 ] Origin Client Service E:\Spiele\Origin\OriginClientService.exe
14:46:16.0919 0x15ec Origin Client Service - ok
14:46:16.0933 0x15ec [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:46:16.0948 0x15ec p2pimsvc - ok
14:46:16.0962 0x15ec [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
14:46:16.0978 0x15ec p2psvc - ok
14:46:16.0984 0x15ec [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:46:16.0994 0x15ec Parport - ok
14:46:16.0999 0x15ec [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:46:17.0008 0x15ec partmgr - ok
14:46:17.0015 0x15ec [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:46:17.0027 0x15ec PcaSvc - ok
14:46:17.0034 0x15ec [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
14:46:17.0045 0x15ec pci - ok
14:46:17.0049 0x15ec [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
14:46:17.0057 0x15ec pciide - ok
14:46:17.0065 0x15ec [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:46:17.0077 0x15ec pcmcia - ok
14:46:17.0081 0x15ec [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
14:46:17.0090 0x15ec pcw - ok
14:46:17.0108 0x15ec [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:46:17.0128 0x15ec PEAUTH - ok
14:46:17.0163 0x15ec [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:46:17.0196 0x15ec PeerDistSvc - ok
14:46:17.0221 0x15ec [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:46:17.0230 0x15ec PerfHost - ok
14:46:17.0271 0x15ec [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
14:46:17.0319 0x15ec pla - ok
14:46:17.0335 0x15ec [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:46:17.0350 0x15ec PlugPlay - ok
14:46:17.0356 0x15ec [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:46:17.0361 0x15ec Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
14:46:20.0170 0x15ec Detect skipped due to KSN trusted
14:46:20.0170 0x15ec Pml Driver HPZ12 - ok
14:46:20.0173 0x15ec PnkBstrA - ok
14:46:20.0177 0x15ec [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:46:20.0186 0x15ec PNRPAutoReg - ok
14:46:20.0196 0x15ec [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:46:20.0210 0x15ec PNRPsvc - ok
14:46:20.0225 0x15ec [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:46:20.0257 0x15ec PolicyAgent - ok
14:46:20.0266 0x15ec [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
14:46:20.0292 0x15ec Power - ok
14:46:20.0298 0x15ec [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:46:20.0323 0x15ec PptpMiniport - ok
14:46:20.0327 0x15ec [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:46:20.0336 0x15ec Processor - ok
14:46:20.0345 0x15ec [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
14:46:20.0357 0x15ec ProfSvc - ok
14:46:20.0361 0x15ec [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:46:20.0369 0x15ec ProtectedStorage - ok
14:46:20.0375 0x15ec [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:46:20.0400 0x15ec Psched - ok
14:46:20.0439 0x15ec [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:46:20.0474 0x15ec ql2300 - ok
14:46:20.0482 0x15ec [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:46:20.0492 0x15ec ql40xx - ok
14:46:20.0501 0x15ec [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
14:46:20.0517 0x15ec QWAVE - ok
14:46:20.0521 0x15ec [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:46:20.0533 0x15ec QWAVEdrv - ok
14:46:20.0537 0x15ec [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:46:20.0560 0x15ec RasAcd - ok
14:46:20.0565 0x15ec [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:46:20.0589 0x15ec RasAgileVpn - ok
14:46:20.0595 0x15ec [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
14:46:20.0621 0x15ec RasAuto - ok
14:46:20.0627 0x15ec [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:46:20.0651 0x15ec Rasl2tp - ok
14:46:20.0662 0x15ec [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
14:46:20.0691 0x15ec RasMan - ok
14:46:20.0696 0x15ec [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:46:20.0721 0x15ec RasPppoe - ok
14:46:20.0726 0x15ec [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:46:20.0751 0x15ec RasSstp - ok
14:46:20.0761 0x15ec [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:46:20.0789 0x15ec rdbss - ok
14:46:20.0793 0x15ec [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:46:20.0803 0x15ec rdpbus - ok
14:46:20.0806 0x15ec [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:46:20.0829 0x15ec RDPCDD - ok
14:46:20.0837 0x15ec [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:46:20.0848 0x15ec RDPDR - ok
14:46:20.0851 0x15ec [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:46:20.0875 0x15ec RDPENCDD - ok
14:46:20.0879 0x15ec [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:46:20.0903 0x15ec RDPREFMP - ok
14:46:20.0908 0x15ec [ 065F79543D7999EC28B687F87E96B803, 6B235C422DCA79ABF0D051C066B2866643333F7ADB7AF914F6EEAC448AA59AAF ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:46:20.0916 0x15ec RdpVideoMiniport - ok
14:46:20.0924 0x15ec [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:46:20.0935 0x15ec RDPWD - ok
14:46:20.0943 0x15ec [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:46:20.0955 0x15ec rdyboost - ok
14:46:20.0960 0x15ec [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:46:20.0986 0x15ec RemoteAccess - ok
14:46:20.0993 0x15ec [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:46:21.0020 0x15ec RemoteRegistry - ok
14:46:21.0025 0x15ec [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:46:21.0050 0x15ec RpcEptMapper - ok
14:46:21.0054 0x15ec [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
14:46:21.0063 0x15ec RpcLocator - ok
14:46:21.0077 0x15ec [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
14:46:21.0109 0x15ec RpcSs - ok
14:46:21.0115 0x15ec [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:46:21.0140 0x15ec rspndr - ok
14:46:21.0147 0x15ec [ BAEFEE35D27A5440D35092CE10267BEC, FB550D38C01E07B1170C52C1441874B56DD3BECB10CBE8E132EE3276A05C796E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:46:21.0159 0x15ec RTL8167 - ok
14:46:21.0163 0x15ec [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] SamSs C:\Windows\system32\lsass.exe
14:46:21.0171 0x15ec SamSs - ok
14:46:21.0263 0x15ec [ 2EFD1F0324707E6BE4AF5A85B4F550E8, 51F09AE85635B6588C542CB3266529767CD288FF5DC4ABB0853852086FEC0D0D ] Samsung Link Service E:\Programme\Samsung link\Samsung Link\Samsung Link.exe
14:46:22.0201 0x15ec Samsung Link Service - ok
14:46:22.0208 0x15ec [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:46:22.0217 0x15ec sbp2port - ok
14:46:22.0224 0x15ec [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:46:22.0253 0x15ec SCardSvr - ok
14:46:22.0257 0x15ec [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:46:22.0280 0x15ec scfilter - ok
14:46:22.0308 0x15ec [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
14:46:22.0352 0x15ec Schedule - ok
14:46:22.0359 0x15ec [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:46:22.0383 0x15ec SCPolicySvc - ok
14:46:22.0390 0x15ec [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:46:22.0402 0x15ec SDRSVC - ok
14:46:22.0405 0x15ec [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:46:22.0429 0x15ec secdrv - ok
14:46:22.0433 0x15ec [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
14:46:22.0457 0x15ec seclogon - ok
14:46:22.0463 0x15ec [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
14:46:22.0488 0x15ec SENS - ok
14:46:22.0492 0x15ec [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:46:22.0501 0x15ec SensrSvc - ok
14:46:22.0504 0x15ec [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:46:22.0512 0x15ec Serenum - ok
14:46:22.0517 0x15ec [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:46:22.0527 0x15ec Serial - ok
14:46:22.0531 0x15ec [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:46:22.0539 0x15ec sermouse - ok
14:46:22.0549 0x15ec [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
14:46:22.0576 0x15ec SessionEnv - ok
14:46:22.0579 0x15ec [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:46:22.0589 0x15ec sffdisk - ok
14:46:22.0593 0x15ec [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:46:22.0602 0x15ec sffp_mmc - ok
14:46:22.0605 0x15ec [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:46:22.0614 0x15ec sffp_sd - ok
14:46:22.0618 0x15ec [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:46:22.0626 0x15ec sfloppy - ok
14:46:22.0637 0x15ec [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:46:22.0667 0x15ec SharedAccess - ok
14:46:22.0679 0x15ec [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:46:22.0710 0x15ec ShellHWDetection - ok
14:46:22.0714 0x15ec [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:46:22.0722 0x15ec SiSRaid2 - ok
14:46:22.0727 0x15ec [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:46:22.0736 0x15ec SiSRaid4 - ok
14:46:22.0741 0x15ec [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:46:22.0766 0x15ec Smb - ok
14:46:22.0773 0x15ec [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:46:22.0782 0x15ec SNMPTRAP - ok
14:46:22.0786 0x15ec [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
14:46:22.0794 0x15ec spldr - ok
14:46:22.0810 0x15ec [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
14:46:22.0830 0x15ec Spooler - ok
14:46:22.0916 0x15ec [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
14:46:23.0006 0x15ec sppsvc - ok
14:46:23.0016 0x15ec [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:46:23.0041 0x15ec sppuinotify - ok
14:46:23.0055 0x15ec [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:46:23.0072 0x15ec srv - ok
14:46:23.0085 0x15ec [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:46:23.0100 0x15ec srv2 - ok
14:46:23.0108 0x15ec [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:46:23.0119 0x15ec srvnet - ok
14:46:23.0126 0x15ec [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:46:23.0155 0x15ec SSDPSRV - ok
14:46:23.0160 0x15ec [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:46:23.0185 0x15ec SstpSvc - ok
14:46:23.0189 0x15ec [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:46:23.0197 0x15ec stexstor - ok
14:46:23.0213 0x15ec [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
14:46:23.0236 0x15ec stisvc - ok
14:46:23.0240 0x15ec [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
14:46:23.0248 0x15ec swenum - ok
14:46:23.0263 0x15ec [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
14:46:23.0296 0x15ec swprv - ok
14:46:23.0300 0x15ec Synth3dVsc - ok
14:46:23.0344 0x15ec [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
14:46:23.0388 0x15ec SysMain - ok
14:46:23.0396 0x15ec [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:46:23.0409 0x15ec TabletInputService - ok
14:46:23.0420 0x15ec [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
14:46:23.0449 0x15ec TapiSrv - ok
14:46:23.0454 0x15ec [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
14:46:23.0479 0x15ec TBS - ok
14:46:23.0526 0x15ec [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:46:23.0568 0x15ec Tcpip - ok
14:46:23.0618 0x15ec [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:46:23.0660 0x15ec TCPIP6 - ok
14:46:23.0669 0x15ec [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:46:23.0678 0x15ec tcpipreg - ok
14:46:23.0683 0x15ec [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:46:23.0691 0x15ec TDPIPE - ok
14:46:23.0695 0x15ec [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:46:23.0703 0x15ec TDTCP - ok
14:46:23.0708 0x15ec [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:46:23.0718 0x15ec tdx - ok
14:46:23.0722 0x15ec [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
14:46:23.0731 0x15ec TermDD - ok
14:46:23.0750 0x15ec [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
14:46:23.0771 0x15ec TermService - ok
14:46:23.0776 0x15ec [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
14:46:23.0789 0x15ec Themes - ok
14:46:23.0794 0x15ec [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
14:46:23.0819 0x15ec THREADORDER - ok
14:46:23.0825 0x15ec [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
14:46:23.0851 0x15ec TrkWks - ok
14:46:23.0858 0x15ec [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:46:23.0883 0x15ec TrustedInstaller - ok
14:46:23.0889 0x15ec [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:46:23.0897 0x15ec tssecsrv - ok
14:46:23.0902 0x15ec [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:46:23.0910 0x15ec TsUsbFlt - ok
14:46:23.0913 0x15ec tsusbhub - ok
14:46:23.0919 0x15ec [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:46:23.0944 0x15ec tunnel - ok
14:46:23.0949 0x15ec [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:46:23.0957 0x15ec uagp35 - ok
14:46:23.0969 0x15ec [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:46:23.0996 0x15ec udfs - ok
14:46:24.0004 0x15ec [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:46:24.0014 0x15ec UI0Detect - ok
14:46:24.0018 0x15ec [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:46:24.0027 0x15ec uliagpkx - ok
14:46:24.0031 0x15ec [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:46:24.0040 0x15ec umbus - ok
14:46:24.0043 0x15ec [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:46:24.0051 0x15ec UmPass - ok
14:46:24.0059 0x15ec [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
14:46:24.0071 0x15ec UmRdpService - ok
14:46:24.0083 0x15ec [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
14:46:24.0113 0x15ec upnphost - ok
14:46:24.0119 0x15ec [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:46:24.0129 0x15ec usbccgp - ok
14:46:24.0134 0x15ec [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:46:24.0143 0x15ec usbcir - ok
14:46:24.0148 0x15ec [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:46:24.0156 0x15ec usbehci - ok
14:46:24.0167 0x15ec [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:46:24.0181 0x15ec usbhub - ok
14:46:24.0185 0x15ec [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:46:24.0193 0x15ec usbohci - ok
14:46:24.0196 0x15ec [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:46:24.0206 0x15ec usbprint - ok
14:46:24.0212 0x15ec [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:46:24.0221 0x15ec USBSTOR - ok
14:46:24.0225 0x15ec [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:46:24.0233 0x15ec usbuhci - ok
14:46:24.0237 0x15ec [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
14:46:24.0262 0x15ec UxSms - ok
14:46:24.0265 0x15ec [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] VaultSvc C:\Windows\system32\lsass.exe
14:46:24.0274 0x15ec VaultSvc - ok
14:46:24.0277 0x15ec [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:46:24.0286 0x15ec vdrvroot - ok
14:46:24.0301 0x15ec [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
14:46:24.0334 0x15ec vds - ok
14:46:24.0339 0x15ec [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:46:24.0349 0x15ec vga - ok
14:46:24.0352 0x15ec [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:46:24.0376 0x15ec VgaSave - ok
14:46:24.0379 0x15ec VGPU - ok
14:46:24.0387 0x15ec [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:46:24.0399 0x15ec vhdmp - ok
14:46:24.0402 0x15ec [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
14:46:24.0410 0x15ec viaide - ok
14:46:24.0414 0x15ec [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:46:24.0424 0x15ec volmgr - ok
14:46:24.0435 0x15ec [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:46:24.0449 0x15ec volmgrx - ok
14:46:24.0460 0x15ec [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:46:24.0472 0x15ec volsnap - ok
14:46:24.0479 0x15ec [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:46:24.0490 0x15ec vsmraid - ok
14:46:24.0531 0x15ec [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
14:46:24.0582 0x15ec VSS - ok
14:46:24.0588 0x15ec [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:46:24.0598 0x15ec vwifibus - ok
14:46:24.0603 0x15ec [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:46:24.0614 0x15ec vwififlt - ok
14:46:24.0626 0x15ec [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
14:46:24.0657 0x15ec W32Time - ok
14:46:24.0663 0x15ec [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:46:24.0671 0x15ec WacomPen - ok
14:46:24.0676 0x15ec [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:46:24.0699 0x15ec WANARP - ok
14:46:24.0703 0x15ec [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:46:24.0727 0x15ec Wanarpv6 - ok
14:46:24.0766 0x15ec [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
14:46:24.0801 0x15ec wbengine - ok
14:46:24.0812 0x15ec [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:46:24.0827 0x15ec WbioSrvc - ok
14:46:24.0839 0x15ec [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:46:24.0858 0x15ec wcncsvc - ok
14:46:24.0863 0x15ec [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:46:24.0872 0x15ec WcsPlugInService - ok
14:46:24.0876 0x15ec [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:46:24.0884 0x15ec Wd - ok
14:46:24.0906 0x15ec [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:46:24.0930 0x15ec Wdf01000 - ok
14:46:24.0936 0x15ec [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:46:24.0947 0x15ec WdiServiceHost - ok
14:46:24.0953 0x15ec [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:46:24.0963 0x15ec WdiSystemHost - ok
14:46:24.0972 0x15ec [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
14:46:24.0985 0x15ec WebClient - ok
14:46:24.0994 0x15ec [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:46:25.0022 0x15ec Wecsvc - ok
14:46:25.0028 0x15ec [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:46:25.0053 0x15ec wercplsupport - ok
14:46:25.0058 0x15ec [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
14:46:25.0083 0x15ec WerSvc - ok
14:46:25.0087 0x15ec [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:46:25.0110 0x15ec WfpLwf - ok
14:46:25.0114 0x15ec [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:46:25.0122 0x15ec WIMMount - ok
14:46:25.0125 0x15ec WinDefend - ok
14:46:25.0130 0x15ec WinHttpAutoProxySvc - ok
14:46:25.0143 0x15ec [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:46:25.0171 0x15ec Winmgmt - ok
14:46:25.0222 0x15ec [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
14:46:25.0268 0x15ec WinRM - ok
14:46:25.0279 0x15ec [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:46:25.0289 0x15ec WinUsb - ok
14:46:25.0313 0x15ec [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:46:25.0341 0x15ec Wlansvc - ok
14:46:25.0346 0x15ec [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:46:25.0354 0x15ec WmiAcpi - ok
14:46:25.0363 0x15ec [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:46:25.0375 0x15ec wmiApSrv - ok
14:46:25.0378 0x15ec WMPNetworkSvc - ok
14:46:25.0382 0x15ec [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:46:25.0391 0x15ec WPCSvc - ok
14:46:25.0397 0x15ec [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:46:25.0408 0x15ec WPDBusEnum - ok
14:46:25.0412 0x15ec [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:46:25.0436 0x15ec ws2ifsl - ok
14:46:25.0441 0x15ec [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
14:46:25.0455 0x15ec wscsvc - ok
14:46:25.0458 0x15ec [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
14:46:25.0468 0x15ec WSDPrintDevice - ok
14:46:25.0471 0x15ec WSearch - ok
14:46:25.0537 0x15ec [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv C:\Windows\system32\wuaueng.dll
14:46:25.0594 0x15ec wuauserv - ok
14:46:25.0604 0x15ec [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:46:25.0614 0x15ec WudfPf - ok
14:46:25.0621 0x15ec [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:46:25.0632 0x15ec WUDFRd - ok
14:46:25.0638 0x15ec [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:46:25.0648 0x15ec wudfsvc - ok
14:46:25.0657 0x15ec [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:46:25.0669 0x15ec WwanSvc - ok
14:46:25.0674 0x15ec ================ Scan global ===============================
14:46:25.0677 0x15ec [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:46:25.0685 0x15ec [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
14:46:25.0695 0x15ec [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
14:46:25.0702 0x15ec [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:46:25.0712 0x15ec [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
14:46:25.0718 0x15ec [ Global ] - ok
14:46:25.0718 0x15ec ================ Scan MBR ==================================
14:46:25.0745 0x15ec [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
14:46:26.0845 0x15ec \Device\Harddisk2\DR2 - ok
14:46:27.0296 0x15ec [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:46:27.0320 0x15ec \Device\Harddisk0\DR0 - ok
14:46:27.0322 0x15ec [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:46:27.0361 0x15ec \Device\Harddisk1\DR1 - ok
14:46:27.0361 0x15ec ================ Scan VBR ==================================
14:46:27.0363 0x15ec [ F41C309A16CF0B3CF1EDA9FDE1F60D4C ] \Device\Harddisk2\DR2\Partition1
14:46:27.0364 0x15ec \Device\Harddisk2\DR2\Partition1 - ok
14:46:27.0376 0x15ec [ 32F45FC91BFA240F1710308996751541 ] \Device\Harddisk2\DR2\Partition2
14:46:27.0377 0x15ec \Device\Harddisk2\DR2\Partition2 - ok
14:46:27.0379 0x15ec [ DEC901CC08F94125A700D54CA7EE255B ] \Device\Harddisk0\DR0\Partition1
14:46:27.0380 0x15ec \Device\Harddisk0\DR0\Partition1 - ok
14:46:27.0382 0x15ec [ F2C61AB849DD5D98EA528CA1303CC27A ] \Device\Harddisk1\DR1\Partition1
14:46:27.0383 0x15ec \Device\Harddisk1\DR1\Partition1 - ok
14:46:27.0384 0x15ec ================ Scan generic autorun ======================
14:46:27.0471 0x15ec [ 5FC6AD6AE07F8827F954C4C6B73568E2, 6A2C1328BFBFB8D41CE268C2D1C26B1E2FCF2E426A98A740536689FB568ACFE9 ] E:\Programme\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
14:46:27.0492 0x15ec StartCCC - ok
14:46:27.0498 0x15ec [ 6FF2721124AEAEC319740A0D0FEC19F1, 79DB5A5FE98D6D2231A9053247507D9F6C45E3A4614E19695FC281E9B98CC4E0 ] C:\Program Files (x86)\Raptr\raptrstub.exe
14:46:27.0506 0x15ec Raptr - ok
14:46:27.0548 0x15ec [ A6ABD4AF02AB03676DEA55F383ABC7C2, 62F838618C78A297D970EC58F97F2D843EBFEF2D81754D658664BEEED79BFB50 ] E:\Programme\Antivir\Avira\AntiVir Desktop\avgnt.exe
14:46:27.0567 0x15ec avgnt - ok
14:46:27.0573 0x15ec [ 8943465BEFA91044227D42E84ECB8280, 76D19CE3EB7E6C6573F250543CDC10B3601604535BFB756805AE246FA55AC265 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
14:46:27.0583 0x15ec NUSB3MON - ok
14:46:27.0664 0x15ec [ 896D82F37C85148178EF565132296781, 9F0495986578F5A2A0884C4F15502D3C7E20C4BB57A1D6301F9396DEFE978E41 ] E:\Programme\Speedlink\Monitor.exe
14:46:27.0705 0x15ec SL-6482 Gaming Keyboard - detected UnsignedFile.Multi.Generic ( 1 )
14:46:30.0905 0x15ec SL-6482 Gaming Keyboard ( UnsignedFile.Multi.Generic ) - warning
14:46:34.0059 0x15ec [ 5120CD65A74A5E054FB2B0577688024C, 2C771743C797ED2F94E4C0CD7472D20532DB6C3E95DEB0DA4D14D6B5469EE273 ] C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
14:46:34.0069 0x15ec Avira Systray - ok
14:46:34.0099 0x15ec [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:46:34.0128 0x15ec Sidebar - ok
14:46:34.0135 0x15ec [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:46:34.0148 0x15ec mctadmin - ok
14:46:34.0179 0x15ec [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:46:34.0208 0x15ec Sidebar - ok
14:46:34.0215 0x15ec [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:46:34.0227 0x15ec mctadmin - ok
14:46:34.0411 0x15ec [ F679E30A5F7CE39F7FA134E61BD2D6D3, 84BD25FFF9C47AC5A00E225DCF03D82A79FE036E3B553D2D81254F2F1FC120A1 ] C:\Program Files\CCleaner\CCleaner64.exe
14:46:34.0555 0x15ec CCleaner Monitoring - ok
14:46:34.0620 0x15ec [ E602DFD7B38FFA0C4E39CA6CFBCC44F8, 8F1E2F7559606D6165C4147CD8B223FC8352AC30491B67F7F9162D51B005C40A ] C:\Users\Hans\AppData\Roaming\Spotify\SpotifyWebHelper.exe
14:46:34.0663 0x15ec Spotify Web Helper - ok
14:46:34.0668 0x15ec Waiting for KSN requests completion. In queue: 7
14:46:35.0668 0x15ec Waiting for KSN requests completion. In queue: 7
14:46:36.0668 0x15ec Waiting for KSN requests completion. In queue: 7
14:46:37.0676 0x15ec AV detected via SS2: Avira Antivirus, E:\Programme\Antivir\Avira\AntiVir Desktop\wsctool.exe ( 15.0.11.550 ), 0x41000 ( enabled : updated )
14:46:37.0679 0x15ec Win FW state via NFP2: enabled
14:46:40.0344 0x15ec ============================================================
14:46:40.0344 0x15ec Scan finished
14:46:40.0344 0x15ec ============================================================
14:46:40.0350 0x15e0 Detected object count: 1
14:46:40.0351 0x15e0 Actual detected object count: 1
14:46:42.0826 0x15e0 SL-6482 Gaming Keyboard ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:42.0826 0x15e0 SL-6482 Gaming Keyboard ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:49.0361 0x12c4 Deinitialize success
|
|
20.07.2015, 07:35
| #4 |
| /// the machine /// TB-Ausbilder | Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.07.2015, 15:02
| #5 |
| | Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler hi, link leider nicht erreichbar. |
|
21.07.2015, 06:55
| #6 |
| /// the machine /// TB-Ausbilder | Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler geht bei mir wunderbar. Av Programm abschalten.
__________________ --> Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler |
|
21.07.2015, 21:34
| #7 |
| | Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler Ging wenig später dann auch bei mir. Habe immer im Abgesicherten Modus diese Programme laufen lassen. Da sollte es mit AV keine Probleme gegeben haben . Combofix Code:
ATTFilter ComboFix 15-07-20.01 - Hans 21.07.2015 21:16:49.1.6 - x64 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.8190.7481 [GMT 2:00]
ausgeführt von:: c:\users\Hans\Desktop\Trojanerboard\ComboFix.exe
AV: Avira Antivirus *Enabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Enabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-06-21 bis 2015-07-21 ))))))))))))))))))))))))))))))
.
.
2015-07-21 19:18 . 2015-07-21 19:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-20 17:20 . 2015-07-15 03:19 41984 ----a-w- c:\windows\system32\lpk.dll
2015-07-20 17:20 . 2015-07-15 03:19 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-07-20 17:20 . 2015-07-15 03:19 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-07-20 17:20 . 2015-07-15 03:19 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-07-20 17:20 . 2015-07-15 02:55 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-07-20 17:20 . 2015-07-15 02:55 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-07-20 17:20 . 2015-07-15 02:55 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-07-20 17:20 . 2015-07-15 02:54 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-07-20 17:20 . 2015-07-15 01:59 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-07-20 17:20 . 2015-07-15 01:52 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-07-19 12:12 . 2015-07-19 12:12 -------- d-----w- c:\programdata\Malwarebytes
2015-07-19 12:12 . 2015-07-19 12:33 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-07-19 12:12 . 2015-07-19 12:12 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-19 12:09 . 2015-07-19 12:09 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-07-18 22:03 . 2015-07-18 22:03 -------- d-----w- c:\users\Hans\AppData\Local\GWX
2015-07-17 21:25 . 2015-07-21 17:55 226680 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2015-07-17 21:23 . 2015-07-17 21:23 -------- d-----w- c:\windows\CheckSur
2015-07-15 20:19 . 2015-07-15 20:20 -------- d-----w- C:\FRST
2015-07-15 19:16 . 2015-07-15 19:16 -------- d-----w- c:\users\Hans\AppData\Local\Diagnostics
2015-07-15 18:27 . 2015-07-15 18:27 -------- d-----w- c:\windows\Migration
2015-07-15 17:58 . 2015-07-09 17:58 37888 ----a-w- c:\windows\system32\wups2.dll
2015-07-15 17:55 . 2015-07-09 17:59 17856 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-07-15 17:55 . 2015-07-09 17:58 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-07-15 17:55 . 2015-07-09 17:58 765440 ----a-w- c:\windows\system32\invagent.dll
2015-07-15 17:55 . 2015-07-09 17:58 433664 ----a-w- c:\windows\system32\devinv.dll
2015-07-15 17:55 . 2015-07-09 17:58 1085440 ----a-w- c:\windows\system32\appraiser.dll
2015-07-15 17:55 . 2015-07-09 17:58 67584 ----a-w- c:\windows\system32\acmigration.dll
2015-07-15 17:55 . 2015-07-09 17:58 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-07-15 17:55 . 2015-07-09 17:50 1145856 ----a-w- c:\windows\system32\aeinv.dll
2015-07-15 17:55 . 2015-06-03 20:16 193536 ----a-w- c:\windows\system32\aepic.dll
2015-07-15 17:45 . 2015-06-11 17:56 1112576 ----a-w- c:\windows\system32\rdpcorets.dll
2015-07-15 17:45 . 2015-06-11 17:16 162816 ----a-w- c:\windows\system32\rdpudd.dll
2015-07-15 17:45 . 2015-06-11 17:15 20992 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2015-07-06 18:32 . 2015-07-06 18:32 -------- d-----w- c:\program files (x86)\Avira
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-20 20:07 . 2015-04-16 04:15 226680 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2015-07-14 19:51 . 2015-04-15 18:22 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-14 19:51 . 2015-04-15 18:22 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-10 11:49 . 2015-04-16 13:01 153256 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-06-10 11:49 . 2015-04-16 13:01 132656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-05-05 01:29 . 2015-05-13 13:47 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-05 01:12 . 2015-05-13 13:47 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-01 13:17 . 2015-05-13 22:14 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-13 22:14 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-27 19:28 . 2015-05-13 13:45 5569984 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-04-27 19:28 . 2015-05-13 13:45 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-04-27 19:28 . 2015-05-13 13:45 155584 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-04-27 19:26 . 2015-05-13 13:45 1728960 ----a-w- c:\windows\system32\ntdll.dll
2015-04-27 19:23 . 2015-05-13 13:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-04-27 19:23 . 2015-05-13 13:45 243712 ----a-w- c:\windows\system32\wow64.dll
2015-04-27 19:23 . 2015-05-13 13:45 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-04-27 19:23 . 2015-05-13 13:45 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-04-27 19:23 . 2015-05-13 13:45 210944 ----a-w- c:\windows\system32\wdigest.dll
2015-04-27 19:23 . 2015-05-13 13:45 1254400 ----a-w- c:\windows\system32\diagtrack.dll
2015-04-27 19:23 . 2015-05-13 13:45 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-04-27 19:23 . 2015-05-13 13:45 879104 ----a-w- c:\windows\system32\tdh.dll
2015-04-27 19:23 . 2015-05-13 13:45 29184 ----a-w- c:\windows\system32\sspisrv.dll
2015-04-27 19:23 . 2015-05-13 13:45 136192 ----a-w- c:\windows\system32\sspicli.dll
2015-04-27 19:23 . 2015-05-13 13:45 503808 ----a-w- c:\windows\system32\srcore.dll
2015-04-27 19:23 . 2015-05-13 13:45 50176 ----a-w- c:\windows\system32\srclient.dll
2015-04-27 19:23 . 2015-05-13 13:45 28160 ----a-w- c:\windows\system32\secur32.dll
2015-04-27 19:23 . 2015-05-13 13:45 113664 ----a-w- c:\windows\system32\sechost.dll
2015-04-27 19:23 . 2015-05-13 13:45 314880 ----a-w- c:\windows\system32\msv1_0.dll
2015-04-27 19:23 . 2015-05-13 13:45 309760 ----a-w- c:\windows\system32\ncrypt.dll
2015-04-27 19:23 . 2015-05-13 13:45 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-04-27 19:23 . 2015-05-13 13:45 728064 ----a-w- c:\windows\system32\kerberos.dll
2015-04-27 19:23 . 2015-05-13 13:45 424448 ----a-w- c:\windows\system32\KernelBase.dll
2015-04-27 19:23 . 2015-05-13 13:45 1461760 ----a-w- c:\windows\system32\lsasrv.dll
2015-04-27 19:23 . 2015-05-13 13:45 1162752 ----a-w- c:\windows\system32\kernel32.dll
2015-04-27 19:23 . 2015-05-13 13:45 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-04-27 19:23 . 2015-05-13 13:45 22016 ----a-w- c:\windows\system32\credssp.dll
2015-04-27 19:23 . 2015-05-13 13:45 879104 ----a-w- c:\windows\system32\advapi32.dll
2015-04-27 19:22 . 2015-05-13 13:45 47104 ----a-w- c:\windows\system32\typeperf.exe
2015-04-27 19:22 . 2015-05-13 13:45 404992 ----a-w- c:\windows\system32\tracerpt.exe
2015-04-27 19:22 . 2015-05-13 13:45 112640 ----a-w- c:\windows\system32\smss.exe
2015-04-27 19:22 . 2015-05-13 13:45 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-04-27 19:22 . 2015-05-13 13:45 43008 ----a-w- c:\windows\system32\relog.exe
2015-04-27 19:22 . 2015-05-13 13:45 31232 ----a-w- c:\windows\system32\lsass.exe
2015-04-27 19:22 . 2015-05-13 13:45 104448 ----a-w- c:\windows\system32\logman.exe
2015-04-27 19:22 . 2015-05-13 13:45 19456 ----a-w- c:\windows\system32\diskperf.exe
2015-04-27 19:22 . 2015-05-13 13:45 338432 ----a-w- c:\windows\system32\conhost.exe
2015-04-27 19:21 . 2015-05-13 13:45 64000 ----a-w- c:\windows\system32\auditpol.exe
2015-04-27 19:18 . 2015-05-13 13:45 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-04-27 19:18 . 2015-05-13 13:45 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-04-27 19:16 . 2015-05-13 13:45 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-04-27 19:16 . 2015-05-13 13:45 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 686080 ----a-w- c:\windows\system32\adtschema.dll
2015-04-27 19:11 . 2015-05-13 13:45 3934144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-04-27 19:11 . 2015-05-13 13:45 3989440 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-04-27 19:08 . 2015-05-13 13:45 1310744 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-04-27 19:05 . 2015-05-13 13:45 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-04-27 19:05 . 2015-05-13 13:45 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-04-27 19:05 . 2015-05-13 13:45 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2015-04-27 19:05 . 2015-05-13 13:45 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-04-27 19:05 . 2015-05-13 13:45 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-04-27 19:05 . 2015-05-13 13:45 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2015-04-27 19:05 . 2015-05-13 13:45 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2015-04-27 19:05 . 2015-05-13 13:45 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2015-04-27 19:05 . 2015-05-13 13:45 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2015-04-27 19:04 . 2015-05-13 13:45 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2015-04-27 19:04 . 2015-05-13 13:45 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2015-04-27 19:04 . 2015-05-13 13:45 641536 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-04-27 19:04 . 2015-05-13 13:45 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-04-27 19:04 . 2015-05-13 13:45 40448 ----a-w- c:\windows\SysWow64\typeperf.exe
2015-04-27 19:04 . 2015-05-13 13:45 364544 ----a-w- c:\windows\SysWow64\tracerpt.exe
2015-04-27 19:04 . 2015-05-13 13:45 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2015-04-27 19:04 . 2015-05-13 13:45 37888 ----a-w- c:\windows\SysWow64\relog.exe
2015-04-27 19:04 . 2015-05-13 13:45 82944 ----a-w- c:\windows\SysWow64\logman.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-03-13 7451928]
"Spotify Web Helper"="c:\users\Hans\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-07-02 2030648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="e:\programme\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-20 767176]
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2015-05-15 55568]
"avgnt"="e:\programme\Antivir\Avira\AntiVir Desktop\avgnt.exe" [2015-06-10 730416]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-16 115048]
"SL-6482 Gaming Keyboard"="e:\programme\Speedlink\Monitor.exe" [2014-04-21 1976832]
"Avira Systray"="c:\program files (x86)\Avira\Launcher\Avira.Systray.exe" [2015-06-02 134368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R2 AntiVirMailService;Avira Email-Schutz;e:\programme\Antivir\Avira\AntiVir Desktop\avmailc7.exe;e:\programme\Antivir\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirSchedulerService;Avira Planer;e:\programme\Antivir\Avira\AntiVir Desktop\sched.exe;e:\programme\Antivir\Avira\AntiVir Desktop\sched.exe [x]
R2 AntiVirWebService;Avira Browser-Schutz;e:\programme\Antivir\Avira\AntiVir Desktop\avwebg7.exe;e:\programme\Antivir\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
R2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 Samsung Link Service;Samsung Link Service;e:\programme\Samsung link\Samsung Link\Samsung Link.exe;e:\programme\Samsung link\Samsung Link\Samsung Link.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Origin Client Service;Origin Client Service;e:\spiele\Origin\OriginClientService.exe;e:\spiele\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15 19:51]
.
.
--------- X64 Entries -----------
.
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\
FF - prefs.js: browser.startup.homepage - google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2952664~31bf3856ad364e35~amd64~~6.1.12.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2984976~31bf3856ad364e35~amd64~~6.1.1.3]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000000
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3035583~31bf3856ad364e35~amd64~~6.1.1.29]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3065822~31bf3856ad364e35~amd64~~11.2.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3065987~31bf3856ad364e35~amd64~~6.1.2.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3067903~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3067904~31bf3856ad364e35~amd64~~6.1.1.2]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3069392~31bf3856ad364e35~amd64~~6.1.1.1]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3069762~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000000
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3070102~31bf3856ad364e35~amd64~~6.1.1.2]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3070738~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000000
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3072630~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3072633~31bf3856ad364e35~amd64~~6.1.1.1]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3074886~31bf3856ad364e35~amd64~~11.2.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3075516~31bf3856ad364e35~amd64~~11.2.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3077657~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-07-21 21:19:25
ComboFix-quarantined-files.txt 2015-07-21 19:19
.
Vor Suchlauf: 8 Verzeichnis(se), 20.441.919.488 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 20.190.187.520 Bytes frei
.
- - End Of File - - BD57C40A005BF083D5BF53F1315DAEAA
A36C5E4F47E84449FF07ED3517B43A31
Code:
ATTFilter ComboFix 15-07-20.01 - Hans 21.07.2015 22:27:07.2.6 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.8190.6655 [GMT 2:00]
ausgeführt von:: c:\users\Hans\Desktop\Trojanerboard\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Hans\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-06-21 bis 2015-07-21 ))))))))))))))))))))))))))))))
.
.
2015-07-20 17:20 . 2015-07-15 03:19 41984 ----a-w- c:\windows\system32\lpk.dll
2015-07-20 17:20 . 2015-07-15 03:19 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-07-20 17:20 . 2015-07-15 03:19 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-07-20 17:20 . 2015-07-15 03:19 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-07-20 17:20 . 2015-07-15 02:55 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-07-20 17:20 . 2015-07-15 02:55 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-07-20 17:20 . 2015-07-15 02:55 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-07-20 17:20 . 2015-07-15 02:54 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-07-20 17:20 . 2015-07-15 01:59 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-07-20 17:20 . 2015-07-15 01:52 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-07-19 12:12 . 2015-07-19 12:12 -------- d-----w- c:\programdata\Malwarebytes
2015-07-19 12:12 . 2015-07-19 12:33 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-07-19 12:12 . 2015-07-19 12:12 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-19 12:09 . 2015-07-19 12:09 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-07-18 22:03 . 2015-07-18 22:03 -------- d-----w- c:\users\Hans\AppData\Local\GWX
2015-07-17 21:25 . 2015-07-21 17:55 226680 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2015-07-17 21:23 . 2015-07-17 21:23 -------- d-----w- c:\windows\CheckSur
2015-07-15 20:19 . 2015-07-15 20:20 -------- d-----w- C:\FRST
2015-07-15 19:16 . 2015-07-15 19:16 -------- d-----w- c:\users\Hans\AppData\Local\Diagnostics
2015-07-15 18:27 . 2015-07-15 18:27 -------- d-----w- c:\windows\Migration
2015-07-15 17:58 . 2015-07-09 17:58 37888 ----a-w- c:\windows\system32\wups2.dll
2015-07-15 17:55 . 2015-07-09 17:59 17856 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-07-15 17:55 . 2015-07-09 17:58 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-07-15 17:55 . 2015-07-09 17:58 765440 ----a-w- c:\windows\system32\invagent.dll
2015-07-15 17:55 . 2015-07-09 17:58 433664 ----a-w- c:\windows\system32\devinv.dll
2015-07-15 17:55 . 2015-07-09 17:58 1085440 ----a-w- c:\windows\system32\appraiser.dll
2015-07-15 17:55 . 2015-07-09 17:58 67584 ----a-w- c:\windows\system32\acmigration.dll
2015-07-15 17:55 . 2015-07-09 17:58 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-07-15 17:55 . 2015-07-09 17:50 1145856 ----a-w- c:\windows\system32\aeinv.dll
2015-07-15 17:55 . 2015-06-03 20:16 193536 ----a-w- c:\windows\system32\aepic.dll
2015-07-15 17:45 . 2015-06-11 17:56 1112576 ----a-w- c:\windows\system32\rdpcorets.dll
2015-07-15 17:45 . 2015-06-11 17:16 162816 ----a-w- c:\windows\system32\rdpudd.dll
2015-07-15 17:45 . 2015-06-11 17:15 20992 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2015-07-06 18:32 . 2015-07-06 18:32 -------- d-----w- c:\program files (x86)\Avira
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-20 20:07 . 2015-04-16 04:15 226680 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2015-07-14 19:51 . 2015-04-15 18:22 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-14 19:51 . 2015-04-15 18:22 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-10 11:49 . 2015-04-16 13:01 153256 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-06-10 11:49 . 2015-04-16 13:01 132656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-05-05 01:29 . 2015-05-13 13:47 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-05 01:12 . 2015-05-13 13:47 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-01 13:17 . 2015-05-13 22:14 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-13 22:14 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-27 19:28 . 2015-05-13 13:45 5569984 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-04-27 19:28 . 2015-05-13 13:45 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-04-27 19:28 . 2015-05-13 13:45 155584 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-04-27 19:26 . 2015-05-13 13:45 1728960 ----a-w- c:\windows\system32\ntdll.dll
2015-04-27 19:23 . 2015-05-13 13:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-04-27 19:23 . 2015-05-13 13:45 243712 ----a-w- c:\windows\system32\wow64.dll
2015-04-27 19:23 . 2015-05-13 13:45 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-04-27 19:23 . 2015-05-13 13:45 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-04-27 19:23 . 2015-05-13 13:45 210944 ----a-w- c:\windows\system32\wdigest.dll
2015-04-27 19:23 . 2015-05-13 13:45 1254400 ----a-w- c:\windows\system32\diagtrack.dll
2015-04-27 19:23 . 2015-05-13 13:45 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-04-27 19:23 . 2015-05-13 13:45 879104 ----a-w- c:\windows\system32\tdh.dll
2015-04-27 19:23 . 2015-05-13 13:45 29184 ----a-w- c:\windows\system32\sspisrv.dll
2015-04-27 19:23 . 2015-05-13 13:45 136192 ----a-w- c:\windows\system32\sspicli.dll
2015-04-27 19:23 . 2015-05-13 13:45 503808 ----a-w- c:\windows\system32\srcore.dll
2015-04-27 19:23 . 2015-05-13 13:45 50176 ----a-w- c:\windows\system32\srclient.dll
2015-04-27 19:23 . 2015-05-13 13:45 28160 ----a-w- c:\windows\system32\secur32.dll
2015-04-27 19:23 . 2015-05-13 13:45 113664 ----a-w- c:\windows\system32\sechost.dll
2015-04-27 19:23 . 2015-05-13 13:45 314880 ----a-w- c:\windows\system32\msv1_0.dll
2015-04-27 19:23 . 2015-05-13 13:45 309760 ----a-w- c:\windows\system32\ncrypt.dll
2015-04-27 19:23 . 2015-05-13 13:45 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-04-27 19:23 . 2015-05-13 13:45 728064 ----a-w- c:\windows\system32\kerberos.dll
2015-04-27 19:23 . 2015-05-13 13:45 424448 ----a-w- c:\windows\system32\KernelBase.dll
2015-04-27 19:23 . 2015-05-13 13:45 1461760 ----a-w- c:\windows\system32\lsasrv.dll
2015-04-27 19:23 . 2015-05-13 13:45 1162752 ----a-w- c:\windows\system32\kernel32.dll
2015-04-27 19:23 . 2015-05-13 13:45 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-04-27 19:23 . 2015-05-13 13:45 22016 ----a-w- c:\windows\system32\credssp.dll
2015-04-27 19:23 . 2015-05-13 13:45 879104 ----a-w- c:\windows\system32\advapi32.dll
2015-04-27 19:22 . 2015-05-13 13:45 47104 ----a-w- c:\windows\system32\typeperf.exe
2015-04-27 19:22 . 2015-05-13 13:45 404992 ----a-w- c:\windows\system32\tracerpt.exe
2015-04-27 19:22 . 2015-05-13 13:45 112640 ----a-w- c:\windows\system32\smss.exe
2015-04-27 19:22 . 2015-05-13 13:45 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-04-27 19:22 . 2015-05-13 13:45 43008 ----a-w- c:\windows\system32\relog.exe
2015-04-27 19:22 . 2015-05-13 13:45 31232 ----a-w- c:\windows\system32\lsass.exe
2015-04-27 19:22 . 2015-05-13 13:45 104448 ----a-w- c:\windows\system32\logman.exe
2015-04-27 19:22 . 2015-05-13 13:45 19456 ----a-w- c:\windows\system32\diskperf.exe
2015-04-27 19:22 . 2015-05-13 13:45 338432 ----a-w- c:\windows\system32\conhost.exe
2015-04-27 19:21 . 2015-05-13 13:45 64000 ----a-w- c:\windows\system32\auditpol.exe
2015-04-27 19:18 . 2015-05-13 13:45 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-04-27 19:18 . 2015-05-13 13:45 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-04-27 19:16 . 2015-05-13 13:45 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-04-27 19:16 . 2015-05-13 13:45 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-27 19:16 . 2015-05-13 13:45 686080 ----a-w- c:\windows\system32\adtschema.dll
2015-04-27 19:11 . 2015-05-13 13:45 3934144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-04-27 19:11 . 2015-05-13 13:45 3989440 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-04-27 19:08 . 2015-05-13 13:45 1310744 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-04-27 19:05 . 2015-05-13 13:45 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-04-27 19:05 . 2015-05-13 13:45 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-04-27 19:05 . 2015-05-13 13:45 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2015-04-27 19:05 . 2015-05-13 13:45 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-04-27 19:05 . 2015-05-13 13:45 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-04-27 19:05 . 2015-05-13 13:45 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2015-04-27 19:05 . 2015-05-13 13:45 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2015-04-27 19:05 . 2015-05-13 13:45 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2015-04-27 19:05 . 2015-05-13 13:45 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2015-04-27 19:04 . 2015-05-13 13:45 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2015-04-27 19:04 . 2015-05-13 13:45 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2015-04-27 19:04 . 2015-05-13 13:45 641536 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-04-27 19:04 . 2015-05-13 13:45 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-04-27 19:04 . 2015-05-13 13:45 40448 ----a-w- c:\windows\SysWow64\typeperf.exe
2015-04-27 19:04 . 2015-05-13 13:45 364544 ----a-w- c:\windows\SysWow64\tracerpt.exe
2015-04-27 19:04 . 2015-05-13 13:45 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2015-04-27 19:04 . 2015-05-13 13:45 37888 ----a-w- c:\windows\SysWow64\relog.exe
2015-04-27 19:04 . 2015-05-13 13:45 82944 ----a-w- c:\windows\SysWow64\logman.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-03-13 7451928]
"Spotify Web Helper"="c:\users\Hans\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-07-02 2030648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="e:\programme\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-20 767176]
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2015-05-15 55568]
"avgnt"="e:\programme\Antivir\Avira\AntiVir Desktop\avgnt.exe" [2015-06-10 730416]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-16 115048]
"SL-6482 Gaming Keyboard"="e:\programme\Speedlink\Monitor.exe" [2014-04-21 1976832]
"Avira Systray"="c:\program files (x86)\Avira\Launcher\Avira.Systray.exe" [2015-06-02 134368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 AntiVirMailService;Avira Email-Schutz;e:\programme\Antivir\Avira\AntiVir Desktop\avmailc7.exe;e:\programme\Antivir\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirWebService;Avira Browser-Schutz;e:\programme\Antivir\Avira\AntiVir Desktop\avwebg7.exe;e:\programme\Antivir\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Samsung Link Service;Samsung Link Service;e:\programme\Samsung link\Samsung Link\Samsung Link.exe;e:\programme\Samsung link\Samsung Link\Samsung Link.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Origin Client Service;Origin Client Service;e:\spiele\Origin\OriginClientService.exe;e:\spiele\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;e:\programme\Antivir\Avira\AntiVir Desktop\sched.exe;e:\programme\Antivir\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15 19:51]
.
.
--------- X64 Entries -----------
.
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\
FF - prefs.js: browser.startup.homepage - google.de
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2952664~31bf3856ad364e35~amd64~~6.1.12.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2984976~31bf3856ad364e35~amd64~~6.1.1.3]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000000
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3035583~31bf3856ad364e35~amd64~~6.1.1.29]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3065822~31bf3856ad364e35~amd64~~11.2.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3065987~31bf3856ad364e35~amd64~~6.1.2.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3067903~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3067904~31bf3856ad364e35~amd64~~6.1.1.2]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3069392~31bf3856ad364e35~amd64~~6.1.1.1]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3069762~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000000
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3070102~31bf3856ad364e35~amd64~~6.1.1.2]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3070738~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000000
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3072630~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3072633~31bf3856ad364e35~amd64~~6.1.1.1]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3074886~31bf3856ad364e35~amd64~~11.2.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3075516~31bf3856ad364e35~amd64~~11.2.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3077657~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
e:\programme\Antivir\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-07-21 22:32:12 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-07-21 20:32
.
Vor Suchlauf: 11 Verzeichnis(se), 20.134.416.384 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 20.068.728.832 Bytes frei
.
- - End Of File - - E78FDBEDEA50620CBEA0C7D3BF0A01DC
A36C5E4F47E84449FF07ED3517B43A31
|
|
22.07.2015, 08:15
| #8 |
| /// the machine /// TB-Ausbilder | Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.07.2015, 19:26
| #9 |
| | Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler hi, mbam.txt Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 22.07.2015 Suchlauf-Zeit: 19:24:51 Logdatei: mbam.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.03.09.05 Rootkit Datenbank: v2015.07.22.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Hans Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 348309 Verstrichene Zeit: 5 Min, 15 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 0 (Keine schädliche Elemente gefunden) Registrierungswerte: 0 (Keine schädliche Elemente gefunden) Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 0 (Keine schädliche Elemente gefunden) Dateien: 0 (Keine schädliche Elemente gefunden) Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) Code:
ATTFilter # AdwCleaner v4.208 - Bericht erstellt 22/07/2015 um 19:31:11
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-15.1 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : Hans - HANS-PC
# Gestarted von : C:\Users\Hans\Desktop\Trojanerboard\AdwCleaner_4.208.exe
# Option : Suchlauf
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17909
-\\ Mozilla Firefox v37.0.1 (x86 de)
[6tjlvua4.default] - Zeile Gefunden : user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml");
*************************
AdwCleaner[R0].txt - [960 Bytes] - [22/07/2015 19:31:11]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1018 Bytes] ##########
Code:
ATTFilter # AdwCleaner v4.208 - Bericht erstellt 22/07/2015 um 19:33:42
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-15.1 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : Hans - HANS-PC
# Gestarted von : C:\Users\Hans\Desktop\Trojanerboard\AdwCleaner_4.208.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKCU\Software\OCS
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17909
-\\ Mozilla Firefox v37.0.1 (x86 de)
*************************
AdwCleaner[R0].txt - [1101 Bytes] - [22/07/2015 19:31:11]
AdwCleaner[S0].txt - [850 Bytes] - [22/07/2015 19:33:42]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [908 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.1 (07.16.2015:1)
OS: Windows 7 Ultimate x64
Ran by Hans on 22.07.2015 at 19:36:55,32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.07.2015 at 19:38:17,72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by Hans (administrator) on HANS-PC on 22-07-2015 20:21:38
Running from C:\Users\Hans\Desktop\Trojanerboard
Loaded Profiles: Hans (Available Profiles: Hans)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG) E:\Programme\Antivir\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) E:\Programme\Antivir\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) E:\Programme\Antivir\Avira\AntiVir Desktop\avgnt.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avira Operations GmbH & Co. KG) E:\Programme\Antivir\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) E:\Programme\Firefox\firefox.exe
(Mozilla Corporation) E:\Programme\Firefox\plugin-container.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [StartCCC] => E:\Programme\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-15] (Raptr, Inc)
HKLM-x32\...\Run: [avgnt] => E:\Programme\Antivir\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SL-6482 Gaming Keyboard] => E:\Programme\Speedlink\Monitor.exe [1976832 2014-04-21] ()
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-480132033-1698870507-4115585903-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-480132033-1698870507-4115585903-1000\...\Run: [Spotify Web Helper] => C:\Users\Hans\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2030648 2015-07-02] (Spotify Ltd)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-480132033-1698870507-4115585903-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] ()
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9FA32E91-510A-484A-85BA-916FD69AD390}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> E:\Programme\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF SearchPlugin: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\searchplugins\google-images.xml [2015-05-31]
FF SearchPlugin: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\searchplugins\google-maps.xml [2015-05-31]
FF Extension: WEB.DE MailCheck - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\Extensions\mailcheck@web.de [2015-06-19]
FF Extension: Adblock Extension Light - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\Extensions\{5abf955e-6e19-4611-84b3-c99c5117050d}.xpi [2015-07-22]
FF Extension: Gutscheinaffe - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\Extensions\{9220f99f-5b7d-4a4d-97ca-209991796400}.xpi [2015-04-16]
FF Extension: {b31b7e5f-973b-4323-bc83-37ee7c836f65} - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\Extensions\{b31b7e5f-973b-4323-bc83-37ee7c836f65}.xpi [2015-04-16]
FF Extension: Adblock Plus - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-15]
StartMenuInternet: FIREFOX.EXE - E:\Programme\Firefox\firefox.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; E:\Programme\Antivir\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; E:\Programme\Antivir\Avira\AntiVir Desktop\sched.exe [450808 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; E:\Programme\Antivir\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; E:\Programme\Antivir\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)
S2 MBAMService; C:\Users\Hans\Desktop\Trojanerboard\malewarebytes\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Origin Client Service; E:\Spiele\Origin\OriginClientService.exe [2004488 2015-06-29] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-04-16] ()
S2 Samsung Link Service; E:\Programme\Samsung link\Samsung Link\Samsung Link.exe [609632 2014-01-17] (Copyright 2013 SAMSUNG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-17] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-22 19:38 - 2015-07-22 19:38 - 00000704 _____ C:\Users\Hans\Desktop\JRT.txt
2015-07-22 19:24 - 2015-07-22 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-07-22 19:24 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-22 19:24 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-21 22:32 - 2015-07-21 22:32 - 00023337 _____ C:\ComboFix.txt
2015-07-21 21:52 - 2015-07-22 19:34 - 00001534 _____ C:\Windows\PFRO.log
2015-07-21 21:16 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-21 21:16 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-21 21:16 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-21 21:16 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-21 21:16 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-21 21:16 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-21 21:16 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-21 21:16 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-21 21:15 - 2015-07-21 22:32 - 00000000 ____D C:\Qoobox
2015-07-21 21:14 - 2015-07-21 22:29 - 00000000 ____D C:\Windows\erdnt
2015-07-20 19:20 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 19:20 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 19:20 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 19:20 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 19:20 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-20 19:20 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-20 19:20 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-20 19:20 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-20 19:20 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 19:20 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-19 14:12 - 2015-07-22 19:24 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-19 14:12 - 2015-07-22 19:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-19 14:12 - 2015-07-21 22:47 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-19 14:09 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-19 12:51 - 2015-07-19 13:01 - 00058317 _____ C:\Users\Hans\Desktop\Neues Textdokument (2).txt
2015-07-19 00:03 - 2015-07-19 00:03 - 00000000 ____D C:\Users\Hans\AppData\Local\GWX
2015-07-17 23:25 - 2015-07-21 22:54 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-17 23:23 - 2015-07-17 23:23 - 00000000 ____D C:\Windows\CheckSur
2015-07-15 22:19 - 2015-07-22 20:21 - 00000000 ____D C:\FRST
2015-07-15 22:18 - 2015-07-15 22:18 - 00000000 _____ C:\Users\Hans\defogger_reenable
2015-07-15 22:09 - 2015-07-22 19:36 - 00000000 ____D C:\Users\Hans\Desktop\Trojanerboard
2015-07-15 21:05 - 2015-07-22 19:34 - 00000896 _____ C:\Windows\setupact.log
2015-07-15 21:05 - 2015-07-15 21:05 - 00000000 _____ C:\Windows\setuperr.log
2015-07-15 20:08 - 2015-07-15 20:13 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 20:08 - 2015-07-03 08:43 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-15 20:08 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 20:08 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 20:08 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 20:08 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 20:08 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 20:08 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 20:08 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 20:08 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 20:08 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 20:08 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 20:08 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 20:08 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 19:58 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 19:58 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 19:58 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 19:58 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 19:58 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 19:58 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 19:58 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 19:58 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 19:58 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 19:58 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 19:58 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 19:58 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 19:58 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 19:58 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 19:58 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 19:58 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 19:58 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 19:58 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 19:58 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 19:58 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 19:58 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 19:58 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 19:58 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 19:58 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 19:58 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 19:58 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 19:58 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 19:58 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 19:58 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 19:58 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 19:58 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 19:58 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 19:58 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 19:58 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 19:58 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 19:58 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 19:58 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 19:58 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 19:58 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 19:58 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 19:58 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 19:58 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 19:58 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 19:58 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 19:58 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 19:58 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 19:58 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 19:58 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 19:58 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 19:58 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 19:58 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 19:55 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 19:55 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 19:55 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 19:55 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 19:55 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 19:55 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 19:55 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 19:55 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 19:55 - 2015-06-03 22:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-07-15 19:48 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 19:48 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 19:48 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 19:48 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 19:48 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 19:48 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 19:48 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 19:48 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 19:48 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 19:48 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 19:48 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 19:48 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 19:48 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 19:48 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 19:48 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 19:48 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 19:48 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 19:48 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 19:48 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 19:48 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 19:48 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 19:48 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 19:48 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 19:48 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-07-15 19:48 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-07-15 19:48 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-07-15 19:48 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-07-15 19:48 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-07-15 19:48 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-07-15 19:48 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-07-15 19:48 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-07-15 19:48 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-07-15 19:48 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-07-15 19:48 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 19:48 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 19:48 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 19:48 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 19:48 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 19:48 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 19:48 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 19:48 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 19:48 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-07-15 19:48 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-07-15 19:48 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-07-15 19:45 - 2015-06-11 19:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 19:45 - 2015-06-11 19:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-15 19:45 - 2015-06-11 19:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-09 14:46 - 2015-07-09 14:46 - 00000087 _____ C:\Users\Hans\Desktop\Radlager wechsel.txt
2015-07-07 21:00 - 2015-07-07 20:52 - 03449045 _____ C:\Users\Hans\Desktop\Anhänge_20150707.zip
2015-07-07 20:54 - 2015-07-07 20:54 - 10368054 _____ C:\Users\Hans\Desktop\Neue Bitmap.bmp
2015-07-07 20:05 - 2015-07-07 20:06 - 00001086 _____ C:\Users\Hans\Desktop\querlenkergummilager.txt
2015-07-07 20:04 - 2015-07-07 20:04 - 00000501 _____ C:\Users\Hans\Desktop\Tankgeber einstellen.txt
2015-07-06 20:32 - 2015-07-06 20:32 - 00000000 ____D C:\Program Files (x86)\Avira
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-22 20:15 - 2009-07-14 06:45 - 00017456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-22 20:15 - 2009-07-14 06:45 - 00017456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-22 19:49 - 2015-04-15 20:22 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-22 19:40 - 2015-04-15 19:42 - 01925273 _____ C:\Windows\WindowsUpdate.log
2015-07-22 19:39 - 2009-07-14 19:58 - 00699092 _____ C:\Windows\system32\perfh007.dat
2015-07-22 19:39 - 2009-07-14 19:58 - 00149232 _____ C:\Windows\system32\perfc007.dat
2015-07-22 19:39 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-22 19:34 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-22 19:15 - 2015-04-16 15:06 - 00000000 ____D C:\Users\Hans\AppData\Roaming\vlc
2015-07-21 22:51 - 2015-04-15 21:04 - 00000000 ____D C:\ProgramData\Origin
2015-07-21 22:31 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-21 19:55 - 2015-04-16 06:15 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-21 19:33 - 2009-07-14 06:45 - 00296120 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 17:11 - 2015-04-16 20:24 - 00000000 ____D C:\Users\Hans\AppData\Roaming\TS3Client
2015-07-19 22:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-18 00:16 - 2015-04-18 14:14 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-18 00:16 - 2015-04-18 14:14 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-16 16:16 - 2009-07-14 07:08 - 00032130 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-15 22:18 - 2015-04-15 19:42 - 00000000 ____D C:\Users\Hans
2015-07-15 21:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-15 20:29 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-15 20:27 - 2015-04-16 14:50 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 20:27 - 2015-04-16 14:50 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 20:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-14 21:51 - 2015-04-15 20:22 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 21:51 - 2015-04-15 20:22 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 21:51 - 2015-04-15 20:22 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-13 22:15 - 2015-04-16 15:19 - 00000000 ____D C:\Users\Hans\AppData\Local\Spotify
2015-07-13 22:15 - 2015-04-16 15:18 - 00000000 ____D C:\Users\Hans\AppData\Roaming\Spotify
2015-07-13 19:29 - 2015-06-17 17:27 - 00000000 ____D C:\Users\Hans\AppData\Local\Microsoft Games
2015-07-07 19:28 - 2015-04-15 21:04 - 00000000 ____D C:\Users\Hans\AppData\Roaming\Raptr
2015-07-06 20:32 - 2015-04-16 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-06 20:32 - 2015-04-15 21:00 - 00000000 ____D C:\ProgramData\Package Cache
==================== Files in the root of some directories =======
2015-05-17 14:50 - 2015-05-17 14:50 - 0007605 _____ () C:\Users\Hans\AppData\Local\Resmon.ResmonCfg
2015-04-16 15:47 - 2015-04-16 15:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Hans\AppData\Local\Temp\avgnt.exe
C:\Users\Hans\AppData\Local\Temp\Quarantine.exe
C:\Users\Hans\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-13 21:48
==================== End of log ============================
|
|
23.07.2015, 07:35
| #10 |
| /// the machine /// TB-Ausbilder | Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Extension: {b31b7e5f-973b-4323-bc83-37ee7c836f65} - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\Extensions\{b31b7e5f-973b-4323-bc83-37ee7c836f65}.xpi [2015-04-16]
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Bitte Windows Repair laufen lassen: Windows reparieren - so geht's - Anleitungen ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.07.2015, 20:50
| #11 |
| | Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler Guten Abend , Entschuldigung das jetzt erst etwas kommt, ich war donnerstag und Freitag auf Dienstreise. Samstag war der Rechner dann mit der Windows/Festplatten Reparatur beschäftigt. Nach dieser läuft die Firewall wieder und das Wlan symbol ist auch wieder richtig fixlog.txt Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-07-2015
durchgeführt von Hans an 2015-07-25 18:34:14 Run:1
Gestartet von C:\Users\Hans\Desktop\Trojanerboard
Geladene Profile: Hans (Verfügbare Profile: Hans)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Extension: {b31b7e5f-973b-4323-bc83-37ee7c836f65} - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\Extensions\{b31b7e5f-973b-4323-bc83-37ee7c836f65}.xpi [2015-04-16]
Emptytemp:
*****************
Firefox newtab erfolgreich entfernt
C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\Extensions\{b31b7e5f-973b-4323-bc83-37ee7c836f65}.xpi => erfolgreich verschoben.
EmptyTemp: => 520 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 18:34:25 ====
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-07-2015
durchgeführt von Hans (Administrator) auf HANS-PC (26-07-2015 21:52:26)
Gestartet von C:\Users\Hans\Desktop\Trojanerboard
Geladene Profile: Hans (Verfügbare Profile: Hans)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) E:\Programme\Antivir\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) E:\Programme\Antivir\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) E:\Programme\Antivir\Avira\AntiVir Desktop\avshadow.exe
(Spotify Ltd) C:\Users\Hans\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Avira Operations GmbH & Co. KG) E:\Programme\Antivir\Avira\AntiVir Desktop\avgnt.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Advanced Micro Devices Inc.) E:\Programme\AMD\ATI.ACE\Core-Static\MOM.exe
() E:\Programme\Speedlink\Monitor.EXE
(ATI Technologies Inc.) E:\Programme\AMD\ATI.ACE\Core-Static\CCC.exe
() E:\Programme\Speedlink\OSD.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) E:\Programme\Firefox\firefox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM-x32\...\Run: [StartCCC] => E:\Programme\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-15] (Raptr, Inc)
HKLM-x32\...\Run: [avgnt] => E:\Programme\Antivir\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SL-6482 Gaming Keyboard] => E:\Programme\Speedlink\Monitor.exe [1976832 2014-04-21] ()
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-480132033-1698870507-4115585903-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-480132033-1698870507-4115585903-1000\...\Run: [Spotify Web Helper] => C:\Users\Hans\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2030648 2015-07-02] (Spotify Ltd)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ATTENTION
HKU\S-1-5-21-480132033-1698870507-4115585903-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-480132033-1698870507-4115585903-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] ()
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Datei nicht gefunden
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Datei nicht gefunden
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not ' & $found1 & '
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not ' & $found1 & '
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9FA32E91-510A-484A-85BA-916FD69AD390}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> E:\Programme\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF SearchPlugin: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\searchplugins\google-images.xml [2015-05-31]
FF SearchPlugin: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\searchplugins\google-maps.xml [2015-05-31]
FF Extension: WEB.DE MailCheck - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\Extensions\mailcheck@web.de [2015-06-19]
FF Extension: Adblock Extension Light - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\Extensions\{5abf955e-6e19-4611-84b3-c99c5117050d}.xpi [2015-07-22]
FF Extension: Gutscheinaffe - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\Extensions\{9220f99f-5b7d-4a4d-97ca-209991796400}.xpi [2015-04-16]
FF Extension: Adblock Plus - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\6tjlvua4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-15]
StartMenuInternet: FIREFOX.EXE - E:\Programme\Firefox\firefox.exe
==================== Services (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; E:\Programme\Antivir\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; E:\Programme\Antivir\Avira\AntiVir Desktop\sched.exe [450808 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; E:\Programme\Antivir\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; E:\Programme\Antivir\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)
S2 MBAMService; C:\Users\Hans\Desktop\Trojanerboard\malewarebytes\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 Origin Client Service; E:\Spiele\Origin\OriginClientService.exe [2004488 2015-06-29] (Electronic Arts)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-04-16] ()
S2 Samsung Link Service; E:\Programme\Samsung link\Samsung Link\Samsung Link.exe [609632 2014-01-17] (Copyright 2013 SAMSUNG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-17] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-22 19:24 - 2015-07-22 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-07-22 19:24 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-22 19:24 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-21 22:32 - 2015-07-21 22:32 - 00023337 _____ C:\ComboFix.txt
2015-07-21 21:52 - 2015-07-26 01:26 - 00002136 _____ C:\Windows\PFRO.log
2015-07-21 21:16 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-21 21:16 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-21 21:16 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-21 21:16 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-21 21:16 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-21 21:16 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-21 21:16 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-21 21:16 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-21 21:15 - 2015-07-21 22:32 - 00000000 ____D C:\Qoobox
2015-07-21 21:14 - 2015-07-21 22:29 - 00000000 ____D C:\Windows\erdnt
2015-07-20 19:20 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 19:20 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 19:20 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 19:20 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 19:20 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-20 19:20 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-20 19:20 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-20 19:20 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-20 19:20 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 19:20 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-19 14:12 - 2015-07-22 19:24 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-19 14:12 - 2015-07-22 19:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-19 14:12 - 2015-07-21 22:47 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-19 14:09 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-19 12:51 - 2015-07-19 13:01 - 00058317 _____ C:\Users\Hans\Desktop\Neues Textdokument (2).txt
2015-07-19 00:03 - 2015-07-19 00:03 - 00000000 ____D C:\Users\Hans\AppData\Local\GWX
2015-07-17 23:25 - 2015-07-22 20:44 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-17 23:23 - 2015-07-17 23:23 - 00000000 ____D C:\Windows\CheckSur
2015-07-15 22:19 - 2015-07-26 21:52 - 00000000 ____D C:\FRST
2015-07-15 22:18 - 2015-07-15 22:18 - 00000000 _____ C:\Users\Hans\defogger_reenable
2015-07-15 22:09 - 2015-07-26 21:47 - 00000000 ____D C:\Users\Hans\Desktop\Trojanerboard
2015-07-15 21:05 - 2015-07-26 01:26 - 00001176 _____ C:\Windows\setupact.log
2015-07-15 21:05 - 2015-07-15 21:05 - 00000000 _____ C:\Windows\setuperr.log
2015-07-15 20:08 - 2015-07-15 20:13 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 20:08 - 2015-07-03 08:43 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-15 20:08 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 20:08 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 20:08 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 20:08 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 20:08 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 20:08 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 20:08 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 20:08 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 20:08 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 20:08 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 20:08 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 20:08 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 19:58 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 19:58 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 19:58 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 19:58 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 19:58 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 19:58 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 19:58 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 19:58 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 19:58 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 19:58 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 19:58 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 19:58 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 19:58 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 19:58 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 19:58 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 19:58 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 19:58 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 19:58 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 19:58 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 19:58 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 19:58 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 19:58 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 19:58 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 19:58 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 19:58 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 19:58 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 19:58 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 19:58 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 19:58 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 19:58 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 19:58 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 19:58 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 19:58 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 19:58 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 19:58 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 19:58 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 19:58 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 19:58 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 19:58 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 19:58 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 19:58 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 19:58 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 19:58 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 19:58 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 19:58 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 19:58 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 19:58 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 19:58 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 19:58 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 19:58 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 19:58 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 19:58 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 19:55 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 19:55 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 19:55 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 19:55 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 19:55 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 19:55 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 19:55 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 19:55 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 19:55 - 2015-06-03 22:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-07-15 19:48 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 19:48 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 19:48 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 19:48 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 19:48 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 19:48 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 19:48 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 19:48 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 19:48 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 19:48 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 19:48 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 19:48 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 19:48 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 19:48 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 19:48 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 19:48 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 19:48 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 19:48 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 19:48 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 19:48 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 19:48 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 19:48 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 19:48 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 19:48 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-07-15 19:48 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-07-15 19:48 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-07-15 19:48 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-07-15 19:48 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-07-15 19:48 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-07-15 19:48 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-07-15 19:48 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-07-15 19:48 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-07-15 19:48 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-07-15 19:48 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 19:48 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 19:48 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 19:48 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 19:48 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 19:48 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 19:48 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 19:48 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 19:48 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-07-15 19:48 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-07-15 19:48 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-07-15 19:45 - 2015-06-11 19:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 19:45 - 2015-06-11 19:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-15 19:45 - 2015-06-11 19:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-09 14:46 - 2015-07-09 14:46 - 00000087 _____ C:\Users\Hans\Desktop\Radlager wechsel.txt
2015-07-07 21:00 - 2015-07-07 20:52 - 03449045 _____ C:\Users\Hans\Desktop\Anhänge_20150707.zip
2015-07-07 20:54 - 2015-07-07 20:54 - 10368054 _____ C:\Users\Hans\Desktop\Neue Bitmap.bmp
2015-07-07 20:05 - 2015-07-07 20:06 - 00001086 _____ C:\Users\Hans\Desktop\querlenkergummilager.txt
2015-07-07 20:04 - 2015-07-07 20:04 - 00000501 _____ C:\Users\Hans\Desktop\Tankgeber einstellen.txt
2015-07-06 20:32 - 2015-07-06 20:32 - 00000000 ____D C:\Program Files (x86)\Avira
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-26 21:49 - 2015-04-15 20:22 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-26 21:47 - 2015-04-15 19:42 - 01741133 _____ C:\Windows\WindowsUpdate.log
2015-07-26 21:47 - 2009-07-14 19:58 - 00650578 _____ C:\Windows\system32\perfh007.dat
2015-07-26 21:47 - 2009-07-14 19:58 - 00131762 _____ C:\Windows\system32\perfc007.dat
2015-07-26 21:47 - 2009-07-14 07:13 - 01529032 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-26 21:46 - 2015-04-15 22:42 - 00064560 _____ C:\Users\Hans\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-26 21:45 - 2009-07-14 06:45 - 00017456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-26 21:45 - 2009-07-14 06:45 - 00017456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-26 01:26 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-26 01:26 - 2009-07-14 06:45 - 00296120 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-25 19:00 - 2009-07-14 04:34 - 00000439 _____ C:\Windows\win.ini
2015-07-25 18:52 - 2015-04-18 14:14 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-25 18:35 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-22 20:41 - 2015-04-15 21:04 - 00000000 ____D C:\ProgramData\Origin
2015-07-22 20:39 - 2015-04-16 20:24 - 00000000 ____D C:\Users\Hans\AppData\Roaming\TS3Client
2015-07-22 19:15 - 2015-04-16 15:06 - 00000000 ____D C:\Users\Hans\AppData\Roaming\vlc
2015-07-21 22:54 - 2015-04-16 06:15 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-21 22:31 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-21 22:29 - 2009-07-14 04:34 - 00000027 _____ C:\Windows\system32\Drivers\etc\hosts_bak_429
2015-07-19 22:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-18 00:16 - 2015-04-18 14:14 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-15 22:18 - 2015-04-15 19:42 - 00000000 ____D C:\Users\Hans
2015-07-15 21:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-15 20:29 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-15 20:27 - 2015-04-16 14:50 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 20:27 - 2015-04-16 14:50 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 20:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-14 21:51 - 2015-04-15 20:22 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 21:51 - 2015-04-15 20:22 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 21:51 - 2015-04-15 20:22 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-13 22:15 - 2015-04-16 15:19 - 00000000 ____D C:\Users\Hans\AppData\Local\Spotify
2015-07-13 22:15 - 2015-04-16 15:18 - 00000000 ____D C:\Users\Hans\AppData\Roaming\Spotify
2015-07-13 19:29 - 2015-06-17 17:27 - 00000000 ____D C:\Users\Hans\AppData\Local\Microsoft Games
2015-07-07 19:28 - 2015-04-15 21:04 - 00000000 ____D C:\Users\Hans\AppData\Roaming\Raptr
2015-07-06 20:32 - 2015-04-16 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-06 20:32 - 2015-04-15 21:00 - 00000000 ____D C:\ProgramData\Package Cache
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-05-17 14:50 - 2015-05-17 14:50 - 0007605 _____ () C:\Users\Hans\AppData\Local\Resmon.ResmonCfg
2015-04-16 15:47 - 2015-04-16 15:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Hans\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-07-13 21:48
==================== Ende von log ============================
|
|
27.07.2015, 07:46
| #12 |
| /// the machine /// TB-Ausbilder | Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler und der Rest von oben?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler |
| adware, antivir, antivirus, avira, browser, desktop, fehler, firefox, firefox 39.0, flash player, helper, homepage, internet, internet explorer, malware, newtab, problem, scan, security, software, starten, svchost.exe, tcp, udp, usb, windows, wlan |
WARNUNG an die MITLESER: 
Linear-Darstellung
