| |
| |||||||
Alles rund um Windows: Outlook 2007 möchte mehrere Mails versenden obwohl keine Mails im Ausgangsordner existierenWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
 |
27.07.2015, 10:12
| #1 |
 |  Problem: Outlook 2007 möchte mehrere Mails versenden obwohl keine Mails im Ausgangsordner existieren Hallo zusammen, ich habe seit heute das Problem, dass mein Outlook 2007 plötzlich 1-20 Mails versenden möchte, obwohl gar keine Mails existieren, die für einen Versand vorgesehen sind. Mein Virenscanner (Avira) hat keinerlei Warnungen ausgespuckt. Ich weiß nicht woran es liegen kann, dass Outlook auf einmal so selbstständig geworden ist. Bin für jede Hilfe dankbar. LG Daniel |
|
27.07.2015, 19:29
| #2 |
| /// the machine /// TB-Ausbilder    |  Outlook 2007 möchte mehrere Mails versenden obwohl keine Mails im Ausgangsordner existieren Anleitung / Hilfe hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
27.07.2015, 19:57
| #3 |
| | Outlook 2007 möchte mehrere Mails versenden obwohl keine Mails im Ausgangsordner existieren Details Hi Schrauber,
__________________Danke für deine Hilfe hier die Codes: FRST FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
durchgeführt von Daniel (ATTENTION: der angemeldete Benutzer ist kein Administrator) auf DEEPTHOUGHT (27-07-2015 20:51:06)
Gestartet von C:\Users\Daniel\Downloads
Geladene Profile: Daniel & Admin & LogMeInRemoteUser (Verfügbare Profile: Daniel & Admin & LogMeInRemoteUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
konnte nicht auf den Prozess zugreifen -> smss.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> wininit.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> winlogon.exe
konnte nicht auf den Prozess zugreifen -> services.exe
konnte nicht auf den Prozess zugreifen -> lsass.exe
konnte nicht auf den Prozess zugreifen -> lsm.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> avguard.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> avshadow.exe
konnte nicht auf den Prozess zugreifen -> atiesrxx.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> TrustedInstaller.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> spoolsv.exe
konnte nicht auf den Prozess zugreifen -> sched.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> dirmngr.exe
konnte nicht auf den Prozess zugreifen -> GREGsvc.exe
konnte nicht auf den Prozess zugreifen -> HAUPPA~1.EXE
konnte nicht auf den Prozess zugreifen -> UpdaterService.exe
konnte nicht auf den Prozess zugreifen -> ramaint.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> NOBuAgent.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> USBS3S4Detection.exe
konnte nicht auf den Prozess zugreifen -> WLIDSVC.EXE
konnte nicht auf den Prozess zugreifen -> Avira.ServiceHost.exe
konnte nicht auf den Prozess zugreifen -> WLIDSVCM.EXE
konnte nicht auf den Prozess zugreifen -> LogMeIn.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> WUDFHost.exe
konnte nicht auf den Prozess zugreifen -> atieclxx.exe
konnte nicht auf den Prozess zugreifen -> IAStorDataMgrSvc.exe
konnte nicht auf den Prozess zugreifen -> LMS.exe
konnte nicht auf den Prozess zugreifen -> NASvc.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> wmpnetwk.exe
konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe
konnte nicht auf den Prozess zugreifen -> UNS.exe
konnte nicht auf den Prozess zugreifen -> LMIGuardianSvc.exe
konnte nicht auf den Prozess zugreifen -> hamachi-2.exe
konnte nicht auf den Prozess zugreifen -> LMIGuardianSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
() C:\Users\Daniel\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIUE.EXE
() C:\Program Files\BCL Technologies\ALLPDF 3\eptray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
(Dropbox, Inc.) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
konnte nicht auf den Prozess zugreifen -> PresentationFontCache.exe
konnte nicht auf den Prozess zugreifen -> dllhost.exe
konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe
konnte nicht auf den Prozess zugreifen -> OnlineShieldService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe
(Awesomium Technologies) C:\Program Files (x86)\Steganos Online Shield\awesomium_process.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Online Shield\SteganosBrowserMonitor.exe
(Joyent, Inc) C:\Users\Daniel\AppData\Roaming\Steganos\OnlineShield\Proxy\node.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-11-30] (Realtek Semiconductor)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2014-02-07] (LogMeIn, Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-28] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-02-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [339312 2010-09-15] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502952 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863400 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217632 2015-06-24] (Geek Software GmbH)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-07-14] (LogMeIn Inc.)
HKLM-x32\...\Run: [Speedup_umh] => C:\Program Files (x86)\Avira\AviraSpeedup\Speedup_umh.exe [194832 2015-06-17] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1088146415-38023645-2323927296-1000\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [5860984 2012-02-20] (SlySoft, Inc.)
HKU\S-1-5-21-1088146415-38023645-2323927296-1000\...\Run: [Amazon Cloud Player] => C:\Users\Daniel\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2013-12-12] ()
HKU\S-1-5-21-1088146415-38023645-2323927296-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1088146415-38023645-2323927296-1000\...\Run: [Dropbox Update] => C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-1088146415-38023645-2323927296-1000\...\Run: [SOS_Agent] => C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe [6200336 2015-07-09] (Steganos Software GmbH)
HKU\S-1-5-21-1088146415-38023645-2323927296-1000\...\Run: [Steganos VPN Local Proxy] => C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe [6200336 2015-07-09] (Steganos Software GmbH)
HKU\S-1-5-21-1088146415-38023645-2323927296-1000\...\Run: [Steganos VPN Proxy Handler] => C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe [6200336 2015-07-09] (Steganos Software GmbH)
HKU\S-1-5-18\...\Run: [SOS_Agent] => C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe [6200336 2015-07-09] (Steganos Software GmbH)
HKU\S-1-5-18\...\Run: [SOS Browser Monitor] => C:\Program Files (x86)\Steganos Online Shield\SteganosBrowserMonitor.exe [75776 2015-07-08] (Steganos Software GmbH)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk [2011-11-03]
ShortcutTarget: AutoStart IR.lnk -> C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BCL ALLPDF Printer Monitor.lnk [2015-03-08]
ShortcutTarget: BCL ALLPDF Printer Monitor.lnk -> C:\Program Files\BCL Technologies\ALLPDF 3\eptray.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013-11-25]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status..lnk [2011-11-03]
ShortcutTarget: WinTV Recording Status..lnk -> C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-11-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
AutoConfigURL: [S-1-5-21-1088146415-38023645-2323927296-1000] => hxxp://127.0.0.1:8446/sos.pac
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1088146415-38023645-2323927296-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/
HKU\S-1-5-21-1088146415-38023645-2323927296-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/
HKU\S-1-5-21-1088146415-38023645-2323927296-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/
HKU\S-1-5-21-1088146415-38023645-2323927296-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKU\S-1-5-21-1088146415-38023645-2323927296-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/
URLSearchHook: [S-1-5-21-1088146415-38023645-2323927296-1001] ATTENTION ==> Standard URLSearchHook fehlt
URLSearchHook: [S-1-5-21-1088146415-38023645-2323927296-1002] ATTENTION ==> Standard URLSearchHook fehlt
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=413&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=413&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1088146415-38023645-2323927296-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1088146415-38023645-2323927296-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1088146415-38023645-2323927296-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKU\S-1-5-21-1088146415-38023645-2323927296-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=542&systemid=406&v=n11465-250&apn_uid=1153554523314747&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1088146415-38023645-2323927296-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=413&sr=0&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) -> {d1dac034-9fd9-4c13-a388-d2e10e57707f} -> C:\Program Files (x86)\ilividmoviestoolbar181\IE\searchresultsDx64.dll [2013-12-11] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04] (Oracle Corporation)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-03-29] (Oracle Corporation)
BHO-x32: OfferMosquito -> {82B16A3D-F03E-4565-A532-666B219C9A53} -> C:\Users\Admin\AppData\Local\ext_offermosquito\OfferMosquitoIEPlaceholder.dll [2014-01-23] (Bebo Media Ltd)
BHO-x32: Movies Toolbar (Dist. by Bandoo Media, Inc.) -> {d1dac034-9fd9-4c13-a388-d2e10e57707f} -> C:\Program Files (x86)\ilividmoviestoolbar181\IE\searchresultsDx.dll [2013-12-11] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-03-29] (Oracle Corporation)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28] (Yahoo! Inc)
Toolbar: HKLM - Movies Toolbar (Dist. by Bandoo Media, Inc.) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - C:\Program Files (x86)\ilividmoviestoolbar181\IE\searchresultsDx64.dll [2013-12-11] ()
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - Keine Datei
Toolbar: HKLM-x32 - Movies Toolbar (Dist. by Bandoo Media, Inc.) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - C:\Program Files (x86)\ilividmoviestoolbar181\IE\searchresultsDx.dll [2013-12-11] ()
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc.)
Toolbar: HKU\S-1-5-21-1088146415-38023645-2323927296-1000 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - Keine Datei
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.)
Handler: haufereader - No CLSID Value
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{2CAADFF7-B477-4AF5-A003-8DEDB63B5FFE}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{79FEF043-A9D9-446C-B552-6F996BCEE660}: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default
FF NewTab:
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://google.de/
FF Keyword.URL: hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=542&systemid=406&v=n11465-250&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=1153554523314747&o=APN10645&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-27] ()
FF Plugin: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\system32\npDeployJava1.dll [2012-05-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [2012-05-04] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-27] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-03-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-26] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\searchplugins\Ask.xml [2014-02-06]
FF Extension: Avira Browser Safety - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\Extensions\abs@avira.com [2015-07-27]
FF Extension: Flash and Video Download - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-07-27]
FF Extension: Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\Extensions\{d1dac034-9fd9-4c13-a388-d2e10e57707f} [2014-02-06]
FF Extension: Ask New Tabs - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\Extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1} [2014-02-22]
FF Extension: ProxTube - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\Extensions\ich@maltegoetz.de.xpi [2014-09-11]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]
FF HKU\S-1-5-21-1088146415-38023645-2323927296-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-1088146415-38023645-2323927296-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: Kein Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pgmfkblbflahhponhjmkcnpjinenhlnc] - C:\Users\Daniel\AppData\Local\Vid-Saver\Chrome\Vid-Saver.crx [2012-09-20]
==================== Services (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-09] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2014-11-25] () [Datei ist nicht signiert]
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [602624 2010-03-29] (Hauppauge Computer Works) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-07-14] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [234856 2015-07-27] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2014-02-07] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 Online Shield Starter Service; C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe [345136 2015-07-09] (Steganos Software GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138360 2012-01-29] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138360 2012-01-29] (SlySoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-04] (Avira Operations GmbH & Co. KG)
S3 hcw95bda; C:\Windows\System32\Drivers\hcw95bda.sys [658432 2009-07-06] (Hauppauge Computer Works, Inc.)
S3 hcw95rc; C:\Windows\System32\DRIVERS\hcw95rc.sys [19456 2009-07-06] (Hauppauge Computer Works, Inc.)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2014-02-07] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2010-07-16] (CACE Technologies, Inc.)
S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-27 10:59 - 2015-07-27 20:51 - 00031932 _____ C:\Users\Daniel\Downloads\FRST.txt
2015-07-27 10:59 - 2015-07-27 20:51 - 00000000 ____D C:\FRST
2015-07-27 10:59 - 2015-07-27 11:01 - 00041945 _____ C:\Users\Daniel\Downloads\Addition.txt
2015-07-27 10:57 - 2015-07-27 10:58 - 02146816 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2015-07-27 09:39 - 2015-07-27 09:39 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Steganos
2015-07-27 09:35 - 2015-07-27 09:41 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Steganos VPN
2015-07-27 09:35 - 2015-07-27 09:35 - 00001133 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2015-07-27 09:35 - 2015-07-27 09:35 - 00000000 ____D C:\Users\Public\Speedup Sessions
2015-07-27 09:35 - 2015-07-27 09:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup
2015-07-27 09:34 - 2015-07-27 09:41 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Steganos
2015-07-27 09:32 - 2015-07-27 09:32 - 00001123 _____ C:\Users\Public\Desktop\Steganos Online Shield.lnk
2015-07-27 09:32 - 2015-07-27 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steganos Online Shield
2015-07-27 09:32 - 2015-07-27 09:32 - 00000000 ____D C:\Program Files (x86)\Steganos Online Shield
2015-07-27 03:50 - 2015-07-27 03:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-07-27 03:50 - 2015-07-27 03:50 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-07-27 03:25 - 2015-07-27 03:25 - 00000022 _____ C:\Windows\S.dirmngr
2015-07-26 12:38 - 2015-07-26 12:38 - 00000000 ____D C:\Users\Daniel\AppData\Local\Image Composite Editor
2015-07-26 12:37 - 2015-07-26 12:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Composite Editor
2015-07-26 12:37 - 2015-07-26 12:37 - 00000000 ____D C:\Program Files\Microsoft Research
2015-07-26 12:28 - 2015-07-26 12:33 - 07195928 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\vcredist_x64.exe
2015-07-26 12:28 - 2015-07-26 12:33 - 06505592 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\vcredist_x86.exe
2015-07-26 12:28 - 2015-07-26 12:30 - 01422408 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\vcredist_arm.exe
2015-07-26 12:22 - 2015-07-26 12:25 - 07963136 _____ C:\Users\Daniel\Downloads\ICE-2.0.3-for-64-bit-Windows.msi
2015-07-26 12:15 - 2015-07-26 12:18 - 07440896 _____ C:\Users\Daniel\Downloads\ICE-2.0.3-for-32-bit-Windows.msi
2015-07-26 07:03 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-26 07:03 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-26 07:03 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-26 07:03 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-26 07:03 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-26 07:03 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-26 07:03 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-26 07:03 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-26 07:03 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-26 07:03 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-26 07:03 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-26 07:03 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-26 07:03 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-26 07:03 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-26 07:03 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-26 07:03 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-26 07:03 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-26 07:03 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-26 07:03 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-26 07:03 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-26 07:03 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-26 07:03 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-26 07:03 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-26 07:03 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-26 07:03 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-26 07:03 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-26 07:03 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-26 07:03 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-26 07:03 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-26 07:03 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-26 07:03 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-26 07:03 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-26 07:03 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-26 07:03 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-26 07:03 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-26 07:03 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-26 07:03 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-26 07:03 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-26 07:03 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-26 07:03 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-26 07:03 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-26 07:03 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-26 07:03 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-26 07:03 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-26 06:57 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-26 06:57 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-26 06:57 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-26 06:57 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-26 06:57 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-26 06:57 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-26 06:57 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-26 06:57 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-26 06:57 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-26 06:57 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-26 06:57 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-26 06:57 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-26 06:29 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-26 06:29 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-26 06:29 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-26 06:29 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-26 06:29 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-26 06:29 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-26 06:29 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-26 06:29 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-26 06:29 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-26 06:29 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-26 06:29 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-26 06:29 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-26 06:29 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-26 06:29 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-26 06:29 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-26 06:29 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-26 06:29 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-26 06:29 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-26 06:29 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-26 06:28 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-26 06:28 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-26 06:28 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-26 06:28 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-26 06:28 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-26 06:28 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-26 06:28 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-26 06:17 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-26 06:17 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-26 06:16 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-26 06:16 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-26 06:16 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-26 06:16 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-26 06:16 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-26 06:16 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-26 06:16 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-26 06:16 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-26 06:16 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-26 06:16 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-26 06:16 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-26 06:16 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-26 06:16 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-26 06:16 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-26 06:16 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-26 06:16 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-26 06:16 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-26 06:16 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-26 06:16 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-26 06:16 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-26 06:16 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-26 06:16 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-26 06:16 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-26 06:16 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-26 06:16 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-26 06:16 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-26 06:16 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-26 06:16 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-26 06:16 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-26 06:16 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-26 06:16 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-26 06:16 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-26 06:16 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-26 06:16 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-26 06:16 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-26 06:16 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-26 06:16 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-26 06:16 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-26 06:16 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-26 06:16 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-26 06:16 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-26 06:16 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-26 06:16 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-26 06:16 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-26 06:16 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-26 06:16 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-26 06:16 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-26 02:28 - 2015-07-26 02:28 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-07 22:40 - 2015-07-26 00:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-07 10:33 - 2015-07-07 10:33 - 00000000 ____D C:\Users\Daniel\AppData\Local\{4BAEA186-020B-4086-B44A-FF6BF01F00F6}
2015-06-30 12:58 - 2015-06-30 12:58 - 00000000 ____D C:\Users\Daniel\AppData\Local\PDF24
2015-06-30 12:57 - 2015-06-30 12:57 - 00001083 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-06-30 12:57 - 2015-06-30 12:57 - 00001063 _____ C:\Users\Public\Desktop\PDF24 Fax.lnk
2015-06-30 12:57 - 2015-06-30 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-06-30 12:57 - 2015-06-30 12:57 - 00000000 ____D C:\Program Files (x86)\PDF24
2015-06-30 12:51 - 2015-06-30 12:51 - 01198368 _____ C:\Users\Daniel\Downloads\PDF24 Creator - CHIP-Installer.exe
2015-06-30 12:24 - 2015-06-30 12:24 - 00493636 _____ C:\Users\Daniel\Desktop\Plakat (klein) – Party.rar
2015-06-30 12:22 - 2015-06-30 12:22 - 00522576 _____ C:\Users\Daniel\Desktop\Plakat (klein) – Party.pages
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-27 20:46 - 2012-10-21 10:54 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-27 20:05 - 2015-06-19 10:09 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1088146415-38023645-2323927296-1000UA.job
2015-07-27 20:03 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-27 20:03 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-27 20:00 - 2011-11-02 14:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-27 14:26 - 2011-08-05 18:38 - 00699432 _____ C:\Windows\system32\perfh007.dat
2015-07-27 14:26 - 2011-08-05 18:38 - 00149572 _____ C:\Windows\system32\perfc007.dat
2015-07-27 14:26 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-27 11:07 - 2011-08-30 19:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\Microsoft Help
2015-07-27 10:50 - 2011-08-30 14:55 - 00117064 _____ C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-27 10:34 - 2011-08-10 16:29 - 01479692 _____ C:\Windows\WindowsUpdate.log
2015-07-27 09:43 - 2014-03-29 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-07-27 09:43 - 2012-10-03 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
2015-07-27 09:43 - 2011-11-03 01:02 - 00000000 ____D C:\Windows\Minidump
2015-07-27 09:36 - 2013-10-14 15:57 - 00117064 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-27 09:35 - 2013-08-19 22:50 - 00000000 ____D C:\Program Files (x86)\Avira
2015-07-27 09:08 - 2013-10-14 15:56 - 00000000 ____D C:\Users\Admin
2015-07-27 09:03 - 2014-08-28 12:56 - 00000000 ____D C:\Users\Daniel\AppData\Local\LogMeIn Hamachi
2015-07-27 09:03 - 2013-11-11 18:21 - 00000000 ___RD C:\Users\Daniel\Dropbox
2015-07-27 09:03 - 2013-11-11 18:14 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Dropbox
2015-07-27 09:03 - 2012-03-01 13:40 - 00000040 ___SH C:\ProgramData\.zreglib
2015-07-27 09:03 - 2011-11-02 14:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-27 09:03 - 2011-08-30 16:30 - 00000000 ____D C:\ProgramData\clear.fi
2015-07-27 04:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-27 03:50 - 2014-08-28 13:11 - 00001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-07-27 03:50 - 2014-08-28 13:10 - 00000992 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-07-27 03:25 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-27 03:25 - 2009-07-14 06:45 - 00434424 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-27 03:22 - 2014-12-10 04:19 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-27 03:22 - 2014-04-30 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-27 03:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-27 03:05 - 2011-08-30 19:27 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-27 02:05 - 2015-06-19 10:09 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1088146415-38023645-2323927296-1000Core.job
2015-07-27 01:52 - 2012-10-21 10:54 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-27 01:52 - 2011-09-02 17:47 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-27 00:40 - 2014-08-28 13:10 - 00000000 ____D C:\Program Files (x86)\LogMeIn
2015-07-27 00:37 - 2014-08-28 13:10 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2015-07-27 00:37 - 2014-08-28 13:10 - 00092520 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2015-07-27 00:37 - 2014-08-28 13:10 - 00035688 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2015-07-27 00:34 - 2014-08-28 12:56 - 00000000 ____D C:\ProgramData\LogMeIn
2015-07-26 18:10 - 2011-09-01 22:14 - 00000000 ____D C:\Users\Daniel\AppData\Local\Adobe
2015-07-26 17:30 - 2013-11-25 14:16 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2015-07-26 12:37 - 2014-08-05 11:12 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-26 03:06 - 2015-04-11 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-26 03:00 - 2015-04-11 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-26 00:33 - 2012-07-13 13:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-14 11:44 - 2014-09-05 22:34 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-07-10 09:48 - 2013-11-11 18:15 - 00008243 _____ C:\Windows\wininit.ini
2015-07-07 17:28 - 2014-04-30 11:00 - 00000000 ____D C:\Users\Daniel\Desktop\TSGHomepage
2015-07-06 11:44 - 2013-08-19 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-01 09:31 - 2013-08-19 22:50 - 00000000 ____D C:\ProgramData\Avira
2015-07-01 09:31 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-30 21:32 - 2015-01-21 19:58 - 00000000 ____D C:\Users\Daniel\Desktop\TSG Jugendwart
2015-06-30 13:08 - 2013-08-17 20:39 - 00000000 ____D C:\Users\Daniel\Desktop\Patricia
2015-06-30 11:40 - 2015-02-25 10:32 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Snz
2015-06-27 17:12 - 2012-05-30 19:52 - 00000000 ____D C:\Users\Daniel\Documents\Steuer
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-06-27 17:35 - 2012-06-27 17:35 - 0003584 _____ () C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-03-01 13:40 - 2015-07-27 09:03 - 0000040 ___SH () C:\ProgramData\.zreglib
2011-08-10 17:09 - 2011-08-10 17:11 - 0014802 _____ () C:\ProgramData\ArcadeDeluxe5.log
2011-03-16 14:39 - 2010-03-02 23:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2012-02-16 12:59 - 2014-04-24 16:11 - 0013764 _____ () C:\ProgramData\hpzinstall.log
Einige Dateien in TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\avgnt.exe
C:\Users\Daniel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqyzeeu.dll
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert
==================== Ende von log ============================
Addition: [CODE]Zusätzliches FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:26-07-2015
durchgeführt von Daniel an 2015-07-27 20:53:33
Gestartet von C:\Users\Daniel\Downloads
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Admin (S-1-5-21-1088146415-38023645-2323927296-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-1088146415-38023645-2323927296-500 - Administrator - Disabled)
Daniel (S-1-5-21-1088146415-38023645-2323927296-1000 - Limited - Enabled) => C:\Users\Daniel
Gast (S-1-5-21-1088146415-38023645-2323927296-501 - Limited - Disabled)
LogMeInRemoteUser (S-1-5-21-1088146415-38023645-2323927296-1002 - Administrator - Enabled) => C:\Users\LogMeInRemoteUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0225.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3005 - Acer Incorporated)
Acoustica MP3 To Wave Converter PLUS (HKLM-x32\...\Acoustica MP3 To Wave Converter PLUS) (Version: 2.5 - Acoustica, Inc.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Amazon Cloud Player (HKU\S-1-5-21-1088146415-38023645-2323927296-1000\...\Amazon Amazon Cloud Player) (Version: 2.2.0.399 - Amazon Services LLC)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.0.0.0 - SlySoft)
ATI AVIVO64 Codecs (Version: 11.6.0.10218 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{B64BEED7-3DC2-53FF-6FDC-D8B636B585A4}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
Avira (HKLM-x32\...\{8467e01f-0496-42ce-b247-88ef205b4880}) (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.579 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.6.10.1246 - Avira Operations GmbH & Co. KG)
B109a-m (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
BCL ALLPDF Converter 3.0 (HKLM\...\{67FBF90D-1D1A-410B-956A-E7A8778A9223}) (Version: 3.0.8 - BCL Technologies)
BCL easyPDF Printer 6 (HKLM\...\{8EAF3C82-921D-47E1-8685-B36B4E6B5039}) (Version: 6.3.17 - BCL Technologies)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.0.7 - BlueJ Team)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1720.15 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.1720.15 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7713 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3007 - Acer Incorporated)
CLIQZ (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 1.0.0 - CLIQZ.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-1088146415-38023645-2323927296-1000\...\Dropbox) (Version: 3.6.9 - Dropbox, Inc.)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version: - DVD Shrink)
DynaGeo 3.8c (HKLM-x32\...\DynaGeo_is1) (Version: - Roland Mechling)
E.M. Free Photo Collage 1.30 (HKLM-x32\...\E.M. Free Photo Collage 1.30_is1) (Version: - EffectMatrix, Inc.)
E.M. Multilayer Image Processing SDK 1.30 (HKLM-x32\...\E.M. Multilayer Image Processing SDK 1.30_is1) (Version: - EffectMatrix, Inc.)
Epson Benutzerhandbuch WF-2540 Series (HKLM-x32\...\WF-2540 Series Useg) (Version: - )
Epson Connect Guide (HKLM-x32\...\Epson Connect Guide) (Version: - )
Epson Easy Photo Print 2 (HKLM-x32\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.31.00 - SEIKO EPSON CORPORATION)
Epson Netzwerkhandbuch WF-2540 Series (HKLM-x32\...\WF-2540 Series Netg) (Version: - )
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WF-2540 Series Printer Uninstall (HKLM\...\EPSON WF-2540 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Etron USB3.0 Host Controller (x32 Version: 0.103 - Etron Technology) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Studio version 5.7.4.918 (HKLM-x32\...\Free Studio_is1) (Version: 5.7.4.918 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.31.917 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.31.917 - DVDVideoSoft Ltd.)
Funktionenplotter 15.1 (HKLM-x32\...\Der ultimative Funktionenplotter_is1) (Version: 15.1 - Werner Brandes)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GeoGebra (HKLM-x32\...\GeoGebra) (Version: 4.0.16.0 - International GeoGebra Institute)
Google Chrome Frame (HKLM-x32\...\{8618AE04-1210-3C32-A8C3-45A5E44CD340}) (Version: 65.169.107 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Gpg4win (2.2.3) (HKLM-x32\...\GPG4Win) (Version: 2.2.3 - The Gpg4win Project)
Haufe iDesk-Browser (HKLM-x32\...\{0F32914F-A633-4516-B531-7084C8F19F93}) (Version: 10.10.14.0000 - Haufe-Lexware GmbH & Co. KG)
Haufe iDesk-Browser (HKLM-x32\...\{56FDB311-6511-11DE-832F-0050560400B1}) (Version: 9.06.30.7144 - Haufe)
Haufe iDesk-Service (HKLM-x32\...\{27F10580-E040-11DF-8C28-005056B12123}) (Version: 10.10.25.7810 - Haufe)
Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: 7.0.28130 - Hauppauge Computer Works)
Hauppauge WinTV Infrared Remote (HKLM-x32\...\Hauppauge WinTV Infrared Remote) (Version: 2.66.28078 - Hauppauge Computer Works, Inc.)
HP Photosmart B109a-m All-in-One Driver 14.0 Rel. 6 (HKLM\...\{A253A57F-4319-49B5-B405-64587FFBCFE2}) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Acer Incorporated)
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java SE Development Kit 7 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170050}) (Version: 1.7.0.50 - Oracle)
Java(TM) 6 Update 2 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160020}) (Version: 1.6.0.20 - Sun Microsystems, Inc.)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
JavaFX 2.1.1 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-211648764D10}) (Version: 2.1.1 - Oracle Corporation)
JavaFX 2.1.1 SDK (64-bit) (HKLM\...\{2222706F-666A-4037-7777-211648764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Klett Begleit-CD LS NW 8 (HKLM-x32\...\Klett Begleit-CD LS NW 8) (Version: - )
Konz 2012 (HKLM-x32\...\InstallShield_{1D33BCF7-B5B6-4148-B888-9CC2EC208556}) (Version: 1.00.0000 - USM)
Konz 2012 (x32 Version: 1.00.0000 - USM) Hidden
Lexware Info Service (HKLM-x32\...\{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}) (Version: 2.70.00.0081 - Haufe-Lexware GmbH & Co.KG)
LOCAD2004 (HKLM-x32\...\LOCAD2004) (Version: - )
LogMeIn (HKLM-x32\...\{9905E4C1-14D8-4522-88FE-FD00B51A20DC}) (Version: 4.1.4408 - LogMeIn, Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.377 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.377 - LogMeIn, Inc.) Hidden
LyX 2.1.1 (Installiert für den aktuellen Benutzer) (HKU\S-1-5-21-1088146415-38023645-2323927296-1000\...\LyX211) (Version: 2.1.1 - LyX Team)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MiKTeX 2.9 (HKU\S-1-5-21-1088146415-38023645-2323927296-1000\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Movies Toolbar for Firefox (Dist. by Bandoo Media, Inc.) (HKLM-x32\...\ilividmoviestoolbar181FF) (Version: 1.8.1.0 - IAC Search and Media) <==== ATTENTION
Movies Toolbar for Internet Explorer (Dist. by Bandoo Media, Inc.) (HKLM-x32\...\ilividmoviestoolbar181IE) (Version: 1.8.1.0 - IAC Search and Media) <==== ATTENTION
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.4.0 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
MyWinLocker (Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.11 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDF24 Creator 7.0.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PS_AIO_06_B109a-m_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Python 3.2.2 (HKLM-x32\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFD}) (Version: 3.2.2150 - Python Software Foundation)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.36.1224.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6257 - Realtek Semiconductor Corp.)
Reise nach Nordland (HKLM-x32\...\Reise nach Nordland) (Version: - )
ROBOPro (fischertechnik) Programm (HKU\S-1-5-21-1088146415-38023645-2323927296-1000\...\ROBOProFischertechnik) (Version: - )
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shredder (Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.7 - Egis Technology Inc.) Hidden
SmartTools Office DDE-Fix (HKLM-x32\...\SmartTools PublishingOffice DDE-Fixv1.20) (Version: v1.20 - SmartTools Publishing)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
Steganos Online Shield (HKLM-x32\...\{896614ED-00BD-4E0C-99AB-01C76EE416D9}) (Version: 1.4.16 - Steganos Software GmbH)
Steuer 2007 (HKLM-x32\...\{5E8C42DD-7E43-462C-84CC-99E5BBE3E101}) (Version: 14.00 - Lexware)
Steuer 2007 (x32 Version: 14.00 - Lexware) Hidden
Steuer 2008 (HKLM-x32\...\{6181E138-C21C-471C-9238-F2F59C314C6C}) (Version: 15.00.00.0033 - Lexware)
Steuer 2008 (x32 Version: 15.00.00.0033 - Lexware) Hidden
Steuer 2009 (HKLM-x32\...\{410AB9BC-B057-4D39-9260-660EE1B4BED2}) (Version: 16.00.00.0039 - Lexware GmbH & Co. KG)
Steuer 2010 (HKLM-x32\...\{4B526075-AF27-47A2-860D-3DA92928A051}) (Version: 17.00.00.0062 - Haufe-Lexware GmbH & Co.KG)
Steuer 2011 (HKLM-x32\...\{4785CED6-73B3-45FA-AFE6-EDEDFDE67842}) (Version: 19.00.7304 - Buhl Data Service GmbH)
Steuer Hilfesammlung (HKLM-x32\...\{67DABCB4-239C-4E02-805E-DEA0DDCB1926}) (Version: 15.0.0.0 - Haufe Mediengruppe)
Steuer Hilfesammlung (HKLM-x32\...\{B754B683-E23C-4583-9312-50AD86836B42}) (Version: 14.0.0.0 - Haufe Mediengruppe)
Steuer-Hilfesammlung 2009 (HKLM-x32\...\{C3542652-4C59-4A96-982A-06EBB3F47819}) (Version: 16.0.0.0 - Haufe Mediengruppe)
Steuer-Hilfesammlung 2010 (HKLM-x32\...\{3BEFC315-7F74-4F71-B704-2CAF4DC046BB}) (Version: 17.0.0.0 - Haufe-Lexware GmbH & Co. KG)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 1.1.5 (HKLM-x32\...\VLC media player) (Version: 1.1.5 - VideoLAN)
VSO Downloader 2.9.6.6 (HKLM-x32\...\{DB70FB55-1515-4C75-95C8-FFBD5FE041F8}_is1) (Version: 2.9.6.6 - VSO Software)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - )
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
ATTENTION: Systemwiederherstellung ist deaktiviert
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job =>
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1088146415-38023645-2323927296-1000Core.job => C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1088146415-38023645-2323927296-1000UA.job => C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job =>
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job =>
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2009-01-22 01:45 - 2009-01-22 01:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2011-09-22 08:48 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2013-12-10 19:43 - 2013-12-12 21:56 - 03145536 _____ () C:\Users\Daniel\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2011-07-07 15:55 - 2011-07-07 15:55 - 02364416 _____ () C:\Program Files\BCL Technologies\ALLPDF 3\eptray.exe
2011-06-17 18:07 - 2011-06-17 18:07 - 00831488 _____ () C:\Program Files\Common Files\BCL Technologies\ALLPDF6\bepprint.dll
2011-02-18 18:36 - 2011-02-18 18:36 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-08-26 14:51 - 2010-08-26 14:51 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-11-03 13:14 - 2010-04-10 04:21 - 00022528 _____ () C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServerps.dll
2015-07-27 09:03 - 2015-07-27 09:03 - 00043008 ____N () c:\users\daniel\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqyzeeu.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-06-30 12:57 - 2015-06-24 10:37 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll
2015-06-30 12:57 - 2015-06-24 10:37 - 00051232 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll
2011-05-20 11:13 - 2011-05-20 11:13 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2014-03-29 00:59 - 2014-03-29 00:59 - 01100784 _____ () C:\Program Files (x86)\Steganos Online Shield\avcodec-53.dll
2014-03-29 00:59 - 2014-03-29 00:59 - 00124400 _____ () C:\Program Files (x86)\Steganos Online Shield\avutil-51.dll
2014-03-29 00:59 - 2014-03-29 00:59 - 00191984 _____ () C:\Program Files (x86)\Steganos Online Shield\avformat-53.dll
2009-02-26 14:46 - 2009-02-26 14:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 12:46 - 2011-06-22 12:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Daniel\Desktop\Plakat (klein) – Party.pages:com.dropbox.attributes
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer trusted/restricted ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1088146415-38023645-2323927296-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{02B923C1-9327-47B0-AF8B-69C1A1630BC8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7691D91E-AF89-4F9A-83FD-8B878D1F5FCE}] => (Allow) LPort=2869
FirewallRules: [{6A6DA178-35FD-4264-BD36-2339129E44EC}] => (Allow) LPort=1900
FirewallRules: [{B0868073-8BAB-477D-BC8E-FFFF71F9323C}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{FCC3BBCF-6D41-4928-8324-2C767C582FC7}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{FBFB6F42-D0FF-49F4-A366-7D02CEE168A6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{67D720A8-5A4C-40AE-8811-436757F73244}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{33C280C0-43C8-4147-BA6B-F8C0A53BBE72}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{2EF80DC0-937A-4361-A338-F9BDDB39ECED}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{5566B57F-4403-4A3B-8E98-0817C81E6CB5}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{B5D3F706-9866-4A84-98D2-7F755EF0D2A9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{E84536E6-E502-417E-8836-CF17CC35267F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{E60AA6F0-D274-45D0-A76E-9F143CA972AF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{45385446-F846-435F-A3B1-4CA01BBE66CF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{C39DA0BE-5275-4486-A006-2F9691F6B988}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{16555E27-C525-40F3-8AB0-7E35FA30F939}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{5A0D4804-B68E-4DC2-AFA2-18477B15FA0D}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{6E6620CF-6380-497D-BEE1-ECFB7994015A}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{AA57A6B7-EEF8-4A44-80D1-2941DCB9C2AF}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{7D8F0041-B7FC-4C55-932F-1CA617C8AEDD}] => (Allow) C:\Program Files (x86)\VSO\VSO Downloader\2\VsoDownloader.exe
FirewallRules: [{485E5BFA-FDFF-4180-A530-63E1FCF11E94}] => (Allow) C:\Program Files (x86)\VSO\VSO Downloader\2\VsoDownloader.exe
FirewallRules: [TCP Query User{8C9F6752-04A3-45D2-8B0B-7F70A917537C}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{EDF77D42-BFB0-4554-8918-77853ED8C7C7}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{5E69BDB9-3C20-4F99-B623-33920D241C51}] => (Allow) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7892101A-69A7-4082-99FE-28A91AA69320}] => (Allow) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{059EA238-FD09-4EE6-A4A7-136B8B833FFD}] => (Allow) C:\Program Files (x86)\ilividmoviestoolbar181\IE\dtuser.exe
FirewallRules: [{1CA65920-D482-4EE9-8B26-A95E9F74D671}] => (Allow) C:\Program Files (x86)\ilividmoviestoolbar181\IE\dtuser.exe
FirewallRules: [TCP Query User{C07C451F-0DCE-49AF-8B51-AF5928C28DF2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{EC465FE8-256C-4A3D-939E-4D43A599D29B}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{E47638F2-0299-4751-81E8-1E18EC4E2A82}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{3AF29F1A-F126-4C79-9EE0-F5D74E1BEFD0}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{7D01E60B-924E-44BF-B174-1AB4B0C18C91}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{706D5D51-0D26-46EE-94DC-F6A64ACE8CB6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{9D58F428-DB54-49E6-A5B2-2F67C79D6894}C:\users\daniel\appdata\roaming\steganos\onlineshield\proxy\node.exe] => (Allow) C:\users\daniel\appdata\roaming\steganos\onlineshield\proxy\node.exe
FirewallRules: [UDP Query User{323D7378-2532-4122-8030-F14488562634}C:\users\daniel\appdata\roaming\steganos\onlineshield\proxy\node.exe] => (Allow) C:\users\daniel\appdata\roaming\steganos\onlineshield\proxy\node.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/27/2015 09:36:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OnlineShieldClient.exe, Version: 1.4.16.11329, Zeitstempel: 0x559e3f4d
Name des fehlerhaften Moduls: OnlineShieldClient.exe, Version: 1.4.16.11329, Zeitstempel: 0x559e3f4d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003f68a
ID des fehlerhaften Prozesses: 0x1760
Startzeit der fehlerhaften Anwendung: 0xOnlineShieldClient.exe0
Pfad der fehlerhaften Anwendung: OnlineShieldClient.exe1
Pfad des fehlerhaften Moduls: OnlineShieldClient.exe2
Berichtskennung: OnlineShieldClient.exe3
Error: (07/27/2015 03:26:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2015 06:11:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (07/26/2015 12:32:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (07/26/2015 02:19:45 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (07/26/2015 12:48:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2015 12:34:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/11/2015 03:09:00 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (07/10/2015 12:11:04 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (07/05/2015 12:40:32 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Systemfehler:
=============
Error: (07/27/2015 09:35:26 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 20.
Error: (07/27/2015 03:50:11 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (07/27/2015 03:25:44 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Email-Schutz" wurde mit folgendem dienstspezifischem Fehler beendet: %%1.
Error: (07/26/2015 12:47:53 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Email-Schutz" wurde mit folgendem dienstspezifischem Fehler beendet: %%1.
Error: (07/26/2015 12:33:49 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Email-Schutz" wurde mit folgendem dienstspezifischem Fehler beendet: %%1.
Error: (07/01/2015 09:31:49 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Email-Schutz" wurde mit folgendem dienstspezifischem Fehler beendet: %%1.
Error: (06/11/2015 03:23:11 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Email-Schutz" wurde mit folgendem dienstspezifischem Fehler beendet: %%1.
Error: (06/07/2015 08:38:50 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (06/07/2015 08:33:14 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {4C785741-7F95-4309-B372-41BF7CD4804C}
Error: (06/06/2015 08:38:47 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Microsoft Office:
=========================
Error: (03/06/2015 09:03:44 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6715.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 132335 seconds with 4020 seconds of active time. This session ended with a crash.
Error: (02/11/2015 08:30:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6712.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1340453 seconds with 660 seconds of active time. This session ended with a crash.
Error: (02/04/2015 06:25:02 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6712.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 728136 seconds with 780 seconds of active time. This session ended with a crash.
Error: (11/18/2014 05:22:44 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 86841 seconds with 120 seconds of active time. This session ended with a crash.
Error: (11/20/2013 08:46:42 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 210 seconds with 0 seconds of active time. This session ended with a crash.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-2300 CPU @ 2.80GHz
Percentage of memory in use: 39%
Total physical RAM: 8174.47 MB
Available physical RAM: 4928.13 MB
Total Virtual: 16347.15 MB
Available Virtual: 12559.64 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:457.45 GB) (Free:327.31 GB) NTFS
Drive d: (DATA) (Fixed) (Total:457.96 GB) (Free:457.86 GB) NTFS
Drive i: () (Removable) (Total:14.83 GB) (Free:4.37 GB) FAT32
Drive l: (Iomega_HDD) (Fixed) (Total:931.51 GB) (Free:265.61 GB) NTFS
Drive m: (Elements) (Fixed) (Total:931.51 GB) (Free:517.16 GB) NTFS
==================== MBR & Partition Table ==================
==================== Ende von log ============================
Hoffe es ist alles was du brauchst  LG Daniel ps ich kann mich auch zum Administrator auf meinem Rechner machen. Schreibe gerade nur unter einem anderen Account. |
|
28.07.2015, 11:13
| #4 |
| /// the machine /// TB-Ausbilder | Lösung: Outlook 2007 möchte mehrere Mails versenden obwohl keine Mails im Ausgangsordner existieren Ja bitte, unsere Tools brauchen immer Adminrechte. Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.07.2015, 12:25
| #5 |
| | Wie Outlook 2007 möchte mehrere Mails versenden obwohl keine Mails im Ausgangsordner existieren Hey Schrauber, danke für die ausführliche Antwort hier nun meine Ergebnisse: Hier der mbar log: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.07.28.02
rootkit: v2015.07.22.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17914
Admin :: DEEPTHOUGHT [administrator]
28.07.2015 13:00:22
mbar-log-2015-07-28 (13-00-22).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 468216
Time elapsed: 15 minute(s), 44 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
TDSSKiller war ohne Ergebnis: Code:
ATTFilter 13:21:10.0467 0x10cc TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
13:21:14.0096 0x10cc ============================================================
13:21:14.0096 0x10cc Current date / time: 2015/07/28 13:21:14.0096
13:21:14.0096 0x10cc SystemInfo:
13:21:14.0096 0x10cc
13:21:14.0096 0x10cc OS Version: 6.1.7601 ServicePack: 1.0
13:21:14.0096 0x10cc Product type: Workstation
13:21:14.0096 0x10cc ComputerName: DEEPTHOUGHT
13:21:14.0097 0x10cc UserName: Admin
13:21:14.0097 0x10cc Windows directory: C:\Windows
13:21:14.0097 0x10cc System windows directory: C:\Windows
13:21:14.0097 0x10cc Running under WOW64
13:21:14.0097 0x10cc Processor architecture: Intel x64
13:21:14.0097 0x10cc Number of processors: 4
13:21:14.0097 0x10cc Page size: 0x1000
13:21:14.0097 0x10cc Boot type: Normal boot
13:21:14.0097 0x10cc ============================================================
13:21:14.0317 0x10cc KLMD registered as C:\Windows\system32\drivers\01501971.sys
13:21:14.0661 0x10cc System UUID: {8A0F3218-796C-B24D-841D-D3E3A8E1871C}
13:21:14.0957 0x10cc Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:21:14.0962 0x10cc Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:21:14.0967 0x10cc Drive \Device\Harddisk4\DR4 - Size: 0x3B5980000 ( 14.84 Gb ), SectorSize: 0x200, Cylinders: 0x790, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:21:14.0973 0x10cc Drive \Device\Harddisk7\DR7 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:21:14.0985 0x10cc ============================================================
13:21:14.0985 0x10cc \Device\Harddisk0\DR0:
13:21:14.0986 0x10cc MBR partitions:
13:21:14.0986 0x10cc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2000800, BlocksNum 0x32000
13:21:14.0986 0x10cc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2032800, BlocksNum 0x392E7000
13:21:14.0986 0x10cc \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B319800, BlocksNum 0x393EC800
13:21:14.0986 0x10cc \Device\Harddisk1\DR1:
13:21:14.0986 0x10cc MBR partitions:
13:21:14.0986 0x10cc \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
13:21:14.0986 0x10cc \Device\Harddisk4\DR4:
13:21:14.0987 0x10cc MBR partitions:
13:21:14.0987 0x10cc \Device\Harddisk4\DR4\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x1DAAC00
13:21:14.0987 0x10cc \Device\Harddisk7\DR7:
13:21:14.0988 0x10cc MBR partitions:
13:21:14.0988 0x10cc \Device\Harddisk7\DR7\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x747065B0
13:21:14.0988 0x10cc ============================================================
13:21:15.0001 0x10cc C: <-> \Device\Harddisk0\DR0\Partition2
13:21:15.0030 0x10cc D: <-> \Device\Harddisk0\DR0\Partition3
13:21:15.0048 0x10cc L: <-> \Device\Harddisk1\DR1\Partition1
13:21:15.0051 0x10cc M: <-> \Device\Harddisk7\DR7\Partition1
13:21:15.0051 0x10cc ============================================================
13:21:15.0051 0x10cc Initialize success
13:21:15.0051 0x10cc ============================================================
13:21:33.0503 0x2d34 ============================================================
13:21:33.0503 0x2d34 Scan started
13:21:33.0503 0x2d34 Mode: Manual;
13:21:33.0503 0x2d34 ============================================================
13:21:33.0503 0x2d34 KSN ping started
13:21:36.0289 0x2d34 KSN ping finished: true
13:21:37.0055 0x2d34 ================ Scan system memory ========================
13:21:37.0055 0x2d34 System memory - ok
13:21:37.0055 0x2d34 ================ Scan services =============================
13:21:37.0171 0x2d34 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:21:37.0180 0x2d34 1394ohci - ok
13:21:37.0239 0x2d34 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:21:37.0250 0x2d34 ACPI - ok
13:21:37.0265 0x2d34 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:21:37.0267 0x2d34 AcpiPmi - ok
13:21:37.0361 0x2d34 [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:21:37.0370 0x2d34 AdobeFlashPlayerUpdateSvc - ok
13:21:37.0409 0x2d34 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:21:37.0424 0x2d34 adp94xx - ok
13:21:37.0447 0x2d34 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:21:37.0453 0x2d34 adpahci - ok
13:21:37.0466 0x2d34 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:21:37.0470 0x2d34 adpu320 - ok
13:21:37.0503 0x2d34 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:21:37.0506 0x2d34 AeLookupSvc - ok
13:21:37.0568 0x2d34 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
13:21:37.0581 0x2d34 AFD - ok
13:21:37.0633 0x2d34 [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AGERESoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
13:21:37.0667 0x2d34 AGERESoftModem - ok
13:21:37.0693 0x2d34 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
13:21:37.0695 0x2d34 agp440 - ok
13:21:37.0717 0x2d34 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
13:21:37.0721 0x2d34 ALG - ok
13:21:37.0744 0x2d34 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
13:21:37.0746 0x2d34 aliide - ok
13:21:37.0787 0x2d34 [ B9C8770F3061582DA3F9AB39071DEE37, 058C948F10B54EBDB95025A9EAC55F45CF3616BA834A1733B80A269E4ADF391B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:21:37.0794 0x2d34 AMD External Events Utility - ok
13:21:37.0815 0x2d34 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
13:21:37.0817 0x2d34 amdide - ok
13:21:37.0826 0x2d34 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:21:37.0830 0x2d34 AmdK8 - ok
13:21:38.0098 0x2d34 [ 31D7999C389C7F1EFFD4B861B64ECAA9, 50D9EE9F3D85D65ED50A87C70284FA130348464C314960EFED4232787016C7C8 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:21:38.0337 0x2d34 amdkmdag - ok
13:21:38.0356 0x2d34 [ 48E49CB63CB14E1A6EE80A14381213B0, 7A150F1D8B8C9FD5BFAB76C8999AD08F0771DE9D824D64F829B04E09CE29EB33 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
13:21:38.0362 0x2d34 amdkmdap - ok
13:21:38.0373 0x2d34 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
13:21:38.0376 0x2d34 AmdPPM - ok
13:21:38.0401 0x2d34 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:21:38.0404 0x2d34 amdsata - ok
13:21:38.0423 0x2d34 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:21:38.0430 0x2d34 amdsbs - ok
13:21:38.0442 0x2d34 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:21:38.0443 0x2d34 amdxata - ok
13:21:38.0568 0x2d34 [ 3358CAD1887DDDDD2A36B7796B579292, 40BA1A836276C2AA78914F294661C3C918F2D6DFAA9D6EF3FEB6D1EE3B07F584 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
13:21:38.0585 0x2d34 AntiVirMailService - ok
13:21:38.0657 0x2d34 [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:21:38.0697 0x2d34 AntiVirSchedulerService - ok
13:21:38.0742 0x2d34 [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:21:38.0752 0x2d34 AntiVirService - ok
13:21:38.0792 0x2d34 [ 6FD5165364D88FDABE4FA59E1768376F, B82D11E6FCC297F822E29A49D46C9985955C9F5676D107A397B00D0468F93504 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
13:21:38.0826 0x2d34 AntiVirWebService - ok
13:21:38.0867 0x2d34 [ 87C85800AD1C38933FDB8B6DF1E250FA, 37F69A1CB0E4D5125973DAA391934ABAA9F4CA3F91739A44472E12EABCD93E9E ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
13:21:38.0872 0x2d34 AnyDVD - ok
13:21:38.0919 0x2d34 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
13:21:38.0922 0x2d34 AppID - ok
13:21:38.0933 0x2d34 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:21:38.0935 0x2d34 AppIDSvc - ok
13:21:38.0977 0x2d34 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
13:21:38.0981 0x2d34 Appinfo - ok
13:21:38.0998 0x2d34 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
13:21:39.0002 0x2d34 arc - ok
13:21:39.0017 0x2d34 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:21:39.0020 0x2d34 arcsas - ok
13:21:39.0135 0x2d34 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:21:39.0137 0x2d34 aspnet_state - ok
13:21:39.0152 0x2d34 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:21:39.0154 0x2d34 AsyncMac - ok
13:21:39.0191 0x2d34 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
13:21:39.0193 0x2d34 atapi - ok
13:21:39.0238 0x2d34 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47, 172240231981162F67DD2CF13C6D8C807EFFCE9C24B476F2942BC3E1F41C1A71 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
13:21:39.0243 0x2d34 AtiHDAudioService - ok
13:21:39.0276 0x2d34 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:21:39.0293 0x2d34 AudioEndpointBuilder - ok
13:21:39.0308 0x2d34 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:21:39.0319 0x2d34 AudioSrv - ok
13:21:39.0375 0x2d34 [ CC1ABBD9E61B7AA5CCBB45EA87CB033F, 4E5DE485833721E19B36455C017B9D908BAA7D12637A878934A0FAF2326E000B ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:21:39.0381 0x2d34 avgntflt - ok
13:21:39.0397 0x2d34 [ 07C8454D3A94BA478752FAFA2B94E0FE, EB19396D4A6D51D6C33ED55C8EF0259045801D39CCE2945931F9163D6006C133 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:21:39.0403 0x2d34 avipbb - ok
13:21:39.0489 0x2d34 [ 17348FE28C0A0AB4A6CB86D177770335, 633FEDA61F62504534B47090EA142F73C5D80C0D52A22A6C81DF64CD3EAFDAA8 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
13:21:39.0495 0x2d34 Avira.ServiceHost - ok
13:21:39.0524 0x2d34 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:21:39.0526 0x2d34 avkmgr - ok
13:21:39.0567 0x2d34 [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
13:21:39.0570 0x2d34 avnetflt - ok
13:21:39.0606 0x2d34 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:21:39.0611 0x2d34 AxInstSV - ok
13:21:39.0682 0x2d34 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:21:39.0697 0x2d34 b06bdrv - ok
13:21:39.0735 0x2d34 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:21:39.0743 0x2d34 b57nd60a - ok
13:21:39.0765 0x2d34 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
13:21:39.0770 0x2d34 BDESVC - ok
13:21:39.0789 0x2d34 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
13:21:39.0790 0x2d34 Beep - ok
13:21:39.0842 0x2d34 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
13:21:39.0861 0x2d34 BFE - ok
13:21:39.0914 0x2d34 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
13:21:39.0930 0x2d34 BITS - ok
13:21:39.0966 0x2d34 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
13:21:39.0968 0x2d34 blbdrive - ok
13:21:39.0983 0x2d34 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:21:39.0987 0x2d34 bowser - ok
13:21:40.0000 0x2d34 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:21:40.0001 0x2d34 BrFiltLo - ok
13:21:40.0016 0x2d34 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:21:40.0017 0x2d34 BrFiltUp - ok
13:21:40.0055 0x2d34 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
13:21:40.0061 0x2d34 Browser - ok
13:21:40.0085 0x2d34 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:21:40.0093 0x2d34 Brserid - ok
13:21:40.0109 0x2d34 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:21:40.0111 0x2d34 BrSerWdm - ok
13:21:40.0123 0x2d34 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:21:40.0124 0x2d34 BrUsbMdm - ok
13:21:40.0134 0x2d34 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:21:40.0135 0x2d34 BrUsbSer - ok
13:21:40.0145 0x2d34 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:21:40.0148 0x2d34 BTHMODEM - ok
13:21:40.0168 0x2d34 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
13:21:40.0171 0x2d34 bthserv - ok
13:21:40.0182 0x2d34 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:21:40.0184 0x2d34 cdfs - ok
13:21:40.0198 0x2d34 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:21:40.0202 0x2d34 cdrom - ok
13:21:40.0213 0x2d34 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
13:21:40.0216 0x2d34 CertPropSvc - ok
13:21:40.0224 0x2d34 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
13:21:40.0226 0x2d34 circlass - ok
13:21:40.0269 0x2d34 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
13:21:40.0281 0x2d34 CLFS - ok
13:21:40.0332 0x2d34 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:21:40.0336 0x2d34 clr_optimization_v2.0.50727_32 - ok
13:21:40.0360 0x2d34 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:21:40.0364 0x2d34 clr_optimization_v2.0.50727_64 - ok
13:21:40.0452 0x2d34 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:21:40.0457 0x2d34 clr_optimization_v4.0.30319_32 - ok
13:21:40.0471 0x2d34 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:21:40.0476 0x2d34 clr_optimization_v4.0.30319_64 - ok
13:21:40.0490 0x2d34 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
13:21:40.0492 0x2d34 CmBatt - ok
13:21:40.0520 0x2d34 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:21:40.0522 0x2d34 cmdide - ok
13:21:40.0580 0x2d34 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
13:21:40.0596 0x2d34 CNG - ok
13:21:40.0638 0x2d34 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:21:40.0640 0x2d34 Compbatt - ok
13:21:40.0654 0x2d34 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:21:40.0656 0x2d34 CompositeBus - ok
13:21:40.0661 0x2d34 COMSysApp - ok
13:21:40.0678 0x2d34 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:21:40.0681 0x2d34 crcdisk - ok
13:21:40.0718 0x2d34 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:21:40.0726 0x2d34 CryptSvc - ok
13:21:40.0766 0x2d34 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:21:40.0784 0x2d34 DcomLaunch - ok
13:21:40.0851 0x2d34 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
13:21:40.0861 0x2d34 defragsvc - ok
13:21:40.0876 0x2d34 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:21:40.0879 0x2d34 DfsC - ok
13:21:40.0927 0x2d34 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:21:40.0939 0x2d34 Dhcp - ok
13:21:41.0036 0x2d34 [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
13:21:41.0079 0x2d34 DiagTrack - ok
13:21:41.0167 0x2d34 [ B54792D15F331EE083777E83EFE92573, BE3728CA2901487F093F08109CBBC7D83A5416B9D7FA69C1A3EE0C2B401A228F ] DirMngr C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
13:21:41.0174 0x2d34 DirMngr - ok
13:21:41.0183 0x2d34 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
13:21:41.0185 0x2d34 discache - ok
13:21:41.0193 0x2d34 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
13:21:41.0196 0x2d34 Disk - ok
13:21:41.0221 0x2d34 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:21:41.0225 0x2d34 Dnscache - ok
13:21:41.0239 0x2d34 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
13:21:41.0245 0x2d34 dot3svc - ok
13:21:41.0282 0x2d34 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
13:21:41.0285 0x2d34 Dot4 - ok
13:21:41.0312 0x2d34 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:21:41.0314 0x2d34 Dot4Print - ok
13:21:41.0330 0x2d34 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
13:21:41.0333 0x2d34 dot4usb - ok
13:21:41.0351 0x2d34 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
13:21:41.0357 0x2d34 DPS - ok
13:21:41.0402 0x2d34 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:21:41.0404 0x2d34 drmkaud - ok
13:21:41.0465 0x2d34 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:21:41.0487 0x2d34 DXGKrnl - ok
13:21:41.0500 0x2d34 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
13:21:41.0503 0x2d34 EapHost - ok
13:21:41.0594 0x2d34 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:21:41.0695 0x2d34 ebdrv - ok
13:21:41.0732 0x2d34 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS C:\Windows\System32\lsass.exe
13:21:41.0733 0x2d34 EFS - ok
13:21:41.0808 0x2d34 [ 03E6888DA1A85ACF14AC2A3C328A9E62, 120A7A10F6DAC991B91BFEC5430FD9F929E173AB513891B229F19A9BA4EC3998 ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
13:21:41.0814 0x2d34 EgisTec Ticket Service - ok
13:21:41.0874 0x2d34 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:21:41.0896 0x2d34 ehRecvr - ok
13:21:41.0901 0x2d34 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
13:21:41.0904 0x2d34 ehSched - ok
13:21:41.0940 0x2d34 [ A05FC7ECA0966EBB70E4D17B855A853B, 16A0C8138A3BBD8BE2658261131F9777940CFB1431018A10710E5C1A88AB70EA ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
13:21:41.0941 0x2d34 ElbyCDIO - ok
13:21:41.0977 0x2d34 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:21:41.0990 0x2d34 elxstor - ok
13:21:42.0017 0x2d34 [ 20ECD0A490A121CB34F553FAD1DBBD39, 17C9DA33E78FBC7582B0AA53C611929B80FBBE1343B84A179D515B51C964D218 ] EpsonScanSvc C:\Windows\system32\EscSvc64.exe
13:21:42.0020 0x2d34 EpsonScanSvc - ok
13:21:42.0030 0x2d34 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:21:42.0032 0x2d34 ErrDev - ok
13:21:42.0089 0x2d34 esgiguard - ok
13:21:42.0125 0x2d34 [ CFBA28FAB72E6A39ADD71D958F219648, 38752186452F1FC4C690BFC7BF624CCEFF44C81532CE5FB96FF1A7C577329A6A ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
13:21:42.0128 0x2d34 EtronHub3 - ok
13:21:42.0164 0x2d34 [ 0241CE183139FF15CEA7234058CCF995, 53D967163B5B69EDD621F44EC29594E6F2834D5AC2636D9C2E0616D153D9CE8E ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
13:21:42.0168 0x2d34 EtronXHCI - ok
13:21:42.0206 0x2d34 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
13:21:42.0220 0x2d34 EventSystem - ok
13:21:42.0253 0x2d34 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
13:21:42.0258 0x2d34 exfat - ok
13:21:42.0271 0x2d34 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:21:42.0276 0x2d34 fastfat - ok
13:21:42.0303 0x2d34 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
13:21:42.0316 0x2d34 Fax - ok
13:21:42.0330 0x2d34 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
13:21:42.0332 0x2d34 fdc - ok
13:21:42.0342 0x2d34 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
13:21:42.0344 0x2d34 fdPHost - ok
13:21:42.0357 0x2d34 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
13:21:42.0358 0x2d34 FDResPub - ok
13:21:42.0383 0x2d34 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:21:42.0387 0x2d34 FileInfo - ok
13:21:42.0404 0x2d34 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:21:42.0410 0x2d34 Filetrace - ok
13:21:42.0430 0x2d34 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
13:21:42.0432 0x2d34 flpydisk - ok
13:21:42.0450 0x2d34 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:21:42.0457 0x2d34 FltMgr - ok
13:21:42.0508 0x2d34 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
13:21:42.0542 0x2d34 FontCache - ok
13:21:42.0585 0x2d34 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:21:42.0587 0x2d34 FontCache3.0.0.0 - ok
13:21:42.0596 0x2d34 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:21:42.0599 0x2d34 FsDepends - ok
13:21:42.0632 0x2d34 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:21:42.0634 0x2d34 Fs_Rec - ok
13:21:42.0675 0x2d34 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:21:42.0683 0x2d34 fvevol - ok
13:21:42.0702 0x2d34 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:21:42.0706 0x2d34 gagp30kx - ok
13:21:42.0749 0x2d34 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
13:21:42.0771 0x2d34 gpsvc - ok
13:21:42.0828 0x2d34 [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
13:21:42.0829 0x2d34 GREGService - ok
13:21:42.0899 0x2d34 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:21:42.0902 0x2d34 gupdate - ok
13:21:42.0917 0x2d34 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:21:42.0920 0x2d34 gupdatem - ok
13:21:42.0937 0x2d34 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
13:21:42.0938 0x2d34 hamachi - ok
13:21:43.0080 0x2d34 [ 3FF6FCC221F5128BE77B13BF523F2614, CAB9E7CDEA2EF36E986F2B690C1F19084B30E7F2C28E22A87BA9DBECDAD31F96 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
13:21:43.0121 0x2d34 Hamachi2Svc - ok
13:21:43.0192 0x2d34 [ 1DBBF9BE473F6CA2F2F4182FCCF563DC, FDE8E845332C56DD72D9E2592777F6371A06D5C7030C1AD911DAC94F092227CA ] HauppaugeTVServer C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE
13:21:43.0209 0x2d34 HauppaugeTVServer - ok
13:21:43.0221 0x2d34 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:21:43.0223 0x2d34 hcw85cir - ok
13:21:43.0272 0x2d34 [ 2249B35899312A3AE137B23636B31763, 84E242456CFECB9F198836B818514C011F80F2879C29A1C5A277C1F9B96D3C5A ] hcw95bda C:\Windows\system32\Drivers\hcw95bda.sys
13:21:43.0285 0x2d34 hcw95bda - ok
13:21:43.0296 0x2d34 [ 3688D4B84E9F98F70A71D5B4B720940E, 67F6571C9613CED4CD3A9A7123122273C6274E012EB6AD5BE16BBDE458981AAB ] hcw95rc C:\Windows\system32\DRIVERS\hcw95rc.sys
13:21:43.0297 0x2d34 hcw95rc - ok
13:21:43.0318 0x2d34 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:21:43.0326 0x2d34 HdAudAddService - ok
13:21:43.0348 0x2d34 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:21:43.0351 0x2d34 HDAudBus - ok
13:21:43.0361 0x2d34 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
13:21:43.0363 0x2d34 HidBatt - ok
13:21:43.0375 0x2d34 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:21:43.0377 0x2d34 HidBth - ok
13:21:43.0403 0x2d34 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
13:21:43.0406 0x2d34 HidIr - ok
13:21:43.0423 0x2d34 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
13:21:43.0426 0x2d34 hidserv - ok
13:21:43.0465 0x2d34 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
13:21:43.0468 0x2d34 HidUsb - ok
13:21:43.0502 0x2d34 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:21:43.0506 0x2d34 hkmsvc - ok
13:21:43.0527 0x2d34 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:21:43.0536 0x2d34 HomeGroupListener - ok
13:21:43.0555 0x2d34 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:21:43.0563 0x2d34 HomeGroupProvider - ok
13:21:43.0579 0x2d34 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:21:43.0583 0x2d34 HpSAMD - ok
13:21:43.0638 0x2d34 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:21:43.0661 0x2d34 HTTP - ok
13:21:43.0670 0x2d34 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:21:43.0671 0x2d34 hwpolicy - ok
13:21:43.0688 0x2d34 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:21:43.0691 0x2d34 i8042prt - ok
13:21:43.0729 0x2d34 [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
13:21:43.0743 0x2d34 iaStor - ok
13:21:43.0800 0x2d34 [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
13:21:43.0801 0x2d34 IAStorDataMgrSvc - ok
13:21:43.0827 0x2d34 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:21:43.0841 0x2d34 iaStorV - ok
13:21:43.0893 0x2d34 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:21:43.0896 0x2d34 IDriverT - ok
13:21:43.0957 0x2d34 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:21:43.0976 0x2d34 idsvc - ok
13:21:44.0004 0x2d34 IEEtwCollectorService - ok
13:21:44.0021 0x2d34 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:21:44.0023 0x2d34 iirsp - ok
13:21:44.0088 0x2d34 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
13:21:44.0104 0x2d34 IKEEXT - ok
13:21:44.0229 0x2d34 [ A0C2C3D4C03C4FB896CFC53873784178, 7C2178B72D7B7B8FD9045A40656A4492ACF4527AAA0B7D9CB7881487AAD67D95 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:21:44.0325 0x2d34 IntcAzAudAddService - ok
13:21:44.0356 0x2d34 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
13:21:44.0358 0x2d34 intelide - ok
13:21:44.0391 0x2d34 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:21:44.0425 0x2d34 intelppm - ok
13:21:44.0446 0x2d34 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:21:44.0450 0x2d34 IPBusEnum - ok
13:21:44.0475 0x2d34 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:21:44.0478 0x2d34 IpFilterDriver - ok
13:21:44.0540 0x2d34 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:21:44.0557 0x2d34 iphlpsvc - ok
13:21:44.0574 0x2d34 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:21:44.0577 0x2d34 IPMIDRV - ok
13:21:44.0590 0x2d34 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:21:44.0593 0x2d34 IPNAT - ok
13:21:44.0605 0x2d34 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:21:44.0606 0x2d34 IRENUM - ok
13:21:44.0621 0x2d34 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:21:44.0623 0x2d34 isapnp - ok
13:21:44.0650 0x2d34 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:21:44.0656 0x2d34 iScsiPrt - ok
13:21:44.0670 0x2d34 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:21:44.0673 0x2d34 kbdclass - ok
13:21:44.0699 0x2d34 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:21:44.0702 0x2d34 kbdhid - ok
13:21:44.0721 0x2d34 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso C:\Windows\system32\lsass.exe
13:21:44.0723 0x2d34 KeyIso - ok
13:21:44.0751 0x2d34 [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:21:44.0756 0x2d34 KSecDD - ok
13:21:44.0777 0x2d34 [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:21:44.0783 0x2d34 KSecPkg - ok
13:21:44.0799 0x2d34 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:21:44.0801 0x2d34 ksthunk - ok
13:21:44.0841 0x2d34 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
13:21:44.0854 0x2d34 KtmRm - ok
13:21:44.0898 0x2d34 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:21:44.0908 0x2d34 LanmanServer - ok
13:21:44.0928 0x2d34 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:21:44.0935 0x2d34 LanmanWorkstation - ok
13:21:44.0993 0x2d34 [ 6BCEE9C766815BFFF89DE7D81AF34CE1, E10B9EFAF5D1E6596CFC7E3C9D5C3904EC8E82B16133B59BBC636F5E4D0AEB7F ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
13:21:45.0001 0x2d34 Live Updater Service - ok
13:21:45.0028 0x2d34 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:21:45.0032 0x2d34 lltdio - ok
13:21:45.0058 0x2d34 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:21:45.0070 0x2d34 lltdsvc - ok
13:21:45.0074 0x2d34 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:21:45.0077 0x2d34 lmhosts - ok
13:21:45.0143 0x2d34 [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
13:21:45.0156 0x2d34 LMIGuardianSvc - ok
13:21:45.0200 0x2d34 [ 0F28935ECF1FBDEC22BAF720A5A94564, A4E8E13FD7FE1882243AD7139D5E0925F09069616920382F952D79586A4936E7 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
13:21:45.0201 0x2d34 LMIInfo - ok
13:21:45.0249 0x2d34 [ 662EA0F617B4307122BD6B5BE51C52B0, 3B223899BD518C151A9178437182CCE9D368931F7A17587B3F37A21D677BB34F ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
13:21:45.0256 0x2d34 LMIMaint - ok
13:21:45.0294 0x2d34 [ 413ECDCFAD9A82804D3674C8D7EEC24E, C8A65ED0B079D16D1A4449E840B4A9475388FBE61B5A84DFEFC35F4FB3B9A9B1 ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
13:21:45.0295 0x2d34 lmimirr - ok
13:21:45.0309 0x2d34 LMIRfsClientNP - ok
13:21:45.0329 0x2d34 [ C57D3FAA50E6F395759FFB7C709BD944, 7B0B86F0E710934D57801E1F7BB048AD878F871147B2A16BBF81219A4022B499 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
13:21:45.0332 0x2d34 LMIRfsDriver - ok
13:21:45.0377 0x2d34 [ 50C7CE53EF461870410355F1F2E7D515, D6E84C63D74E4603D37FD7CC88BF51DE23CD17DB1D1AD4ADBED62F949F3C470C ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:21:45.0387 0x2d34 LMS - ok
13:21:45.0407 0x2d34 [ D3760BC17E1755091B7120CF32DBF56B, 2B31CA0CD838BEE0103054520E2FBEA2436A07D99E711B14543B85F3A511478F ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
13:21:45.0414 0x2d34 LogMeIn - ok
13:21:45.0440 0x2d34 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:21:45.0443 0x2d34 LSI_FC - ok
13:21:45.0470 0x2d34 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:21:45.0474 0x2d34 LSI_SAS - ok
13:21:45.0487 0x2d34 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:21:45.0490 0x2d34 LSI_SAS2 - ok
13:21:45.0511 0x2d34 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:21:45.0516 0x2d34 LSI_SCSI - ok
13:21:45.0532 0x2d34 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
13:21:45.0537 0x2d34 luafv - ok
13:21:45.0573 0x2d34 [ 5C3FF68267A5D242EE79EE01B993D6CE, 853637AC30A16698F2F583693E98B67104ECE5B8F80C6FB88266665162623B92 ] LVUSBS64 C:\Windows\system32\DRIVERS\LVUSBS64.sys
13:21:45.0576 0x2d34 LVUSBS64 - ok
13:21:45.0647 0x2d34 [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
13:21:45.0656 0x2d34 McComponentHostService - ok
13:21:45.0676 0x2d34 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:21:45.0680 0x2d34 Mcx2Svc - ok
13:21:45.0693 0x2d34 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
13:21:45.0695 0x2d34 megasas - ok
13:21:45.0716 0x2d34 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
13:21:45.0725 0x2d34 MegaSR - ok
13:21:45.0742 0x2d34 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
13:21:45.0744 0x2d34 MEIx64 - ok
13:21:45.0851 0x2d34 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
13:21:45.0855 0x2d34 Microsoft Office Groove Audit Service - ok
13:21:45.0872 0x2d34 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
13:21:45.0876 0x2d34 MMCSS - ok
13:21:45.0888 0x2d34 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
13:21:45.0891 0x2d34 Modem - ok
13:21:45.0902 0x2d34 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:21:45.0905 0x2d34 monitor - ok
13:21:45.0937 0x2d34 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:21:45.0940 0x2d34 mouclass - ok
13:21:45.0950 0x2d34 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:21:45.0953 0x2d34 mouhid - ok
13:21:45.0994 0x2d34 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:21:45.0998 0x2d34 mountmgr - ok
13:21:46.0037 0x2d34 [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:21:46.0042 0x2d34 MozillaMaintenance - ok
13:21:46.0063 0x2d34 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
13:21:46.0069 0x2d34 mpio - ok
13:21:46.0087 0x2d34 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:21:46.0091 0x2d34 mpsdrv - ok
13:21:46.0127 0x2d34 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:21:46.0143 0x2d34 MpsSvc - ok
13:21:46.0178 0x2d34 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:21:46.0182 0x2d34 MRxDAV - ok
13:21:46.0220 0x2d34 [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:21:46.0227 0x2d34 mrxsmb - ok
13:21:46.0250 0x2d34 [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:21:46.0259 0x2d34 mrxsmb10 - ok
13:21:46.0277 0x2d34 [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:21:46.0281 0x2d34 mrxsmb20 - ok
13:21:46.0322 0x2d34 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
13:21:46.0324 0x2d34 msahci - ok
13:21:46.0341 0x2d34 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:21:46.0347 0x2d34 msdsm - ok
13:21:46.0362 0x2d34 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
13:21:46.0367 0x2d34 MSDTC - ok
13:21:46.0389 0x2d34 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:21:46.0390 0x2d34 Msfs - ok
13:21:46.0415 0x2d34 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:21:46.0417 0x2d34 mshidkmdf - ok
13:21:46.0424 0x2d34 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:21:46.0425 0x2d34 msisadrv - ok
13:21:46.0447 0x2d34 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:21:46.0451 0x2d34 MSiSCSI - ok
13:21:46.0454 0x2d34 msiserver - ok
13:21:46.0469 0x2d34 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:21:46.0470 0x2d34 MSKSSRV - ok
13:21:46.0477 0x2d34 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:21:46.0478 0x2d34 MSPCLOCK - ok
13:21:46.0482 0x2d34 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:21:46.0483 0x2d34 MSPQM - ok
13:21:46.0505 0x2d34 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:21:46.0513 0x2d34 MsRPC - ok
13:21:46.0522 0x2d34 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:21:46.0523 0x2d34 mssmbios - ok
13:21:46.0526 0x2d34 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:21:46.0527 0x2d34 MSTEE - ok
13:21:46.0538 0x2d34 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
13:21:46.0539 0x2d34 MTConfig - ok
13:21:46.0550 0x2d34 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
13:21:46.0552 0x2d34 Mup - ok
13:21:46.0561 0x2d34 [ 9B1EAC6FAF6F37305E822F5588DC8056, AE0DC044159BB03EE8A39AE0682C8F6A78D89AD5A6192E7006D75850ECD50E9D ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
13:21:46.0562 0x2d34 mwlPSDFilter - ok
13:21:46.0569 0x2d34 [ AD55C1524B296280ED9C6E0D730D35DA, 8E5F9652CFCB325E131CEB2E4871126EB6F940DF7894B2E7F8241F1EF69920ED ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
13:21:46.0570 0x2d34 mwlPSDNServ - ok
13:21:46.0578 0x2d34 [ 2B599E6EC8843637BDD62E7F8F3BA201, 51EE657FC6CA4F2BCC24573B27379231EF30920A559423A860A278C59F4B9F98 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
13:21:46.0580 0x2d34 mwlPSDVDisk - ok
13:21:46.0603 0x2d34 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
13:21:46.0613 0x2d34 napagent - ok
13:21:46.0651 0x2d34 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:21:46.0658 0x2d34 NativeWifiP - ok
13:21:46.0711 0x2d34 [ 9D1CCE440552500DED3A62F9D779CDB4, C6B3B1C891A8BA3F91CC1EC21919C4F80F4C9CAF88971AB6CA11F09820601EBD ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
13:21:46.0726 0x2d34 NAUpdate - ok
13:21:46.0790 0x2d34 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
13:21:46.0808 0x2d34 NDIS - ok
13:21:46.0828 0x2d34 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:21:46.0829 0x2d34 NdisCap - ok
13:21:46.0857 0x2d34 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:21:46.0860 0x2d34 NdisTapi - ok
13:21:46.0867 0x2d34 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:21:46.0871 0x2d34 Ndisuio - ok
13:21:46.0882 0x2d34 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:21:46.0888 0x2d34 NdisWan - ok
13:21:46.0918 0x2d34 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:21:46.0921 0x2d34 NDProxy - ok
13:21:46.0974 0x2d34 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:21:46.0978 0x2d34 Net Driver HPZ12 - ok
13:21:46.0984 0x2d34 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:21:46.0987 0x2d34 NetBIOS - ok
13:21:47.0010 0x2d34 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:21:47.0019 0x2d34 NetBT - ok
13:21:47.0035 0x2d34 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon C:\Windows\system32\lsass.exe
13:21:47.0037 0x2d34 Netlogon - ok
13:21:47.0066 0x2d34 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
13:21:47.0079 0x2d34 Netman - ok
13:21:47.0129 0x2d34 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:21:47.0135 0x2d34 NetMsmqActivator - ok
13:21:47.0142 0x2d34 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:21:47.0147 0x2d34 NetPipeActivator - ok
13:21:47.0159 0x2d34 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
13:21:47.0170 0x2d34 netprofm - ok
13:21:47.0246 0x2d34 [ B72BB9496A126FCFC7FC5945DED9B411, FA5CC4E93761FB2B59B9B34C699B1486560BDB39280AB1125DE42DB7C4BE303A ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
13:21:47.0264 0x2d34 netr28x - ok
13:21:47.0270 0x2d34 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:21:47.0273 0x2d34 NetTcpActivator - ok
13:21:47.0277 0x2d34 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:21:47.0279 0x2d34 NetTcpPortSharing - ok
13:21:47.0297 0x2d34 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:21:47.0304 0x2d34 nfrd960 - ok
13:21:47.0355 0x2d34 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
13:21:47.0366 0x2d34 NlaSvc - ok
13:21:47.0507 0x2d34 [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
13:21:47.0552 0x2d34 NOBU - ok
13:21:47.0584 0x2d34 [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf C:\Windows\system32\drivers\npf.sys
13:21:47.0586 0x2d34 npf - ok
13:21:47.0593 0x2d34 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:21:47.0595 0x2d34 Npfs - ok
13:21:47.0599 0x2d34 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
13:21:47.0602 0x2d34 nsi - ok
13:21:47.0607 0x2d34 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:21:47.0609 0x2d34 nsiproxy - ok
13:21:47.0698 0x2d34 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:21:47.0744 0x2d34 Ntfs - ok
13:21:47.0758 0x2d34 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
13:21:47.0760 0x2d34 Null - ok
13:21:47.0805 0x2d34 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:21:47.0810 0x2d34 nvraid - ok
13:21:47.0831 0x2d34 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:21:47.0837 0x2d34 nvstor - ok
13:21:47.0853 0x2d34 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:21:47.0859 0x2d34 nv_agp - ok
13:21:47.0935 0x2d34 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:21:47.0949 0x2d34 odserv - ok
13:21:47.0964 0x2d34 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:21:47.0967 0x2d34 ohci1394 - ok
13:21:48.0082 0x2d34 [ B8DEA8FF85826EBC859653075785F7CA, CC74FF7BBD0B3DC2345AAECB147D8FA942A32B72CF78716A6F5FDA8C2E1DA194 ] Online Shield Starter Service C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe
13:21:48.0092 0x2d34 Online Shield Starter Service - ok
13:21:48.0135 0x2d34 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:21:48.0140 0x2d34 ose - ok
13:21:48.0338 0x2d34 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:21:48.0471 0x2d34 osppsvc - ok
13:21:48.0516 0x2d34 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:21:48.0523 0x2d34 p2pimsvc - ok
13:21:48.0538 0x2d34 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
13:21:48.0547 0x2d34 p2psvc - ok
13:21:48.0571 0x2d34 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
13:21:48.0574 0x2d34 Parport - ok
13:21:48.0603 0x2d34 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:21:48.0606 0x2d34 partmgr - ok
13:21:48.0641 0x2d34 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:21:48.0646 0x2d34 PcaSvc - ok
13:21:48.0661 0x2d34 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
13:21:48.0665 0x2d34 pci - ok
13:21:48.0672 0x2d34 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
13:21:48.0674 0x2d34 pciide - ok
13:21:48.0696 0x2d34 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:21:48.0701 0x2d34 pcmcia - ok
13:21:48.0717 0x2d34 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
13:21:48.0719 0x2d34 pcw - ok
13:21:48.0739 0x2d34 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:21:48.0751 0x2d34 PEAUTH - ok
13:21:48.0809 0x2d34 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:21:48.0811 0x2d34 PerfHost - ok
13:21:48.0912 0x2d34 [ 087A343DFC337F37723DD7912DE6B6CD, AE11C28A01D4FC2CCB36C5956D9414AEBA8AFC4A868047CC691F32CF31E44AAC ] PID_PEPI C:\Windows\system32\DRIVERS\LV302V64.SYS
13:21:48.0998 0x2d34 PID_PEPI - ok
13:21:49.0048 0x2d34 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
13:21:49.0090 0x2d34 pla - ok
13:21:49.0135 0x2d34 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:21:49.0151 0x2d34 PlugPlay - ok
13:21:49.0201 0x2d34 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:21:49.0205 0x2d34 Pml Driver HPZ12 - ok
13:21:49.0219 0x2d34 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:21:49.0222 0x2d34 PNRPAutoReg - ok
13:21:49.0244 0x2d34 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:21:49.0255 0x2d34 PNRPsvc - ok
13:21:49.0285 0x2d34 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:21:49.0309 0x2d34 PolicyAgent - ok
13:21:49.0322 0x2d34 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
13:21:49.0327 0x2d34 Power - ok
13:21:49.0354 0x2d34 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:21:49.0358 0x2d34 PptpMiniport - ok
13:21:49.0373 0x2d34 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
13:21:49.0376 0x2d34 Processor - ok
13:21:49.0412 0x2d34 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
13:21:49.0420 0x2d34 ProfSvc - ok
13:21:49.0433 0x2d34 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
13:21:49.0435 0x2d34 ProtectedStorage - ok
13:21:49.0468 0x2d34 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:21:49.0473 0x2d34 Psched - ok
13:21:49.0549 0x2d34 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:21:49.0593 0x2d34 ql2300 - ok
13:21:49.0615 0x2d34 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:21:49.0618 0x2d34 ql40xx - ok
13:21:49.0638 0x2d34 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
13:21:49.0644 0x2d34 QWAVE - ok
13:21:49.0655 0x2d34 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:21:49.0658 0x2d34 QWAVEdrv - ok
13:21:49.0667 0x2d34 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:21:49.0669 0x2d34 RasAcd - ok
13:21:49.0694 0x2d34 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:21:49.0696 0x2d34 RasAgileVpn - ok
13:21:49.0706 0x2d34 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
13:21:49.0711 0x2d34 RasAuto - ok
13:21:49.0726 0x2d34 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:21:49.0731 0x2d34 Rasl2tp - ok
13:21:49.0773 0x2d34 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
13:21:49.0787 0x2d34 RasMan - ok
13:21:49.0798 0x2d34 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:21:49.0801 0x2d34 RasPppoe - ok
13:21:49.0810 0x2d34 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:21:49.0812 0x2d34 RasSstp - ok
13:21:49.0826 0x2d34 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:21:49.0833 0x2d34 rdbss - ok
13:21:49.0846 0x2d34 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
13:21:49.0848 0x2d34 rdpbus - ok
13:21:49.0866 0x2d34 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:21:49.0867 0x2d34 RDPCDD - ok
13:21:49.0878 0x2d34 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:21:49.0879 0x2d34 RDPENCDD - ok
13:21:49.0900 0x2d34 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:21:49.0901 0x2d34 RDPREFMP - ok
13:21:49.0936 0x2d34 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:21:49.0943 0x2d34 RDPWD - ok
13:21:49.0967 0x2d34 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:21:49.0973 0x2d34 rdyboost - ok
13:21:49.0998 0x2d34 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:21:50.0002 0x2d34 RemoteAccess - ok
13:21:50.0010 0x2d34 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:21:50.0015 0x2d34 RemoteRegistry - ok
13:21:50.0024 0x2d34 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:21:50.0028 0x2d34 RpcEptMapper - ok
13:21:50.0033 0x2d34 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
13:21:50.0034 0x2d34 RpcLocator - ok
13:21:50.0058 0x2d34 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
13:21:50.0067 0x2d34 RpcSs - ok
13:21:50.0077 0x2d34 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:21:50.0080 0x2d34 rspndr - ok
13:21:50.0177 0x2d34 [ 712944C0A377E9B8743F95BD83E882D4, B437396B8D80EC8F121C93F18DE6F83D2DF7FC87D15D3DF8639D47EC28E0D1D4 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:21:50.0209 0x2d34 RTL8167 - ok
13:21:50.0224 0x2d34 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs C:\Windows\system32\lsass.exe
13:21:50.0226 0x2d34 SamSs - ok
13:21:50.0248 0x2d34 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:21:50.0253 0x2d34 sbp2port - ok
13:21:50.0272 0x2d34 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:21:50.0280 0x2d34 SCardSvr - ok
13:21:50.0286 0x2d34 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:21:50.0288 0x2d34 scfilter - ok
13:21:50.0328 0x2d34 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
13:21:50.0362 0x2d34 Schedule - ok
13:21:50.0378 0x2d34 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:21:50.0380 0x2d34 SCPolicySvc - ok
13:21:50.0389 0x2d34 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:21:50.0393 0x2d34 SDRSVC - ok
13:21:50.0401 0x2d34 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:21:50.0403 0x2d34 secdrv - ok
13:21:50.0410 0x2d34 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
13:21:50.0412 0x2d34 seclogon - ok
13:21:50.0439 0x2d34 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
13:21:50.0442 0x2d34 SENS - ok
13:21:50.0455 0x2d34 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:21:50.0459 0x2d34 SensrSvc - ok
13:21:50.0474 0x2d34 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
13:21:50.0476 0x2d34 Serenum - ok
13:21:50.0493 0x2d34 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
13:21:50.0498 0x2d34 Serial - ok
13:21:50.0536 0x2d34 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:21:50.0539 0x2d34 sermouse - ok
13:21:50.0559 0x2d34 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
13:21:50.0566 0x2d34 SessionEnv - ok
13:21:50.0578 0x2d34 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:21:50.0580 0x2d34 sffdisk - ok
13:21:50.0588 0x2d34 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:21:50.0590 0x2d34 sffp_mmc - ok
13:21:50.0604 0x2d34 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:21:50.0606 0x2d34 sffp_sd - ok
13:21:50.0617 0x2d34 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:21:50.0619 0x2d34 sfloppy - ok
13:21:50.0660 0x2d34 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:21:50.0670 0x2d34 SharedAccess - ok
13:21:50.0686 0x2d34 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:21:50.0695 0x2d34 ShellHWDetection - ok
13:21:50.0704 0x2d34 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
13:21:50.0705 0x2d34 SiSRaid2 - ok
13:21:50.0715 0x2d34 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:21:50.0718 0x2d34 SiSRaid4 - ok
13:21:50.0740 0x2d34 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:21:50.0743 0x2d34 Smb - ok
13:21:50.0774 0x2d34 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:21:50.0776 0x2d34 SNMPTRAP - ok
13:21:50.0788 0x2d34 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
13:21:50.0789 0x2d34 spldr - ok
13:21:50.0830 0x2d34 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
13:21:50.0841 0x2d34 Spooler - ok
13:21:50.0968 0x2d34 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
13:21:51.0087 0x2d34 sppsvc - ok
13:21:51.0104 0x2d34 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:21:51.0107 0x2d34 sppuinotify - ok
13:21:51.0129 0x2d34 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:21:51.0138 0x2d34 srv - ok
13:21:51.0154 0x2d34 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:21:51.0163 0x2d34 srv2 - ok
13:21:51.0169 0x2d34 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:21:51.0172 0x2d34 srvnet - ok
13:21:51.0209 0x2d34 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:21:51.0214 0x2d34 SSDPSRV - ok
13:21:51.0220 0x2d34 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:21:51.0223 0x2d34 SstpSvc - ok
13:21:51.0233 0x2d34 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:21:51.0234 0x2d34 stexstor - ok
13:21:51.0256 0x2d34 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
13:21:51.0268 0x2d34 stisvc - ok
13:21:51.0275 0x2d34 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
13:21:51.0276 0x2d34 swenum - ok
13:21:51.0293 0x2d34 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
13:21:51.0304 0x2d34 swprv - ok
13:21:51.0354 0x2d34 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
13:21:51.0404 0x2d34 SysMain - ok
13:21:51.0420 0x2d34 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:21:51.0423 0x2d34 TabletInputService - ok
13:21:51.0445 0x2d34 [ 84CA1EEF6A8A5AE5D5603BBC8ED83FCD, 1C30E026C5ACA703C1EB8164C29CC69FA4D3F3B563C22981F76E872E4CB7CECF ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
13:21:51.0447 0x2d34 tap0901 - ok
13:21:51.0475 0x2d34 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
13:21:51.0487 0x2d34 TapiSrv - ok
13:21:51.0500 0x2d34 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
13:21:51.0503 0x2d34 TBS - ok
13:21:51.0602 0x2d34 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:21:51.0649 0x2d34 Tcpip - ok
13:21:51.0724 0x2d34 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:21:51.0756 0x2d34 TCPIP6 - ok
13:21:51.0789 0x2d34 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:21:51.0791 0x2d34 tcpipreg - ok
13:21:51.0799 0x2d34 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:21:51.0801 0x2d34 TDPIPE - ok
13:21:51.0830 0x2d34 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:21:51.0832 0x2d34 TDTCP - ok
13:21:51.0862 0x2d34 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:21:51.0868 0x2d34 tdx - ok
13:21:51.0883 0x2d34 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
13:21:51.0886 0x2d34 TermDD - ok
13:21:51.0937 0x2d34 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
13:21:51.0954 0x2d34 TermService - ok
13:21:51.0973 0x2d34 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
13:21:51.0976 0x2d34 Themes - ok
13:21:51.0990 0x2d34 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
13:21:51.0992 0x2d34 THREADORDER - ok
13:21:52.0003 0x2d34 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
13:21:52.0007 0x2d34 TrkWks - ok
13:21:52.0050 0x2d34 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:21:52.0057 0x2d34 TrustedInstaller - ok
13:21:52.0089 0x2d34 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:21:52.0091 0x2d34 tssecsrv - ok
13:21:52.0126 0x2d34 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:21:52.0129 0x2d34 TsUsbFlt - ok
13:21:52.0140 0x2d34 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
13:21:52.0142 0x2d34 TsUsbGD - ok
13:21:52.0183 0x2d34 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:21:52.0188 0x2d34 tunnel - ok
13:21:52.0206 0x2d34 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:21:52.0210 0x2d34 uagp35 - ok
13:21:52.0240 0x2d34 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:21:52.0251 0x2d34 udfs - ok
13:21:52.0291 0x2d34 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:21:52.0295 0x2d34 UI0Detect - ok
13:21:52.0311 0x2d34 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:21:52.0314 0x2d34 uliagpkx - ok
13:21:52.0340 0x2d34 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:21:52.0343 0x2d34 umbus - ok
13:21:52.0355 0x2d34 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
13:21:52.0356 0x2d34 UmPass - ok
13:21:52.0457 0x2d34 [ 374EBDA379A8F38E0CFC2211611E7167, 0D6C3002B28E27C052227488CEE69FA99399421FF777EB48031E6080A759F532 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:21:52.0499 0x2d34 UNS - ok
13:21:52.0520 0x2d34 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
13:21:52.0528 0x2d34 upnphost - ok
13:21:52.0579 0x2d34 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:21:52.0584 0x2d34 usbaudio - ok
13:21:52.0617 0x2d34 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:21:52.0622 0x2d34 usbccgp - ok
13:21:52.0644 0x2d34 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:21:52.0649 0x2d34 usbcir - ok
13:21:52.0673 0x2d34 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:21:52.0676 0x2d34 usbehci - ok
13:21:52.0699 0x2d34 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:21:52.0711 0x2d34 usbhub - ok
13:21:52.0736 0x2d34 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:21:52.0739 0x2d34 usbohci - ok
13:21:52.0773 0x2d34 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:21:52.0775 0x2d34 usbprint - ok
13:21:52.0815 0x2d34 [ B5E6C4F280EBF0B16F74A5B415F2E0DF, 4B1F7C95F267A29FC8AE4F285E2B19200C7E3F8505B1E75797A7A9EDE4CD1EDE ] USBS3S4Detection C:\OEM\USBDECTION\USBS3S4Detection.exe
13:21:52.0817 0x2d34 USBS3S4Detection - ok
13:21:52.0853 0x2d34 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:21:52.0856 0x2d34 usbscan - ok
13:21:52.0875 0x2d34 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:21:52.0880 0x2d34 USBSTOR - ok
13:21:52.0925 0x2d34 [ C44D96B1CDDE705B23F55AB423CCA73D, AB9842E90DD3D686E66BDBE043EB0068272B611D6F63C818EB9D1B6FE2FE23BD ] USBTINSP C:\Windows\system32\DRIVERS\tinspusb.sys
13:21:52.0931 0x2d34 USBTINSP - ok
13:21:52.0936 0x2d34 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:21:52.0938 0x2d34 usbuhci - ok
13:21:52.0947 0x2d34 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
13:21:52.0951 0x2d34 UxSms - ok
13:21:52.0962 0x2d34 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc C:\Windows\system32\lsass.exe
13:21:52.0964 0x2d34 VaultSvc - ok
13:21:52.0980 0x2d34 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:21:52.0983 0x2d34 vdrvroot - ok
13:21:53.0008 0x2d34 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
13:21:53.0026 0x2d34 vds - ok
13:21:53.0040 0x2d34 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:21:53.0042 0x2d34 vga - ok
13:21:53.0052 0x2d34 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:21:53.0053 0x2d34 VgaSave - ok
13:21:53.0069 0x2d34 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:21:53.0074 0x2d34 vhdmp - ok
13:21:53.0103 0x2d34 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
13:21:53.0104 0x2d34 viaide - ok
13:21:53.0113 0x2d34 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:21:53.0116 0x2d34 volmgr - ok
13:21:53.0129 0x2d34 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:21:53.0137 0x2d34 volmgrx - ok
13:21:53.0151 0x2d34 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:21:53.0158 0x2d34 volsnap - ok
13:21:53.0187 0x2d34 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:21:53.0191 0x2d34 vsmraid - ok
13:21:53.0240 0x2d34 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
13:21:53.0282 0x2d34 VSS - ok
13:21:53.0292 0x2d34 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:21:53.0294 0x2d34 vwifibus - ok
13:21:53.0309 0x2d34 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:21:53.0312 0x2d34 vwififlt - ok
13:21:53.0356 0x2d34 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
13:21:53.0367 0x2d34 W32Time - ok
13:21:53.0389 0x2d34 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:21:53.0394 0x2d34 WacomPen - ok
13:21:53.0415 0x2d34 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:21:53.0419 0x2d34 WANARP - ok
13:21:53.0423 0x2d34 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:21:53.0425 0x2d34 Wanarpv6 - ok
13:21:53.0513 0x2d34 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:21:53.0553 0x2d34 WatAdminSvc - ok
13:21:53.0630 0x2d34 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
13:21:53.0683 0x2d34 wbengine - ok
13:21:53.0712 0x2d34 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:21:53.0717 0x2d34 WbioSrvc - ok
13:21:53.0732 0x2d34 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:21:53.0740 0x2d34 wcncsvc - ok
13:21:53.0750 0x2d34 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:21:53.0752 0x2d34 WcsPlugInService - ok
13:21:53.0769 0x2d34 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
13:21:53.0770 0x2d34 Wd - ok
13:21:53.0817 0x2d34 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:21:53.0833 0x2d34 Wdf01000 - ok
13:21:53.0861 0x2d34 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:21:53.0864 0x2d34 WdiServiceHost - ok
13:21:53.0867 0x2d34 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:21:53.0870 0x2d34 WdiSystemHost - ok
13:21:53.0904 0x2d34 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
13:21:53.0915 0x2d34 WebClient - ok
13:21:53.0929 0x2d34 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:21:53.0935 0x2d34 Wecsvc - ok
13:21:53.0945 0x2d34 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:21:53.0948 0x2d34 wercplsupport - ok
13:21:53.0978 0x2d34 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
13:21:53.0981 0x2d34 WerSvc - ok
13:21:53.0993 0x2d34 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:21:53.0995 0x2d34 WfpLwf - ok
13:21:54.0008 0x2d34 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:21:54.0009 0x2d34 WIMMount - ok
13:21:54.0043 0x2d34 WinDefend - ok
13:21:54.0061 0x2d34 WinHttpAutoProxySvc - ok
13:21:54.0110 0x2d34 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:21:54.0119 0x2d34 Winmgmt - ok
13:21:54.0210 0x2d34 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
13:21:54.0278 0x2d34 WinRM - ok
13:21:54.0334 0x2d34 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
13:21:54.0337 0x2d34 WinUsb - ok
13:21:54.0390 0x2d34 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:21:54.0417 0x2d34 Wlansvc - ok
13:21:54.0480 0x2d34 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:21:54.0483 0x2d34 wlcrasvc - ok
13:21:54.0570 0x2d34 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:21:54.0606 0x2d34 wlidsvc - ok
13:21:54.0635 0x2d34 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:21:54.0637 0x2d34 WmiAcpi - ok
13:21:54.0672 0x2d34 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:21:54.0679 0x2d34 wmiApSrv - ok
13:21:54.0689 0x2d34 WMPNetworkSvc - ok
13:21:54.0699 0x2d34 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:21:54.0702 0x2d34 WPCSvc - ok
13:21:54.0711 0x2d34 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:21:54.0718 0x2d34 WPDBusEnum - ok
13:21:54.0732 0x2d34 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:21:54.0734 0x2d34 ws2ifsl - ok
13:21:54.0748 0x2d34 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
13:21:54.0754 0x2d34 wscsvc - ok
13:21:54.0758 0x2d34 WSearch - ok
13:21:54.0883 0x2d34 [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv C:\Windows\system32\wuaueng.dll
13:21:54.0963 0x2d34 wuauserv - ok
13:21:54.0988 0x2d34 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:21:54.0990 0x2d34 WudfPf - ok
13:21:55.0001 0x2d34 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\drivers\WUDFRd.sys
13:21:55.0005 0x2d34 WUDFRd - ok
13:21:55.0019 0x2d34 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:21:55.0023 0x2d34 wudfsvc - ok
13:21:55.0041 0x2d34 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
13:21:55.0047 0x2d34 WwanSvc - ok
13:21:55.0074 0x2d34 ================ Scan global ===============================
13:21:55.0101 0x2d34 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:21:55.0140 0x2d34 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
13:21:55.0157 0x2d34 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
13:21:55.0180 0x2d34 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:21:55.0212 0x2d34 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
13:21:55.0220 0x2d34 [ Global ] - ok
13:21:55.0220 0x2d34 ================ Scan MBR ==================================
13:21:55.0231 0x2d34 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:21:55.0413 0x2d34 \Device\Harddisk0\DR0 - ok
13:21:55.0418 0x2d34 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
13:21:55.0426 0x2d34 \Device\Harddisk1\DR1 - ok
13:21:55.0431 0x2d34 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR4
13:21:55.0436 0x2d34 \Device\Harddisk4\DR4 - ok
13:21:55.0439 0x2d34 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk7\DR7
13:21:55.0446 0x2d34 \Device\Harddisk7\DR7 - ok
13:21:55.0446 0x2d34 ================ Scan VBR ==================================
13:21:55.0449 0x2d34 [ 8F255FF26CCEFBC529FDFD00B80D2401 ] \Device\Harddisk0\DR0\Partition1
13:21:55.0512 0x2d34 \Device\Harddisk0\DR0\Partition1 - ok
13:21:55.0514 0x2d34 [ AF2D5438DC9966A3EEF7E6BBDBC94E2D ] \Device\Harddisk0\DR0\Partition2
13:21:55.0537 0x2d34 \Device\Harddisk0\DR0\Partition2 - ok
13:21:55.0539 0x2d34 [ 2327F640F60907901031411703C3A9B4 ] \Device\Harddisk0\DR0\Partition3
13:21:55.0541 0x2d34 \Device\Harddisk0\DR0\Partition3 - ok
13:21:55.0543 0x2d34 [ 24E54560AFC4B721F691B6D4CAE2E7A4 ] \Device\Harddisk1\DR1\Partition1
13:21:55.0590 0x2d34 \Device\Harddisk1\DR1\Partition1 - ok
13:21:55.0593 0x2d34 [ A275469F0BE34D91345E6CC30E185315 ] \Device\Harddisk4\DR4\Partition1
13:21:55.0594 0x2d34 \Device\Harddisk4\DR4\Partition1 - ok
13:21:55.0597 0x2d34 [ EDF4F2BEF374B26504AD9127A9B5B88F ] \Device\Harddisk7\DR7\Partition1
13:21:55.0650 0x2d34 \Device\Harddisk7\DR7\Partition1 - ok
13:21:55.0650 0x2d34 ================ Scan generic autorun ======================
13:21:56.0005 0x2d34 [ FF01BF4D9C1D6AB832E0A788E75CC330, 64B2D68947000B3970AA97AC548791220BF5BF12B4D7F39C6BB3E373BB42BD3E ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:21:56.0188 0x2d34 RtHDVCpl - ok
13:21:56.0238 0x2d34 [ 223A96BAC91792E1A954BFEB49FBE02C, 56582B1E48EB9AAE8C3AA0BCFB3B8DCBBA6AE26138BBE801DA2404A527DF5636 ] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
13:21:56.0240 0x2d34 LogMeIn GUI - ok
13:21:56.0283 0x2d34 [ 75AD45ED633B866D90AEAA296C21F7E8, 6211E788258298EAE520A0A0510E66BCA0E280F4958B454919C270D0F53931D9 ] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
13:21:56.0293 0x2d34 SuiteTray - ok
13:21:56.0324 0x2d34 [ E7EA57B35951D093A9647D8D5CE3340D, 7F88A5F07CF05E43BFA40A72C74DDDAB480C493E302A2532C2FA2A28D2F3D2D5 ] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
13:21:56.0330 0x2d34 EgisTecPMMUpdate - ok
13:21:56.0343 0x2d34 [ DC1AA3868108B8FF57F6C8045FCD4603, 6D32849D6296ABD24B56628161075299A2E0A5FF2071F3C1FD08DD4876C020F0 ] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
13:21:56.0346 0x2d34 EgisUpdate - ok
13:21:56.0421 0x2d34 [ D3E69D500466C17498AAF7F83D12FFF0, F5723FC28396489EADDDCAD67A0E46B56D859590823E3CFA7254BA6709DC5AE6 ] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
13:21:56.0451 0x2d34 Norton Online Backup - ok
13:21:56.0474 0x2d34 [ F4F7C86191A981C804326E2EF6F3604F, 1ECE05E643AFFB27A148A8B86615F6C167875EF29D6FF7E2FD15B8DCBE6B8A16 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
13:21:56.0477 0x2d34 Adobe Reader Speed Launcher - ok
13:21:56.0540 0x2d34 [ B3C4D8357D8C84E2BD459CEB32E1EFD7, 99012008EB8913DA8628BEA590374474086AEAA4F477EA67B9C0A9CB56352C68 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
13:21:56.0551 0x2d34 StartCCC - ok
13:21:56.0597 0x2d34 [ 4A73AB8412D3AA6CFAD24051FF9DBFA7, 7C1F6BDECE92F2A58E88FC603F1BEE9B0F72130136AE9A368892323A9A327FD1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
13:21:56.0605 0x2d34 IAStorIcon - ok
13:21:56.0654 0x2d34 [ C673F14493A88BE8CE3156B53F37887E, 04932D7423A6AB9E13BFA38E2CEE6610C63FF857FD2A82D4D31E189F508D8757 ] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
13:21:56.0660 0x2d34 ArcadeMovieService - ok
13:21:56.0702 0x2d34 [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
13:21:56.0704 0x2d34 GrooveMonitor - ok
13:21:56.0789 0x2d34 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:21:56.0813 0x2d34 Adobe ARM - ok
13:21:56.0886 0x2d34 [ 555EC7B04FDF156C3BEF6C6814B56BCB, F0261891126091C58AC06D943D68964D5BEC9D90912B67E68E3D5DA541EE57A5 ] C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
13:21:56.0896 0x2d34 LexwareInfoService - ok
13:21:56.0968 0x2d34 [ A6ABD4AF02AB03676DEA55F383ABC7C2, 62F838618C78A297D970EC58F97F2D843EBFEF2D81754D658664BEEED79BFB50 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
13:21:56.0987 0x2d34 avgnt - ok
13:21:57.0035 0x2d34 [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:21:57.0039 0x2d34 SunJavaUpdateSched - ok
13:21:57.0092 0x2d34 [ FBDC0E172AA0D341FF0084A3DBFD00F5, 5B452DFD516CE88EBCBE5AC6CB7649767FBD68FFF85D62783278FD5670C1D550 ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
13:21:57.0107 0x2d34 FUFAXRCV - ok
13:21:57.0136 0x2d34 [ 635DFB2E71D6359E07977E74703ED47E, C45F9208304421A5992C2A16B2B29D12C20C9E314850E1A23264B9162E671C02 ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
13:21:57.0150 0x2d34 FUFAXSTM - ok
13:21:57.0227 0x2d34 [ 46D3D19A4745B67DCA6692AFAB0E136D, 4CC62A94C62B7D1DBE592AF29D4251F3A8A13FE3F55A3A8A7DC6495D990093E4 ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
13:21:57.0243 0x2d34 EEventManager - ok
13:21:57.0318 0x2d34 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
13:21:57.0321 0x2d34 HP Software Update - ok
13:21:57.0407 0x2d34 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:21:57.0441 0x2d34 Sidebar - ok
13:21:57.0470 0x2d34 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:21:57.0473 0x2d34 mctadmin - ok
13:21:57.0474 0x2d34 IsMyWinLockerReboot - ok
13:21:57.0554 0x2d34 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:21:57.0573 0x2d34 Sidebar - ok
13:21:57.0579 0x2d34 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:21:57.0581 0x2d34 mctadmin - ok
13:21:57.0582 0x2d34 IsMyWinLockerReboot - ok
13:21:57.0773 0x2d34 [ C6DC4C5C59E04BF5C665BAAE04D84699, 9D551C37021AA94F5C1DC85740439EE7D23869367167FA8F8E26FCD64869A1E3 ] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
13:21:57.0934 0x2d34 AnyDVD - ok
13:21:58.0114 0x2d34 [ C00773621E4C7D1DEE859392D6A7FAD6, A40A288FFB10C869C73E06121C31CCEFF83F5F64F638E29F90ED845AD8DF0BE3 ] C:\Users\Daniel\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
13:21:58.0195 0x2d34 Amazon Cloud Player - ok
13:21:58.0259 0x2d34 [ 6ECE746BB283927604DA192CA0D1403D, 327E1E908B6DB1C8414B31DB277EF5EABA340B2EE7FEE19349860B3C8F7778FE ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE
13:21:58.0265 0x2d34 EPLTarget\P0000000000000000 - ok
13:21:58.0303 0x2d34 [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe
13:21:58.0306 0x2d34 Dropbox Update - ok
13:21:58.0536 0x2d34 [ 0B7389AEDF3CB336B1238F70D82B3832, 0C3C7F00E441B3548E52CB4A059AB898F1947B12D880C30F629ED984F4D1CFED ] C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe
13:21:58.0714 0x2d34 SOS_Agent - ok
13:21:58.0897 0x2d34 [ 0B7389AEDF3CB336B1238F70D82B3832, 0C3C7F00E441B3548E52CB4A059AB898F1947B12D880C30F629ED984F4D1CFED ] C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe
13:21:58.0992 0x2d34 Steganos VPN Local Proxy - ok
13:21:59.0188 0x2d34 [ 0B7389AEDF3CB336B1238F70D82B3832, 0C3C7F00E441B3548E52CB4A059AB898F1947B12D880C30F629ED984F4D1CFED ] C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe
13:21:59.0284 0x2d34 Steganos VPN Proxy Handler - ok
13:21:59.0328 0x2d34 [ FDB4F88B9B1CD409E1DC06AD68BEA2B8, B031473D2B11C00FB9464D0A518DF30BB01EF7A157AE7994C2FDEF1DF6F0C097 ] C:\Users\Admin\AppData\Roaming\SSync\SSync.exe
13:21:59.0330 0x2d34 SSync - ok
13:21:59.0368 0x2d34 [ 92B51A78866EC9EEDE7F0F57D3024F5E, AD8632A471121319AF58DA75531101E2B2EBADABF3A2313509382B2F115C0E79 ] C:\Users\Admin\AppData\Roaming\Sixth\Sixth.exe
13:21:59.0371 0x2d34 Sixth - ok
13:21:59.0391 0x2d34 [ FDB4F88B9B1CD409E1DC06AD68BEA2B8, B031473D2B11C00FB9464D0A518DF30BB01EF7A157AE7994C2FDEF1DF6F0C097 ] C:\Users\Admin\AppData\Roaming\Intermediate\Intermediate.exe
13:21:59.0394 0x2d34 Intermediate - ok
13:21:59.0467 0x2d34 [ 2ABEC407C8A40F9F6F65F88C29E1834C, F3328F599CD3FAE0AF332B852EE62C12847CB1957A8E3058ABE5E38DF00DF1C9 ] C:\Users\Admin\AppData\Roaming\SCheck\SCheck.exe
13:21:59.0470 0x2d34 SCheck - ok
13:21:59.0481 0x2d34 [ A14534908015154865081EBE69E8BD6A, 68E0FEA58E4C03CCB236044479823ED2F3A22122F9D581FC957C46270277DA12 ] C:\Users\Admin\AppData\Roaming\DataMgr\DataMgr.exe
13:21:59.0487 0x2d34 DataMgr - ok
13:21:59.0533 0x2d34 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:21:59.0552 0x2d34 Sidebar - ok
13:21:59.0576 0x2d34 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:21:59.0578 0x2d34 mctadmin - ok
13:21:59.0619 0x2d34 [ 6E9DBF6B982AEA2EC6614F0B81AB2846, BEBD1E26E3C2810B19A71446A2CC5B9BD9436E802DD8CD0432DFC35BFF248593 ] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe
13:21:59.0625 0x2d34 ScrSav - ok
13:21:59.0626 0x2d34 Waiting for KSN requests completion. In queue: 87
13:22:00.0626 0x2d34 Waiting for KSN requests completion. In queue: 87
13:22:01.0626 0x2d34 Waiting for KSN requests completion. In queue: 87
13:22:02.0693 0x2d34 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.11.550 ), 0x41000 ( enabled : updated )
13:22:02.0712 0x2d34 Win FW state via NFP2: enabled ( trusted )
13:22:05.0475 0x2d34 ============================================================
13:22:05.0475 0x2d34 Scan finished
13:22:05.0475 0x2d34 ============================================================
13:22:05.0485 0x0e08 Detected object count: 0
13:22:05.0485 0x0e08 Actual detected object count: 0
Vielen Dank schonmal Gruß Daniel |
|
29.07.2015, 06:46
| #6 |
| /// the machine /// TB-Ausbilder | Wo Outlook 2007 möchte mehrere Mails versenden obwohl keine Mails im Ausgangsordner existieren Lösung! Erstmal hier fertig machen, dann können wir die Absicherung angehen  Scan mit Combofix
__________________ --> Outlook 2007 möchte mehrere Mails versenden obwohl keine Mails im Ausgangsordner existieren |
|
29.07.2015, 08:52
| #7 |
| | Outlook 2007 möchte mehrere Mails versenden obwohl keine Mails im Ausgangsordner existieren Moin Schrauber, puh, dass war gar nicht so einfach. Unter meinem Administratoraccount kam ich erst gar nicht mehr auf die trojaner-board.de Seite. das www in der URL wurde immer durch ein deeprybka ersetzt. Habe mir die Datei dann über den anderen Account gezogen und im Admin-acc ausgeführt. Hier nun der log von combofix Code:
ATTFilter ComboFix 15-07-23.01 - Admin 29.07.2015 9:29.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8174.4670 [GMT 2:00]
ausgeführt von:: c:\users\Admin\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Admin\AppData\Local\omesuperv.exe
c:\users\Admin\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Admin\AppData\Roaming\Common\LuaRT
c:\users\Admin\AppData\Roaming\Common\LuaRT\alien.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\alien\core.dll
c:\users\Admin\AppData\Roaming\Common\LuaRT\alien\struct.dll
c:\users\Admin\AppData\Roaming\Common\LuaRT\base.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\base64.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\debug_ext.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\debug_init.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\getopt.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\io_ext.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\json.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\json\decode.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\json\decode\array.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\json\decode\calls.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\json\decode\number.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\json\decode\object.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\json\decode\others.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\json\decode\strings.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\json\decode\util.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\json\encode.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\json\encode\array.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\json\encode\calls.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\json\encode\number.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\json\encode\object.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\json\encode\others.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\json\encode\output.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\json\encode\output_utility.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\json\encode\strings.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\json\util.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\lfs.dll
c:\users\Admin\AppData\Roaming\Common\LuaRT\list.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\lpeg.dll
c:\users\Admin\AppData\Roaming\Common\LuaRT\ltn12.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\lua.exe
c:\users\Admin\AppData\Roaming\Common\LuaRT\lua5.1.dll
c:\users\Admin\AppData\Roaming\Common\LuaRT\lua51.dll
c:\users\Admin\AppData\Roaming\Common\LuaRT\luacom.dll
c:\users\Admin\AppData\Roaming\Common\LuaRT\luasql\sqlite3.dll
c:\users\Admin\AppData\Roaming\Common\LuaRT\math_ext.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
c:\users\Admin\AppData\Roaming\Common\LuaRT\Microsoft.VC80.CRT\msvcm80.dll
c:\users\Admin\AppData\Roaming\Common\LuaRT\Microsoft.VC80.CRT\msvcp80.dll
c:\users\Admin\AppData\Roaming\Common\LuaRT\Microsoft.VC80.CRT\msvcr80.dll
c:\users\Admin\AppData\Roaming\Common\LuaRT\mime.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\mime\core.dll
c:\users\Admin\AppData\Roaming\Common\LuaRT\modules.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\Neues Textdokument.txt
c:\users\Admin\AppData\Roaming\Common\LuaRT\package_ext.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\set.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\sha256.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\socket.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\socket\core.dll
c:\users\Admin\AppData\Roaming\Common\LuaRT\socket\http.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\socket\url.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\std.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\strbuf.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\string_ext.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\table_ext.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\tree.lua
c:\users\Admin\AppData\Roaming\Common\LuaRT\wlua.exe
c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c0fh0669.default\searchplugins\search.xml
c:\users\Daniel\AppData\Local\Vid-Saver
c:\users\Daniel\AppData\Local\Vid-Saver\Chrome\Vid-Saver.crx
c:\windows\IsUn0407.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-06-28 bis 2015-07-29 ))))))))))))))))))))))))))))))
.
.
2015-07-29 07:35 . 2015-07-29 07:35 -------- d-----w- c:\users\LogMeInRemoteUser\AppData\Local\temp
2015-07-29 07:35 . 2015-07-29 07:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-29 07:22 . 2015-07-29 07:22 -------- d-----w- c:\users\Admin\AppData\Local\ext_meduke
2015-07-29 00:20 . 2015-07-29 00:25 -------- d-----w- C:\$Windows.~BT
2015-07-29 00:16 . 2015-07-25 18:07 17856 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-07-29 00:16 . 2015-07-25 18:04 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-07-29 00:16 . 2015-07-25 18:04 765440 ----a-w- c:\windows\system32\invagent.dll
2015-07-29 00:16 . 2015-07-25 18:03 433664 ----a-w- c:\windows\system32\devinv.dll
2015-07-29 00:16 . 2015-07-25 18:03 1085440 ----a-w- c:\windows\system32\appraiser.dll
2015-07-29 00:16 . 2015-07-25 18:03 67584 ----a-w- c:\windows\system32\acmigration.dll
2015-07-29 00:16 . 2015-07-25 18:03 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-07-29 00:16 . 2015-07-25 17:55 1145856 ----a-w- c:\windows\system32\aeinv.dll
2015-07-28 10:59 . 2015-07-28 11:17 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-07-28 10:59 . 2015-07-28 10:59 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-28 10:55 . 2015-07-28 10:59 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-07-28 10:41 . 2015-07-28 10:41 -------- d-----w- c:\program files (x86)\VS Revo Group
2015-07-28 10:35 . 2015-07-29 07:15 -------- d-----w- c:\users\Admin\AppData\Local\AviraSpeedup
2015-07-27 08:59 . 2015-07-27 18:54 -------- d-----w- C:\FRST
2015-07-27 07:39 . 2015-07-28 10:35 -------- d-----w- c:\users\Admin\AppData\Roaming\Steganos
2015-07-27 07:35 . 2015-07-29 07:21 -------- d-----w- c:\users\Daniel\AppData\Roaming\Steganos VPN
2015-07-27 07:35 . 2015-07-28 10:34 -------- d-----w- c:\users\Public\Speedup Sessions
2015-07-27 07:34 . 2015-07-28 11:27 -------- d-----w- c:\users\Daniel\AppData\Roaming\Steganos
2015-07-27 07:32 . 2015-07-27 07:32 -------- d-----w- c:\program files (x86)\Steganos Online Shield
2015-07-27 07:32 . 2015-07-27 07:32 -------- d-----w- c:\program files (x86)\Common Files\Steganos
2015-07-27 01:50 . 2015-07-27 01:50 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2015-07-26 10:38 . 2015-07-26 10:38 -------- d-----w- c:\users\Daniel\AppData\Local\Image Composite Editor
2015-07-26 10:37 . 2015-07-26 10:37 -------- d-----w- c:\program files\Microsoft Research
2015-07-26 04:29 . 2015-06-02 00:07 254976 ----a-w- c:\windows\system32\cewmdm.dll
2015-07-26 04:28 . 2015-06-25 08:57 3207168 ----a-w- c:\windows\system32\win32k.sys
2015-07-26 04:28 . 2015-06-17 17:47 404992 ----a-w- c:\windows\system32\gdi32.dll
2015-07-26 04:28 . 2015-06-17 17:37 312320 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-07-26 04:28 . 2015-06-27 02:47 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2015-07-26 04:28 . 2015-06-27 02:43 5923840 ----a-w- c:\windows\system32\jscript9.dll
2015-07-26 04:28 . 2015-06-27 01:58 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-07-26 04:28 . 2015-06-27 01:39 4520448 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-07-26 04:17 . 2015-07-04 18:07 2087424 ----a-w- c:\windows\system32\ole32.dll
2015-07-26 04:17 . 2015-07-04 17:48 1414656 ----a-w- c:\windows\SysWow64\ole32.dll
2015-06-30 10:58 . 2015-06-30 10:58 -------- d-----w- c:\users\Daniel\AppData\Local\PDF24
2015-06-30 10:57 . 2015-06-30 10:57 -------- d-----w- c:\program files (x86)\PDF24
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-28 16:45 . 2013-08-19 20:50 162528 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-07-28 16:45 . 2013-08-19 20:50 141416 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-07-26 23:52 . 2012-10-21 08:54 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-26 23:52 . 2011-09-02 15:47 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-26 22:37 . 2014-08-28 11:10 107392 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2015-07-26 22:37 . 2014-08-28 11:10 35688 ----a-w- c:\windows\system32\LMIport.dll
2015-07-26 22:37 . 2014-08-28 11:10 92520 ----a-w- c:\windows\system32\LMIinit.dll
2015-07-14 09:44 . 2014-09-05 20:34 33856 ---ha-w- c:\windows\system32\hamachi.sys
2015-06-16 23:01 . 2015-06-16 23:01 1202856 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-06-02 09:16 . 2015-06-02 09:16 35872 ----a-w- c:\windows\system32\drivers\tap0901.sys
2015-05-25 18:24 . 2015-06-10 06:26 5569984 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-05-25 18:21 . 2015-06-10 06:26 1728960 ----a-w- c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-10 06:26 243712 ----a-w- c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-10 06:26 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-10 06:26 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-10 06:26 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-10 06:26 1255424 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-10 06:26 879104 ----a-w- c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-10 06:26 503808 ----a-w- c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-10 06:26 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-10 06:26 50176 ----a-w- c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-10 06:26 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-10 06:26 424960 ----a-w- c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-10 06:26 1162752 ----a-w- c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-10 06:26 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-10 06:26 879104 ----a-w- c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-10 06:26 404992 ----a-w- c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-10 06:26 47104 ----a-w- c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-10 06:26 112640 ----a-w- c:\windows\system32\smss.exe
2015-05-25 18:18 . 2015-06-10 06:26 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-05-25 18:18 . 2015-06-10 06:26 43008 ----a-w- c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-10 06:26 104448 ----a-w- c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-10 06:26 19456 ----a-w- c:\windows\system32\diskperf.exe
2015-05-25 18:18 . 2015-06-10 06:26 338432 ----a-w- c:\windows\system32\conhost.exe
2015-05-25 18:11 . 2015-06-10 06:26 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-05-25 18:11 . 2015-06-10 06:26 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:26 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-25 18:07 . 2015-06-10 06:26 3989440 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-10 06:26 3934144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-10 06:26 1310744 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-05-25 18:01 . 2015-06-10 06:26 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-10 06:26 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-05-25 18:01 . 2015-06-10 06:26 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-10 06:26 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2015-05-25 18:01 . 2015-06-10 06:26 641536 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-05-25 18:01 . 2015-06-10 06:26 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-25 18:00 . 2015-06-10 06:26 40448 ----a-w- c:\windows\SysWow64\typeperf.exe
2015-05-25 18:00 . 2015-06-10 06:26 364544 ----a-w- c:\windows\SysWow64\tracerpt.exe
2015-05-25 18:00 . 2015-06-10 06:26 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2015-05-25 18:00 . 2015-06-10 06:26 37888 ----a-w- c:\windows\SysWow64\relog.exe
2015-05-25 18:00 . 2015-06-10 06:26 82944 ----a-w- c:\windows\SysWow64\logman.exe
2015-05-25 18:00 . 2015-06-10 06:26 17408 ----a-w- c:\windows\SysWow64\diskperf.exe
2015-05-25 17:59 . 2015-06-10 06:26 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2015-05-25 17:59 . 2015-06-10 06:26 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2015-05-25 17:55 . 2015-06-10 06:26 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2015-05-25 17:55 . 2015-06-10 06:26 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 06:26 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 06:26 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 06:26 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 06:26 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 06:26 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 06:26 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 06:26 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 06:26 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 06:26 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 06:26 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 06:26 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 06:26 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 06:26 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 06:26 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 06:26 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 06:26 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 06:26 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 06:26 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11B16A3D-F03E-4565-A532-66AB219C9B03}]
2015-04-22 18:06 918016 ----a-w- c:\users\Admin\AppData\Local\ext_meduke\ext_meduke.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{82B16A3D-F03E-4565-A532-666B219C9A53}]
2014-01-23 08:08 153520 ----a-w- c:\users\Admin\AppData\Local\ext_offermosquito\OfferMosquitoIEPlaceholder.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SSync"="c:\users\Admin\AppData\Roaming\SSync\SSync.exe" [2013-12-09 37376]
"Sixth"="c:\users\Admin\AppData\Roaming\Sixth\Sixth.exe" [2014-08-04 63624]
"Intermediate"="c:\users\Admin\AppData\Roaming\Intermediate\Intermediate.exe" [2013-12-09 37376]
"SCheck"="c:\users\Admin\AppData\Roaming\SCheck\SCheck.exe" [2015-06-12 50688]
"DataMgr"="c:\users\Admin\AppData\Roaming\DataMgr\DataMgr.exe" [2014-01-23 168824]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-17 407920]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-17 201584]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-02-18 336384]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-05-13 177448]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"LexwareInfoService"="c:\program files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe" [2010-09-15 339312]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-07-28 782008]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"FUFAXRCV"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe" [2012-07-09 502952]
"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2012-07-09 863400]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2012-04-02 1058912]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2015-06-24 217632]
"Avira Systray"="c:\program files (x86)\Avira\Launcher\Avira.Systray.exe" [2015-06-02 134368]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-07-14 5579624]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"SOS_Agent"="c:\program files (x86)\Steganos Online Shield\OnlineShieldClient.exe" [2015-07-09 6200336]
"SOS Browser Monitor"="c:\program files (x86)\Steganos Online Shield\SteganosBrowserMonitor.exe" [2015-07-08 75776]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2015-06-15 73216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AutoStart IR.lnk - c:\program files (x86)\WinTV\Ir.exe /QUIET [2011-11-3 117344]
BCL ALLPDF Printer Monitor.lnk - c:\program files\BCL Technologies\ALLPDF 3\eptray.exe [2011-7-7 2364416]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
WinTV Recording Status..lnk - c:\program files (x86)\WinTV\WinTV7\WinTVTray.exe [2011-11-3 83456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\Drivers\hcw95bda.sys;c:\windows\SYSNATIVE\Drivers\hcw95bda.sys [x]
R3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\system32\DRIVERS\hcw95rc.sys;c:\windows\SYSNATIVE\DRIVERS\hcw95rc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBTINSP;TI-Nspire(TM) Handheld or TI Network Bridge Device Driver;c:\windows\system32\DRIVERS\tinspusb.sys;c:\windows\SYSNATIVE\DRIVERS\tinspusb.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DirMngr;DirMngr;c:\program files (x86)\GNU\GnuPG\dirmngr.exe;c:\program files (x86)\GNU\GnuPG\dirmngr.exe [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HauppaugeTVServer;HauppaugeTVServer;c:\progra~2\WinTV\TVServer\HAUPPA~1.EXE;c:\progra~2\WinTV\TVServer\HAUPPA~1.EXE [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 Online Shield Starter Service;Online Shield Starter Service;c:\program files (x86)\Steganos Online Shield\OnlineShieldService.exe;c:\program files (x86)\Steganos Online Shield\OnlineShieldService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe;c:\oem\USBDECTION\USBS3S4Detection.exe [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\DRIVERS\LVUSBS64.sys;c:\windows\SYSNATIVE\DRIVERS\LVUSBS64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-21 23:52]
.
2015-07-29 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1088146415-38023645-2323927296-1000Core.job
- c:\users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19 08:09]
.
2015-07-29 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1088146415-38023645-2323927296-1000UA.job
- c:\users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19 08:09]
.
2015-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-02 00:44]
.
2015-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-02 00:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2014-02-07 57928]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.fbdownloader.com/?channel=fpo&t=4F8CF61F44891799
mDefault_Search_URL = https://safesearch.avira.com/
mDefault_Page_URL = https://safesearch.avira.com/
mStart Page = https://safesearch.avira.com/
mSearch Page = https://safesearch.avira.com/
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c0fh0669.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.fbdownloader.com/search.php?channel=fpo&q=
FF - prefs.js: browser.startup.homepage - hxxp://search.fbdownloader.com/?channel=fpo&t=4F8CF61F44891799
FF - prefs.js: keyword.URL - hxxp://search.fbdownloader.com/search.php?channel=fpo&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-{99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
Toolbar-10 - (no file)
Toolbar-{d1dac034-9fd9-4c13-a388-d2e10e57707f} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
Wow6432Node-HKCU-Run-OMESupervisor - c:\users\Admin\AppData\Local\omesuperv.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
c:\users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - c:\users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{d1dac034-9fd9-4c13-a388-d2e10e57707f} - c:\program files (x86)\ilividmoviestoolbar181\IE\searchresultsDx64.dll
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
WebBrowser-{41564952-412D-5637-00A7-7A786E7484D7} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-Reise nach Nordland - c:\windows\IsUn0407.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe
c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-07-29 09:47:33 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-07-29 07:47
.
Vor Suchlauf: 11 Verzeichnis(se), 350.295.646.208 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 349.799.362.560 Bytes frei
.
- - End Of File - - E7CD97728BA7BA872037E7237838958F
|
|
29.07.2015, 15:15
| #8 |
| /// the machine /// TB-Ausbilder | Outlook 2007 möchte mehrere Mails versenden obwohl keine Mails im Ausgangsordner existieren Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.07.2015, 17:50
| #9 |
| | Outlook 2007 möchte mehrere Mails versenden obwohl keine Mails im Ausgangsordner existieren So dann mal ein Haufen Logs für den lieben Schrauber mbamlog: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 29.07.2015 Suchlaufzeit: 17:25 Protokolldatei: mbamlog.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.07.29.04 Rootkit-Datenbank: v2015.07.29.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Admin Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 482527 Abgelaufene Zeit: 15 Min., 40 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) AdwareCleaner log: Code:
ATTFilter # AdwCleaner v4.208 - Bericht erstellt 29/07/2015 um 17:54:13
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-26.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Admin - DEEPTHOUGHT
# Gestarted von : C:\Users\Admin\Desktop\AdwCleaner_4.208.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\ProgramData\BrowserProtect
Ordner Gelöscht : C:\ProgramData\torchcrashhandler
Ordner Gelöscht : C:\ProgramData\Yahoo! Companion
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\DataMgr
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\fbDownloader
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Fifth
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Intermediate
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\SCheck
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Seventh
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Sixth
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Snz
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\SSync
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\dvdvideosoftiehelpers
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\foxydeal.sqlite
***** [ Geplante Tasks ] *****
Task Gelöscht : Fifth
Task Gelöscht : OMESupervisor
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Intermediate]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [scheck]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Sixth]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ssync]
Schlüssel Gelöscht : HKCU\Software\MozillaPlugins\bebomedia.com/OfferMosquitoIEHelper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{41564952-412D-5637-00A7-7A786E7484D7}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Protector
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17909
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v39.0 (x86 de)
[c0fh0669.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.fbdownloader.com/search.php?channel=fpo&q=");
[c0fh0669.default\prefs.js] - Zeile Gelöscht : user_pref("browser.startup.homepage", "hxxp://search.fbdownloader.com/?channel=fpo&t=4F8CF61F44891799");
[c0fh0669.default\prefs.js] - Zeile Gelöscht : user_pref("keyword.URL", "hxxp://search.fbdownloader.com/search.php?channel=fpo&q=");
[c0fh0669.default\prefs.js] - Zeile Gelöscht : user_pref("simplenewtab.url", "hxxp://search.fbdownloader.com/?channel=fpo_nt&t=4F8CF61F44891799");
[b7xgpkqj.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.order.1", "Ask.com");
[b7xgpkqj.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.crossrider.bic", "13a22205afb98accb7767b90c1ddb086");
[b7xgpkqj.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.crossriderapp3491@crossrider.com.install-event-fired", true);
[b7xgpkqj.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar_AVIRA-V7@apn.ask.com.install-event-fired", true);
[b7xgpkqj.default\prefs.js] - Zeile Gelöscht : user_pref("keyword.URL", "hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=542&systemid=406&v=n11465-250&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=1153554523314747&o=APN10645&q=");
*************************
AdwCleaner[R0].txt - [7699 Bytes] - [29/07/2015 17:52:15]
AdwCleaner[S0].txt - [7134 Bytes] - [29/07/2015 17:54:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7193 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.4 (07.27.2015:1)
OS: Windows 7 Home Premium x64
Ran by Admin on 29.07.2015 at 17:57:22,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\Windows\system32\tasks\AviraSpeedup
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11B16A3D-F03E-4565-A532-66AB219C9B03}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11B16A3D-F03E-4565-A532-66AB219C9B03}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{11B16A3D-F03E-4565-A532-66AB219C9B03}
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.07.2015 at 18:17:59,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
durchgeführt von Admin (Administrator) auf DEEPTHOUGHT (29-07-2015 18:22:24)
Gestartet von C:\Users\Admin\Desktop
Geladene Profile: Admin (Verfügbare Profile: Daniel & Admin & LogMeInRemoteUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-11-30] (Realtek Semiconductor)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2014-02-07] (LogMeIn, Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-28] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-02-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [339312 2010-09-15] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-28] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502952 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863400 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217632 2015-06-24] (Geek Software GmbH)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-07-14] (LogMeIn Inc.)
HKU\S-1-5-18\...\Run: [SOS_Agent] => C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe [6200336 2015-07-09] (Steganos Software GmbH)
HKU\S-1-5-18\...\Run: [SOS Browser Monitor] => C:\Program Files (x86)\Steganos Online Shield\SteganosBrowserMonitor.exe [75776 2015-07-08] (Steganos Software GmbH)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk [2011-11-03]
ShortcutTarget: AutoStart IR.lnk -> C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BCL ALLPDF Printer Monitor.lnk [2015-03-08]
ShortcutTarget: BCL ALLPDF Printer Monitor.lnk -> C:\Program Files\BCL Technologies\ALLPDF 3\eptray.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013-11-25]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status..lnk [2011-11-03]
ShortcutTarget: WinTV Recording Status..lnk -> C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1088146415-38023645-2323927296-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04] (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-03-29] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-03-29] (Oracle Corporation)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.)
Handler: haufereader - No CLSID Value
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{2CAADFF7-B477-4AF5-A003-8DEDB63B5FFE}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{79FEF043-A9D9-446C-B552-6F996BCEE660}: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c0fh0669.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-27] ()
FF Plugin: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\system32\npDeployJava1.dll [2012-05-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [2012-05-04] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-27] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-03-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-26] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c0fh0669.default\searchplugins\google-images.xml [2015-06-17]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c0fh0669.default\searchplugins\google-maps.xml [2015-06-17]
FF Extension: Cliqz Beta - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c0fh0669.default\Extensions\cliqz@cliqz.com.xpi [2015-06-17]
FF HKU\S-1-5-21-1088146415-38023645-2323927296-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: Kein Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)
S2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2014-11-25] () [Datei ist nicht signiert]
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [602624 2010-03-29] (Hauppauge Computer Works) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-07-14] (LogMeIn, Inc.)
S2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [234856 2015-07-27] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2014-02-07] (LogMeIn, Inc.)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 Online Shield Starter Service; C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe [345136 2015-07-09] (Steganos Software GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138360 2012-01-29] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138360 2012-01-29] (SlySoft, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-04] (Avira Operations GmbH & Co. KG)
S3 hcw95bda; C:\Windows\System32\Drivers\hcw95bda.sys [658432 2009-07-06] (Hauppauge Computer Works, Inc.)
S3 hcw95rc; C:\Windows\System32\DRIVERS\hcw95rc.sys [19456 2009-07-06] (Hauppauge Computer Works, Inc.)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2014-02-07] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-29 18:22 - 2015-07-29 18:22 - 00019616 _____ C:\Users\Admin\Desktop\FRST.txt
2015-07-29 18:17 - 2015-07-29 18:17 - 00001233 _____ C:\Users\Admin\Desktop\JRT.txt
2015-07-29 17:47 - 2015-07-29 17:55 - 00000022 _____ C:\Windows\S.dirmngr
2015-07-29 17:45 - 2015-07-29 17:54 - 00000000 ____D C:\AdwCleaner
2015-07-29 17:19 - 2015-07-29 17:55 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-29 17:19 - 2015-07-29 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-07-29 17:19 - 2015-07-29 17:19 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-07-29 17:19 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-29 17:16 - 2015-07-29 17:18 - 02169856 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2015-07-29 17:08 - 2015-07-29 17:19 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-29 17:08 - 2015-07-29 17:19 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Malwarebytes
2015-07-29 17:08 - 2015-07-29 17:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-07-29 17:08 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-29 17:07 - 2015-07-29 16:59 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Admin\Desktop\JRT.exe
2015-07-29 17:07 - 2015-07-29 16:56 - 02248704 _____ C:\Users\Admin\Desktop\AdwCleaner_4.208.exe
2015-07-29 17:07 - 2012-07-12 14:54 - 10652120 _____ (Malwarebytes Corporation ) C:\Users\Admin\Desktop\mbam-setup-1.62.0.1300.exe
2015-07-29 16:57 - 2015-07-29 16:59 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Daniel\Downloads\JRT.exe
2015-07-29 16:55 - 2015-07-29 16:56 - 02248704 _____ C:\Users\Daniel\Downloads\AdwCleaner_4.208.exe
2015-07-29 16:54 - 2015-07-29 17:03 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Daniel\Downloads\mbam-setup-2.1.6.1022.exe
2015-07-29 15:03 - 2015-07-29 15:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\{A9E69C0F-FE9B-4C6C-9E5F-971F8AC9D2F0}
2015-07-29 09:47 - 2015-07-29 09:47 - 00038177 _____ C:\ComboFix.txt
2015-07-29 09:41 - 2015-07-29 17:50 - 00000352 _____ C:\Windows\wininit.ini
2015-07-29 09:27 - 2015-07-29 09:47 - 00000000 ____D C:\Qoobox
2015-07-29 09:27 - 2015-07-29 09:46 - 00000000 ____D C:\Windows\erdnt
2015-07-29 09:27 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-29 09:27 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-29 09:27 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-29 09:27 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-29 09:27 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-29 09:27 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-29 09:27 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-29 09:27 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-29 09:26 - 2015-07-29 09:25 - 05633622 ____R (Swearware) C:\Users\Admin\Desktop\ComboFix.exe
2015-07-29 09:23 - 2015-07-29 09:25 - 05633622 _____ (Swearware) C:\Users\Daniel\Downloads\ComboFix.exe
2015-07-29 09:22 - 2015-07-29 09:22 - 00000000 ____D C:\Users\Admin\AppData\Local\ext_meduke
2015-07-29 09:18 - 2015-07-29 17:55 - 00000280 _____ C:\Windows\setupact.log
2015-07-29 09:18 - 2015-07-29 09:18 - 00000000 _____ C:\Windows\setuperr.log
2015-07-29 09:17 - 2015-07-29 17:55 - 00264470 _____ C:\Windows\PFRO.log
2015-07-29 02:20 - 2015-07-29 02:25 - 00000000 ____D C:\$Windows.~BT
2015-07-29 02:16 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-29 02:16 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-29 02:16 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-29 02:16 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-29 02:16 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-29 02:16 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-29 02:16 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-29 02:16 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-28 13:19 - 2015-07-28 13:19 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Desktop\tdsskiller.exe
2015-07-28 13:17 - 2015-07-28 13:19 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Downloads\tdsskiller.exe
2015-07-28 12:59 - 2015-07-29 17:49 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-28 12:55 - 2015-07-28 13:16 - 00000000 ____D C:\Users\Admin\Desktop\mbar
2015-07-28 12:55 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-28 12:54 - 2015-07-28 12:54 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Admin\Desktop\mbar-1.09.1.1004.exe
2015-07-28 12:48 - 2015-07-28 12:54 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Admin\Downloads\mbar-1.09.1.1004.exe
2015-07-28 12:41 - 2015-07-28 12:41 - 00001268 _____ C:\Users\Admin\Desktop\Revo Uninstaller.lnk
2015-07-28 12:41 - 2015-07-28 12:41 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-07-28 12:39 - 2015-07-28 12:40 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Admin\Downloads\revosetup95.exe
2015-07-28 12:35 - 2015-07-29 09:15 - 00000000 ____D C:\Users\Admin\AppData\Local\AviraSpeedup
2015-07-27 10:59 - 2015-07-29 18:22 - 00000000 ____D C:\FRST
2015-07-27 10:59 - 2015-07-27 20:54 - 00060762 _____ C:\Users\Daniel\Downloads\FRST.txt
2015-07-27 10:59 - 2015-07-27 20:54 - 00042061 _____ C:\Users\Daniel\Downloads\Addition.txt
2015-07-27 10:57 - 2015-07-27 10:58 - 02146816 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2015-07-27 09:39 - 2015-07-28 12:35 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Steganos
2015-07-27 09:35 - 2015-07-29 10:32 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Steganos VPN
2015-07-27 09:35 - 2015-07-28 12:34 - 00000000 ____D C:\Users\Public\Speedup Sessions
2015-07-27 09:35 - 2015-07-27 09:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup
2015-07-27 09:34 - 2015-07-28 13:27 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Steganos
2015-07-27 09:32 - 2015-07-27 09:32 - 00001123 _____ C:\Users\Public\Desktop\Steganos Online Shield.lnk
2015-07-27 09:32 - 2015-07-27 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steganos Online Shield
2015-07-27 09:32 - 2015-07-27 09:32 - 00000000 ____D C:\Program Files (x86)\Steganos Online Shield
2015-07-27 03:50 - 2015-07-27 03:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-07-27 03:50 - 2015-07-27 03:50 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-07-26 12:38 - 2015-07-26 12:38 - 00000000 ____D C:\Users\Daniel\AppData\Local\Image Composite Editor
2015-07-26 12:37 - 2015-07-26 12:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Composite Editor
2015-07-26 12:37 - 2015-07-26 12:37 - 00000000 ____D C:\Program Files\Microsoft Research
2015-07-26 12:28 - 2015-07-26 12:33 - 07195928 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\vcredist_x64.exe
2015-07-26 12:28 - 2015-07-26 12:33 - 06505592 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\vcredist_x86.exe
2015-07-26 12:28 - 2015-07-26 12:30 - 01422408 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\vcredist_arm.exe
2015-07-26 12:22 - 2015-07-26 12:25 - 07963136 _____ C:\Users\Daniel\Downloads\ICE-2.0.3-for-64-bit-Windows.msi
2015-07-26 12:15 - 2015-07-26 12:18 - 07440896 _____ C:\Users\Daniel\Downloads\ICE-2.0.3-for-32-bit-Windows.msi
2015-07-26 07:03 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-26 07:03 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-26 07:03 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-26 07:03 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-26 07:03 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-26 07:03 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-26 07:03 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-26 07:03 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-26 07:03 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-26 07:03 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-26 07:03 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-26 07:03 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-26 07:03 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-26 07:03 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-26 07:03 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-26 07:03 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-26 07:03 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-26 07:03 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-26 07:03 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-26 07:03 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-26 07:03 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-26 07:03 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-26 07:03 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-26 07:03 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-26 07:03 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-26 07:03 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-26 07:03 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-26 07:03 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-26 07:03 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-26 07:03 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-26 07:03 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-26 07:03 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-26 07:03 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-26 07:03 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-26 07:03 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-26 07:03 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-26 07:03 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-26 07:03 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-26 07:03 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-26 07:03 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-26 07:03 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-26 07:03 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-26 07:03 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-26 07:03 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-26 06:57 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-26 06:57 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-26 06:57 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-26 06:57 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-26 06:57 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-26 06:57 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-26 06:57 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-26 06:57 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-26 06:57 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-26 06:57 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-26 06:57 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-26 06:57 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-26 06:29 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-26 06:29 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-26 06:29 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-26 06:29 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-26 06:29 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-26 06:29 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-26 06:29 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-26 06:29 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-26 06:29 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-26 06:29 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-26 06:29 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-26 06:29 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-26 06:29 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-26 06:29 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-26 06:29 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-26 06:29 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-26 06:29 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-26 06:29 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-26 06:29 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-26 06:28 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-26 06:28 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-26 06:28 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-26 06:28 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-26 06:28 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-26 06:28 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-26 06:28 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-26 06:17 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-26 06:17 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-26 06:16 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-26 06:16 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-26 06:16 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-26 06:16 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-26 06:16 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-26 06:16 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-26 06:16 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-26 06:16 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-26 06:16 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-26 06:16 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-26 06:16 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-26 06:16 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-26 06:16 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-26 06:16 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-26 06:16 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-26 06:16 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-26 06:16 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-26 06:16 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-26 06:16 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-26 06:16 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-26 06:16 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-26 06:16 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-26 06:16 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-26 06:16 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-26 06:16 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-26 06:16 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-26 06:16 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-26 06:16 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-26 06:16 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-26 06:16 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-26 06:16 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-26 06:16 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-26 06:16 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-26 06:16 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-26 06:16 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-26 06:16 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-26 06:16 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-26 06:16 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-26 06:16 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-26 02:28 - 2015-07-26 02:28 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-07 22:40 - 2015-07-26 00:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-07 10:33 - 2015-07-07 10:33 - 00000000 ____D C:\Users\Daniel\AppData\Local\{4BAEA186-020B-4086-B44A-FF6BF01F00F6}
2015-06-30 12:58 - 2015-06-30 12:58 - 00000000 ____D C:\Users\Daniel\AppData\Local\PDF24
2015-06-30 12:57 - 2015-06-30 12:57 - 00001083 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-06-30 12:57 - 2015-06-30 12:57 - 00001063 _____ C:\Users\Public\Desktop\PDF24 Fax.lnk
2015-06-30 12:57 - 2015-06-30 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-06-30 12:57 - 2015-06-30 12:57 - 00000000 ____D C:\Program Files (x86)\PDF24
2015-06-30 12:51 - 2015-06-30 12:51 - 01198368 _____ C:\Users\Daniel\Downloads\PDF24 Creator - CHIP-Installer.exe
2015-06-30 12:24 - 2015-06-30 12:24 - 00493636 _____ C:\Users\Daniel\Desktop\Plakat (klein) – Party.rar
2015-06-30 12:22 - 2015-06-30 12:22 - 00522576 _____ C:\Users\Daniel\Desktop\Plakat (klein) – Party.pages
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-29 18:16 - 2011-08-10 16:29 - 01910264 _____ C:\Windows\WindowsUpdate.log
2015-07-29 18:05 - 2015-06-19 10:09 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1088146415-38023645-2323927296-1000UA.job
2015-07-29 18:05 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-29 18:05 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-29 18:02 - 2011-08-05 18:38 - 00699432 _____ C:\Windows\system32\perfh007.dat
2015-07-29 18:02 - 2011-08-05 18:38 - 00149572 _____ C:\Windows\system32\perfc007.dat
2015-07-29 18:02 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-29 18:00 - 2011-11-02 14:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-29 17:58 - 2014-09-11 07:59 - 00000000 ____D C:\Users\Admin\AppData\Local\LogMeIn Hamachi
2015-07-29 17:55 - 2014-08-28 13:11 - 00001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-07-29 17:55 - 2014-08-28 13:10 - 00000992 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-07-29 17:55 - 2011-11-02 14:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-29 17:55 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-29 17:46 - 2012-10-21 10:54 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-29 17:45 - 2011-10-04 22:32 - 00000000 ____D C:\ProgramData\ICQ
2015-07-29 17:19 - 2012-07-12 14:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-29 16:25 - 2012-06-07 11:37 - 00000000 ____D C:\Users\Daniel\AppData\Local\Windows Live
2015-07-29 12:01 - 2012-03-26 23:46 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
2015-07-29 10:31 - 2014-08-28 12:56 - 00000000 ____D C:\Users\Daniel\AppData\Local\LogMeIn Hamachi
2015-07-29 10:31 - 2012-03-01 13:40 - 00000040 ___SH C:\ProgramData\.zreglib
2015-07-29 09:47 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-29 09:40 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-29 09:35 - 2014-02-06 22:12 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Common
2015-07-29 09:22 - 2013-11-11 18:21 - 00000000 ___RD C:\Users\Daniel\Dropbox
2015-07-29 09:22 - 2013-11-11 18:14 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Dropbox
2015-07-29 09:21 - 2011-08-30 16:30 - 00000000 ____D C:\ProgramData\clear.fi
2015-07-29 09:18 - 2009-07-14 06:45 - 00435960 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-29 09:16 - 2014-04-30 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-29 02:26 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2015-07-29 02:11 - 2015-06-19 10:09 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1088146415-38023645-2323927296-1000Core.job
2015-07-29 00:34 - 2014-08-28 12:56 - 00000000 ____D C:\ProgramData\LogMeIn
2015-07-28 18:46 - 2013-08-19 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-28 18:45 - 2013-08-19 22:50 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-28 18:45 - 2013-08-19 22:50 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-28 12:40 - 2014-03-29 11:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Avira
2015-07-27 11:07 - 2011-08-30 19:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\Microsoft Help
2015-07-27 10:50 - 2011-08-30 14:55 - 00117064 _____ C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-27 09:43 - 2014-03-29 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-07-27 09:43 - 2012-10-03 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
2015-07-27 09:43 - 2011-11-03 01:02 - 00000000 ____D C:\Windows\Minidump
2015-07-27 09:36 - 2013-10-14 15:57 - 00117064 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-27 09:35 - 2013-08-19 22:50 - 00000000 ____D C:\Program Files (x86)\Avira
2015-07-27 09:08 - 2013-10-14 15:56 - 00000000 ____D C:\Users\Admin
2015-07-27 04:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-27 03:22 - 2014-12-10 04:19 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-27 03:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-27 03:05 - 2011-08-30 19:27 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-27 01:52 - 2012-10-21 10:54 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-27 01:52 - 2012-10-21 10:54 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-27 01:52 - 2011-09-02 17:47 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-27 00:40 - 2014-08-28 13:10 - 00000000 ____D C:\Program Files (x86)\LogMeIn
2015-07-27 00:37 - 2014-08-28 13:10 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2015-07-27 00:37 - 2014-08-28 13:10 - 00092520 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2015-07-27 00:37 - 2014-08-28 13:10 - 00035688 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2015-07-26 18:10 - 2011-09-01 22:14 - 00000000 ____D C:\Users\Daniel\AppData\Local\Adobe
2015-07-26 17:30 - 2013-11-25 14:16 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2015-07-26 12:37 - 2014-08-05 11:12 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-26 03:06 - 2015-04-11 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-26 03:00 - 2015-04-11 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-26 02:00 - 2015-06-19 10:09 - 00004200 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1088146415-38023645-2323927296-1000UA
2015-07-26 02:00 - 2015-06-19 10:09 - 00003804 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1088146415-38023645-2323927296-1000Core
2015-07-26 01:55 - 2011-11-02 14:02 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-26 01:55 - 2011-11-02 14:02 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-26 00:33 - 2012-07-13 13:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-14 11:44 - 2014-09-05 22:34 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-07-07 17:28 - 2014-04-30 11:00 - 00000000 ____D C:\Users\Daniel\Desktop\TSGHomepage
2015-07-01 09:31 - 2013-08-19 22:50 - 00000000 ____D C:\ProgramData\Avira
2015-07-01 09:31 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-30 21:32 - 2015-01-21 19:58 - 00000000 ____D C:\Users\Daniel\Desktop\TSG Jugendwart
2015-06-30 13:08 - 2013-08-17 20:39 - 00000000 ____D C:\Users\Daniel\Desktop\Patricia
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-03-01 13:40 - 2015-07-29 10:31 - 0000040 ___SH () C:\ProgramData\.zreglib
2011-08-10 17:09 - 2011-08-10 17:11 - 0014802 _____ () C:\ProgramData\ArcadeDeluxe5.log
2011-03-16 14:39 - 2010-03-02 23:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2012-02-16 12:59 - 2014-04-24 16:11 - 0013764 _____ () C:\ProgramData\hpzinstall.log
Einige Dateien in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll
C:\Users\Daniel\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-07-26 02:16
==================== Ende von log ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-07-2015
durchgeführt von Admin (2015-07-29 18:22:54)
Gestartet von C:\Users\Admin\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Admin (S-1-5-21-1088146415-38023645-2323927296-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-1088146415-38023645-2323927296-500 - Administrator - Disabled)
Daniel (S-1-5-21-1088146415-38023645-2323927296-1000 - Limited - Enabled) => C:\Users\Daniel
Gast (S-1-5-21-1088146415-38023645-2323927296-501 - Limited - Disabled)
LogMeInRemoteUser (S-1-5-21-1088146415-38023645-2323927296-1002 - Administrator - Enabled) => C:\Users\LogMeInRemoteUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0225.2011 - Acer Incorporated)
Acoustica MP3 To Wave Converter PLUS (HKLM-x32\...\Acoustica MP3 To Wave Converter PLUS) (Version: 2.5 - Acoustica, Inc.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.0.0.0 - SlySoft)
ATI AVIVO64 Codecs (Version: 11.6.0.10218 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{B64BEED7-3DC2-53FF-6FDC-D8B636B585A4}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
Avira (HKLM-x32\...\{8467e01f-0496-42ce-b247-88ef205b4880}) (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.6.10.1246 - Avira Operations GmbH & Co. KG)
B109a-m (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
BCL ALLPDF Converter 3.0 (HKLM\...\{67FBF90D-1D1A-410B-956A-E7A8778A9223}) (Version: 3.0.8 - BCL Technologies)
BCL easyPDF Printer 6 (HKLM\...\{8EAF3C82-921D-47E1-8685-B36B4E6B5039}) (Version: 6.3.17 - BCL Technologies)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.0.7 - BlueJ Team)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1720.15 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.1720.15 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7713 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3007 - Acer Incorporated)
CLIQZ (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 1.0.0 - CLIQZ.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version: - DVD Shrink)
DynaGeo 3.8c (HKLM-x32\...\DynaGeo_is1) (Version: - Roland Mechling)
E.M. Free Photo Collage 1.30 (HKLM-x32\...\E.M. Free Photo Collage 1.30_is1) (Version: - EffectMatrix, Inc.)
E.M. Multilayer Image Processing SDK 1.30 (HKLM-x32\...\E.M. Multilayer Image Processing SDK 1.30_is1) (Version: - EffectMatrix, Inc.)
Epson Benutzerhandbuch WF-2540 Series (HKLM-x32\...\WF-2540 Series Useg) (Version: - )
Epson Connect Guide (HKLM-x32\...\Epson Connect Guide) (Version: - )
Epson Easy Photo Print 2 (HKLM-x32\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.31.00 - SEIKO EPSON CORPORATION)
Epson Netzwerkhandbuch WF-2540 Series (HKLM-x32\...\WF-2540 Series Netg) (Version: - )
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WF-2540 Series Printer Uninstall (HKLM\...\EPSON WF-2540 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Etron USB3.0 Host Controller (x32 Version: 0.103 - Etron Technology) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Studio version 5.7.4.918 (HKLM-x32\...\Free Studio_is1) (Version: 5.7.4.918 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.31.917 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.31.917 - DVDVideoSoft Ltd.)
Funktionenplotter 15.1 (HKLM-x32\...\Der ultimative Funktionenplotter_is1) (Version: 15.1 - Werner Brandes)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GeoGebra (HKLM-x32\...\GeoGebra) (Version: 4.0.16.0 - International GeoGebra Institute)
Google Chrome Frame (HKLM-x32\...\{8618AE04-1210-3C32-A8C3-45A5E44CD340}) (Version: 65.169.107 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Gpg4win (2.2.3) (HKLM-x32\...\GPG4Win) (Version: 2.2.3 - The Gpg4win Project)
Haufe iDesk-Browser (HKLM-x32\...\{0F32914F-A633-4516-B531-7084C8F19F93}) (Version: 10.10.14.0000 - Haufe-Lexware GmbH & Co. KG)
Haufe iDesk-Browser (HKLM-x32\...\{56FDB311-6511-11DE-832F-0050560400B1}) (Version: 9.06.30.7144 - Haufe)
Haufe iDesk-Service (HKLM-x32\...\{27F10580-E040-11DF-8C28-005056B12123}) (Version: 10.10.25.7810 - Haufe)
Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: 7.0.28130 - Hauppauge Computer Works)
Hauppauge WinTV Infrared Remote (HKLM-x32\...\Hauppauge WinTV Infrared Remote) (Version: 2.66.28078 - Hauppauge Computer Works, Inc.)
HP Photosmart B109a-m All-in-One Driver 14.0 Rel. 6 (HKLM\...\{A253A57F-4319-49B5-B405-64587FFBCFE2}) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Acer Incorporated)
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java SE Development Kit 7 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170050}) (Version: 1.7.0.50 - Oracle)
Java(TM) 6 Update 2 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160020}) (Version: 1.6.0.20 - Sun Microsystems, Inc.)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
JavaFX 2.1.1 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-211648764D10}) (Version: 2.1.1 - Oracle Corporation)
JavaFX 2.1.1 SDK (64-bit) (HKLM\...\{2222706F-666A-4037-7777-211648764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Klett Begleit-CD LS NW 8 (HKLM-x32\...\Klett Begleit-CD LS NW 8) (Version: - )
Konz 2012 (HKLM-x32\...\InstallShield_{1D33BCF7-B5B6-4148-B888-9CC2EC208556}) (Version: 1.00.0000 - USM)
Konz 2012 (x32 Version: 1.00.0000 - USM) Hidden
Lexware Info Service (HKLM-x32\...\{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}) (Version: 2.70.00.0081 - Haufe-Lexware GmbH & Co.KG)
LOCAD2004 (HKLM-x32\...\LOCAD2004) (Version: - )
LogMeIn (HKLM-x32\...\{9905E4C1-14D8-4522-88FE-FD00B51A20DC}) (Version: 4.1.4408 - LogMeIn, Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.377 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.377 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.4.0 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
MyWinLocker (Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.11 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDF24 Creator 7.0.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PS_AIO_06_B109a-m_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Python 3.2.2 (HKLM-x32\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFD}) (Version: 3.2.2150 - Python Software Foundation)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.36.1224.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6257 - Realtek Semiconductor Corp.)
Reise nach Nordland (HKLM-x32\...\Reise nach Nordland) (Version: - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shredder (Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.7 - Egis Technology Inc.) Hidden
SmartTools Office DDE-Fix (HKLM-x32\...\SmartTools PublishingOffice DDE-Fixv1.20) (Version: v1.20 - SmartTools Publishing)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
Steganos Online Shield (HKLM-x32\...\{896614ED-00BD-4E0C-99AB-01C76EE416D9}) (Version: 1.4.16 - Steganos Software GmbH)
Steuer 2007 (HKLM-x32\...\{5E8C42DD-7E43-462C-84CC-99E5BBE3E101}) (Version: 14.00 - Lexware)
Steuer 2007 (x32 Version: 14.00 - Lexware) Hidden
Steuer 2008 (HKLM-x32\...\{6181E138-C21C-471C-9238-F2F59C314C6C}) (Version: 15.00.00.0033 - Lexware)
Steuer 2008 (x32 Version: 15.00.00.0033 - Lexware) Hidden
Steuer 2009 (HKLM-x32\...\{410AB9BC-B057-4D39-9260-660EE1B4BED2}) (Version: 16.00.00.0039 - Lexware GmbH & Co. KG)
Steuer 2010 (HKLM-x32\...\{4B526075-AF27-47A2-860D-3DA92928A051}) (Version: 17.00.00.0062 - Haufe-Lexware GmbH & Co.KG)
Steuer 2011 (HKLM-x32\...\{4785CED6-73B3-45FA-AFE6-EDEDFDE67842}) (Version: 19.00.7304 - Buhl Data Service GmbH)
Steuer Hilfesammlung (HKLM-x32\...\{67DABCB4-239C-4E02-805E-DEA0DDCB1926}) (Version: 15.0.0.0 - Haufe Mediengruppe)
Steuer Hilfesammlung (HKLM-x32\...\{B754B683-E23C-4583-9312-50AD86836B42}) (Version: 14.0.0.0 - Haufe Mediengruppe)
Steuer-Hilfesammlung 2009 (HKLM-x32\...\{C3542652-4C59-4A96-982A-06EBB3F47819}) (Version: 16.0.0.0 - Haufe Mediengruppe)
Steuer-Hilfesammlung 2010 (HKLM-x32\...\{3BEFC315-7F74-4F71-B704-2CAF4DC046BB}) (Version: 17.0.0.0 - Haufe-Lexware GmbH & Co. KG)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 1.1.5 (HKLM-x32\...\VLC media player) (Version: 1.1.5 - VideoLAN)
VSO Downloader 2.9.6.6 (HKLM-x32\...\{DB70FB55-1515-4C75-95C8-FFBD5FE041F8}_is1) (Version: 2.9.6.6 - VSO Software)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
28-07-2015 12:42:47 Revo Uninstaller's restore point - Movies Toolbar for Firefox (Dist. by Bandoo Media, Inc.)
28-07-2015 12:45:25 Revo Uninstaller's restore point - Movies Toolbar for Internet Explorer (Dist. by Bandoo Media, Inc.)
29-07-2015 09:16:28 Windows Update
29-07-2015 17:57:37 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-07-29 09:38 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0FFAD65F-25EE-4383-8750-7FF61C2A905D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {1E659DED-CBEF-4F9F-9ECB-CC41BEE35CAF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1088146415-38023645-2323927296-1000Core => C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {2EA5B4ED-738F-42D6-9B74-CD7716F042F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {31634C60-48EB-4C9D-9737-AAD22E562A98} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-27] (Adobe Systems Incorporated)
Task: {522872A1-F5CC-48DF-926C-A349DDC6804F} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-05-20] (CyberLink Corp.)
Task: {532601DF-E89B-4F5D-9ACE-EE3F9A7AA469} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1088146415-38023645-2323927296-1000UA => C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {725093CA-0FF6-4D96-85A6-C8F8F53145E4} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-05-20] (CyberLink)
Task: {98DE768D-56BC-4256-8F3D-E2841E7C0209} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-05-20] (Acer Incorporated)
Task: {C46DC42D-F3B9-4ACA-9D62-4F4D29BCB55D} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2010-12-01] (Acer)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1088146415-38023645-2323927296-1000Core.job => C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1088146415-38023645-2323927296-1000UA.job => C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Daniel\Desktop\Plakat (klein) – Party.pages:com.dropbox.attributes
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer trusted/restricted ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1088146415-38023645-2323927296-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{02B923C1-9327-47B0-AF8B-69C1A1630BC8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7691D91E-AF89-4F9A-83FD-8B878D1F5FCE}] => (Allow) LPort=2869
FirewallRules: [{6A6DA178-35FD-4264-BD36-2339129E44EC}] => (Allow) LPort=1900
FirewallRules: [{B0868073-8BAB-477D-BC8E-FFFF71F9323C}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{FCC3BBCF-6D41-4928-8324-2C767C582FC7}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{FBFB6F42-D0FF-49F4-A366-7D02CEE168A6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{67D720A8-5A4C-40AE-8811-436757F73244}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{33C280C0-43C8-4147-BA6B-F8C0A53BBE72}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{2EF80DC0-937A-4361-A338-F9BDDB39ECED}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{5566B57F-4403-4A3B-8E98-0817C81E6CB5}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{B5D3F706-9866-4A84-98D2-7F755EF0D2A9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{E84536E6-E502-417E-8836-CF17CC35267F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{E60AA6F0-D274-45D0-A76E-9F143CA972AF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{45385446-F846-435F-A3B1-4CA01BBE66CF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{C39DA0BE-5275-4486-A006-2F9691F6B988}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{16555E27-C525-40F3-8AB0-7E35FA30F939}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{5A0D4804-B68E-4DC2-AFA2-18477B15FA0D}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{6E6620CF-6380-497D-BEE1-ECFB7994015A}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{AA57A6B7-EEF8-4A44-80D1-2941DCB9C2AF}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{7D8F0041-B7FC-4C55-932F-1CA617C8AEDD}] => (Allow) C:\Program Files (x86)\VSO\VSO Downloader\2\VsoDownloader.exe
FirewallRules: [{485E5BFA-FDFF-4180-A530-63E1FCF11E94}] => (Allow) C:\Program Files (x86)\VSO\VSO Downloader\2\VsoDownloader.exe
FirewallRules: [TCP Query User{8C9F6752-04A3-45D2-8B0B-7F70A917537C}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{EDF77D42-BFB0-4554-8918-77853ED8C7C7}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{5E69BDB9-3C20-4F99-B623-33920D241C51}] => (Allow) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7892101A-69A7-4082-99FE-28A91AA69320}] => (Allow) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{C07C451F-0DCE-49AF-8B51-AF5928C28DF2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{EC465FE8-256C-4A3D-939E-4D43A599D29B}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{E47638F2-0299-4751-81E8-1E18EC4E2A82}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{3AF29F1A-F126-4C79-9EE0-F5D74E1BEFD0}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{7D01E60B-924E-44BF-B174-1AB4B0C18C91}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{706D5D51-0D26-46EE-94DC-F6A64ACE8CB6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{9D58F428-DB54-49E6-A5B2-2F67C79D6894}C:\users\daniel\appdata\roaming\steganos\onlineshield\proxy\node.exe] => (Allow) C:\users\daniel\appdata\roaming\steganos\onlineshield\proxy\node.exe
FirewallRules: [UDP Query User{323D7378-2532-4122-8030-F14488562634}C:\users\daniel\appdata\roaming\steganos\onlineshield\proxy\node.exe] => (Allow) C:\users\daniel\appdata\roaming\steganos\onlineshield\proxy\node.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/29/2015 05:59:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 39.0.0.5659, Zeitstempel: 0x55934d06
Name des fehlerhaften Moduls: mozalloc.dll, Version: 39.0.0.5659, Zeitstempel: 0x55933a83
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x68c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (07/29/2015 05:55:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/29/2015 05:47:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/29/2015 05:05:16 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (07/29/2015 04:45:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OnlineShieldClient.exe, Version: 1.4.16.11329, Zeitstempel: 0x559e3f4d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636317
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e45b
ID des fehlerhaften Prozesses: 0x2720
Startzeit der fehlerhaften Anwendung: 0xOnlineShieldClient.exe0
Pfad der fehlerhaften Anwendung: OnlineShieldClient.exe1
Pfad des fehlerhaften Moduls: OnlineShieldClient.exe2
Berichtskennung: OnlineShieldClient.exe3
Error: (07/29/2015 09:40:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/29/2015 09:22:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OnlineShieldClient.exe, Version: 1.4.16.11329, Zeitstempel: 0x559e3f4d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636317
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e45b
ID des fehlerhaften Prozesses: 0x278
Startzeit der fehlerhaften Anwendung: 0xOnlineShieldClient.exe0
Pfad der fehlerhaften Anwendung: OnlineShieldClient.exe1
Pfad des fehlerhaften Moduls: OnlineShieldClient.exe2
Berichtskennung: OnlineShieldClient.exe3
Error: (07/29/2015 09:18:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2015 12:51:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm uninstall.exe, Version 1.8.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 20dc
Startzeit: 01d0c92286711fa6
Endzeit: 1
Anwendungspfad: C:\Users\Admin\AppData\Local\Temp\nsf414B.tmp\uninstall.exe
Berichts-ID:
Error: (07/27/2015 09:36:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OnlineShieldClient.exe, Version: 1.4.16.11329, Zeitstempel: 0x559e3f4d
Name des fehlerhaften Moduls: OnlineShieldClient.exe, Version: 1.4.16.11329, Zeitstempel: 0x559e3f4d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003f68a
ID des fehlerhaften Prozesses: 0x1760
Startzeit der fehlerhaften Anwendung: 0xOnlineShieldClient.exe0
Pfad der fehlerhaften Anwendung: OnlineShieldClient.exe1
Pfad des fehlerhaften Moduls: OnlineShieldClient.exe2
Berichtskennung: OnlineShieldClient.exe3
Systemfehler:
=============
Error: (07/29/2015 06:00:51 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Modules Installer" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (07/29/2015 05:58:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/29/2015 05:58:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/29/2015 05:58:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/29/2015 05:58:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/29/2015 05:58:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/29/2015 05:58:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/29/2015 05:58:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/29/2015 05:58:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/29/2015 05:58:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Epson Scanner Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (03/06/2015 09:03:44 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6715.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 132335 seconds with 4020 seconds of active time. This session ended with a crash.
Error: (02/11/2015 08:30:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6712.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1340453 seconds with 660 seconds of active time. This session ended with a crash.
Error: (02/04/2015 06:25:02 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6712.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 728136 seconds with 780 seconds of active time. This session ended with a crash.
Error: (11/18/2014 05:22:44 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 86841 seconds with 120 seconds of active time. This session ended with a crash.
Error: (11/20/2013 08:46:42 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 210 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity:
===================================
Date: 2015-07-29 09:35:19.527
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-07-29 09:35:19.478
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-2300 CPU @ 2.80GHz
Percentage of memory in use: 22%
Total physical RAM: 8174.47 MB
Available physical RAM: 6301.92 MB
Total Virtual: 16347.15 MB
Available Virtual: 14413.19 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:457.45 GB) (Free:325.33 GB) NTFS
Drive d: (DATA) (Fixed) (Total:457.96 GB) (Free:457.86 GB) NTFS
Drive i: () (Removable) (Total:14.83 GB) (Free:4.37 GB) FAT32
Drive l: (Iomega_HDD) (Fixed) (Total:931.51 GB) (Free:265.24 GB) NTFS
Drive m: (Elements) (Fixed) (Total:931.51 GB) (Free:517.16 GB) NTFS
Drive n: (STORE N GO) (Removable) (Total:3.73 GB) (Free:3.7 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D5B4D407)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=457.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=458 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 04156222)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 3.7 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 5 (Size: 14.8 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 9 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 00056EF3)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von log ============================
LG Daniel |
|
30.07.2015, 08:17
| #10 |
| /// the machine /// TB-Ausbilder | Outlook 2007 möchte mehrere Mails versenden obwohl keine Mails im Ausgangsordner existieren [gelöst]ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.07.2015, 10:10
| #11 |
| | Outlook 2007 möchte mehrere Mails versenden obwohl keine Mails im Ausgangsordner existieren [gelöst] so hier schonmal der log vom ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=fbe8c5dfe20ec041a5e10ce432cf89ed
# end=init
# utc_time=2015-07-30 01:47:10
# local_time=2015-07-30 03:47:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25049
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=fbe8c5dfe20ec041a5e10ce432cf89ed
# end=updated
# utc_time=2015-07-30 02:07:55
# local_time=2015-07-30 04:07:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=fbe8c5dfe20ec041a5e10ce432cf89ed
# engine=25049
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-30 04:55:31
# local_time=2015-07-30 06:55:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 61457344 189905181 0 0
# scanned=519414
# found=52
# cleaned=0
# scan_time=10056
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=A5B18BC1BB4B5A15A920B6B296E91D4B4C1F9F7E ft=1 fh=637e9a458de3601b vn="Variante von Win32/Adware.Snoozer.E Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Fifth\userid.dll.vir"
sh=564B632811D3E0B9216EF6D598617B469E6172CB ft=1 fh=0aa6a79dce02767d vn="Variante von Win32/Adware.Snoozer.E Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Intermediate\chunprot.dll.vir"
sh=D18ADEC9402DD028663B6FEB5F9B7A9D87D8A2E0 ft=1 fh=de8bd3b224dbd08d vn="Variante von Win32/Adware.Snoozer.E Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Intermediate\Intermediate.exe.vir"
sh=A5B18BC1BB4B5A15A920B6B296E91D4B4C1F9F7E ft=1 fh=637e9a458de3601b vn="Variante von Win32/Adware.Snoozer.E Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Intermediate\userid.dll.vir"
sh=1698DF3FD58B9ADFBDA830C7098D61954920E787 ft=1 fh=dda02248d130b73c vn="Variante von Win32/AdWare.Snoozer.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\SCheck\chunprot.dll.vir"
sh=83F3FD03A55A764980070A237F706A1D7D9970DE ft=1 fh=e11d85b5b0c3d303 vn="Variante von Generik.ENMAZWE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\SCheck\ntdllinst.exe.vir"
sh=A5B18BC1BB4B5A15A920B6B296E91D4B4C1F9F7E ft=1 fh=637e9a458de3601b vn="Variante von Win32/Adware.Snoozer.E Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Seventh\userid.dll.vir"
sh=23DF8C3BF065F4F25F27263E0E49F4EE7F413537 ft=1 fh=ed9f34651df2b868 vn="Mehrere Bedrohungen" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Sixth\Sixth.exe.vir"
sh=233BEF22AAA79D70767737373C51CF6C728A44E2 ft=0 fh=0000000000000000 vn="möglicherweise Variante von Win32/Adware.Snoozer.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\SSync\main.bin.vir"
sh=D18ADEC9402DD028663B6FEB5F9B7A9D87D8A2E0 ft=1 fh=de8bd3b224dbd08d vn="Variante von Win32/Adware.Snoozer.E Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\SSync\SSync.exe.vir"
sh=94A92A75386E9BBF299FA9152D73A2CE81277CA6 ft=1 fh=0a160eb20c54cdfd vn="Mehrere Bedrohungen" ac=I fn="C:\Qoobox\Quarantine\C\Users\Admin\AppData\Local\omesuperv.exe.vir"
sh=49AD5D90BD5BB58441293DF3534AD8D69EB30DF3 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.E evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Daniel\AppData\Local\Vid-Saver\Chrome\Vid-Saver.crx.vir"
sh=1DCB2CA9348BCCDE73A9CE801EA3FC2DEB479D2E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.20.48_0\js\background.js"
sh=1B85DF01132C1D5E6360E3BD3A66FA1B827A3504 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.20.48_0\js\lib\cookie_store.js"
sh=6B8CEE526A3C804A039246859F776561C00813A1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.20.48_0\js\lib\data_store.js"
sh=2ACB009AE5BE5D70786A25D45C6B0673977C8604 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.20.48_0\js\lib\reports.js"
sh=A5B18BC1BB4B5A15A920B6B296E91D4B4C1F9F7E ft=1 fh=637e9a458de3601b vn="Variante von Win32/Adware.Snoozer.E Anwendung" ac=I fn="C:\Users\Admin\AppData\Local\Temp\nsk4967.tmp\userid.dll"
sh=A5B18BC1BB4B5A15A920B6B296E91D4B4C1F9F7E ft=1 fh=637e9a458de3601b vn="Variante von Win32/Adware.Snoozer.E Anwendung" ac=I fn="C:\Users\Admin\AppData\Local\Temp\nsv933A.tmp\userid.dll"
sh=69F688416792260A76360424676EB0CDC62E5970 ft=1 fh=09859144d07e6483 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF10.dll"
sh=6B0A488B0C0099E48CCCE954A10146F2E7BE445E ft=1 fh=2137e60e27f18acd vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF11.dll"
sh=35C73FBEC676A0F9C2D2964FF1E4323744EFDA57 ft=1 fh=097f3082c5bec862 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF12.dll"
sh=F60410C345637FF41DA50D85750B3B6739CE7EF7 ft=1 fh=e2244f1a59f1b23f vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF13.dll"
sh=7D5AAD0353D93B5FC67FE53F0F7F13A763A45A32 ft=1 fh=c1300eb0a9f9fd47 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF14.dll"
sh=ABAB6BA3B2350D18B9567C9F6B65F0021D231A8A ft=1 fh=21311f8dbf8e1282 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF15.dll"
sh=C7AD4C26268591B58E70320EB23C36EF067536DC ft=1 fh=f12cb9df3c85e33f vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF16.dll"
sh=A01DF882C7A03A5127369E96FE01166435D0DA8A ft=1 fh=2d35e556b4914abb vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF17.dll"
sh=10CB163544480F388405919EDCD0A3D7BE1629A0 ft=1 fh=083948aa421caeef vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF18.dll"
sh=80492B0CF712310175D88841AE60CBCFBB75A8C0 ft=1 fh=060aa7f17486caf6 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF19.dll"
sh=7AD2027392AC043407077774E323677716B0BDA5 ft=1 fh=ba47773888022c43 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF2.dll"
sh=456046C59266011D268C5C7A74325EF6A4010AB7 ft=1 fh=b699e29a6c9aba84 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF20.dll"
sh=016DD8ED4B1AB2B98ACED394A68EF74A7F350132 ft=1 fh=4a932b82f002fac1 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF21.dll"
sh=F1D1288AB0090C386E71A98FF83266860A96CC6B ft=1 fh=6e56e89317b46db4 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF22.dll"
sh=6897059286B53D9364B7B84FDCBC84B00895F2DC ft=1 fh=ec5b38081b041898 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF23.dll"
sh=42B0E69CB33C634CFBB817603148E11F55963934 ft=1 fh=d0ac3cb497481981 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF24.dll"
sh=903A447F5B583619097EBF6B81673668FC93CE19 ft=1 fh=d1740bbf7215638c vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF25.dll"
sh=F51AA3804ED5F6B71793D414294C1E748C686F9C ft=1 fh=6141fc4637208873 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF26.dll"
sh=D2EDD9E100800DABBDE81257138CD4FB0170F7F1 ft=1 fh=5f2b14d07225a9a7 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF27.dll"
sh=5CF38B8D09FDA41F0726847607B089005FE775F0 ft=1 fh=daa1acc286ff704a vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF4.dll"
sh=19D0D75681E9F75240EDA743EA318A35FB7A1BAE ft=1 fh=25e14b8ec9b64399 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF5.dll"
sh=B77AD4942BB321DF2073665CF6FA80356AC3B128 ft=1 fh=7cbc49ea573072ec vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF6.dll"
sh=FD51605835626DA156E09D9369231E4287208C0F ft=1 fh=aa4ffe85ca639698 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF7.dll"
sh=BADB06FD4A91A2BD070820211FCBFF7A64339D5B ft=1 fh=855f2d2170ae8c0e vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF8.dll"
sh=95C676BACBA20887A4DCD9496F6F64CB955B2764 ft=1 fh=dc7ac1032afac9b5 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF9.dll"
sh=3921CD27F4BD81B0FF0DE29A855DF6026AF3D15C ft=1 fh=bd7257891175493f vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\Downloads\FreeStudio_5.7.4.918.exe"
sh=F3BF5E95D48789FCF2387B1F75066F4DF8064741 ft=1 fh=7de9aaa91ff7b277 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\Downloads\FreeYouTubeToMP3Converter.exe"
sh=3308BEBA5E02E49A1363583BB8CEA8AAA26B9D85 ft=1 fh=7b4073d88eb8119f vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\Downloads\FreeYouTubeToMP3Converter31124.exe"
sh=D71EF56BE975768AE3A45DBD5DC75D2440653FAD ft=1 fh=f35c25806688ae7f vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\Downloads\MediathekView - CHIP-Installer.exe"
sh=EDAACB48FD3DE9854341D2EB0DCBB557720711E6 ft=1 fh=e43c63f5e8994548 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\Downloads\PDF24 Creator - CHIP-Installer.exe"
sh=FC776D7A9A4465F3D85F75489D43A1455086C2D3 ft=1 fh=984526cc9d361558 vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="L:\Alte Rechner\Daten\Backup\Nero-8.2.8.0_deu_trial.exe"
sh=078379F52A32E34A3CBAC7D6CE2AF06084680E86 ft=1 fh=4e25f64989058ae4 vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="L:\Alte Rechner\Desktop\media.player.codec.pack.v3.9.9.setup.exe"
sh=0D4D6920C27EAD9765D5853BAB3B0E9E3F6CCC06 ft=1 fh=3b107c098feb653d vn="Variante von Win32/Toolbar.SearchSuite.Z evtl. unerwünschte Anwendung" ac=I fn="L:\Alte Rechner\Downloads\iLividSetupV1.exe"
hier das log vom Security Check Code:
ATTFilter Results of screen317's Security Check version 1.006
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Antivirus
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java(TM) 6 Update 31
Java 7 Update 51
Java(TM) 6 Update 2
Java version 32-bit out of Date!
Adobe Flash Player 18.0.0.209
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (39.0)
Mozilla Thunderbird 31.4.0 Thunderbird out of Date!
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Steganos Online Shield OnlineShieldService.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-07-2015
durchgeführt von Admin (Administrator) auf DEEPTHOUGHT (30-07-2015 23:36:13)
Gestartet von C:\Users\Admin\Desktop
Geladene Profile: Admin (Verfügbare Profile: Daniel & Admin & LogMeInRemoteUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wimserv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-11-30] (Realtek Semiconductor)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2014-02-07] (LogMeIn, Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-28] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-02-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [339312 2010-09-15] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-28] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502952 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863400 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217632 2015-06-24] (Geek Software GmbH)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-07-14] (LogMeIn Inc.)
HKLM-x32\...\RunOnce: [{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}] => C:\ProgramData\Package Cache\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}\Avira.OE.Setup.Bundle.exe [833736 2015-07-30] (Avira Operations GmbH & Co. KG) <===== ACHTUNG
HKU\S-1-5-18\...\Run: [SOS_Agent] => C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe [6200336 2015-07-09] (Steganos Software GmbH)
HKU\S-1-5-18\...\Run: [SOS Browser Monitor] => C:\Program Files (x86)\Steganos Online Shield\SteganosBrowserMonitor.exe [75776 2015-07-08] (Steganos Software GmbH)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk [2011-11-03]
ShortcutTarget: AutoStart IR.lnk -> C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BCL ALLPDF Printer Monitor.lnk [2015-03-08]
ShortcutTarget: BCL ALLPDF Printer Monitor.lnk -> C:\Program Files\BCL Technologies\ALLPDF 3\eptray.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013-11-25]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status..lnk [2011-11-03]
ShortcutTarget: WinTV Recording Status..lnk -> C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1088146415-38023645-2323927296-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04] (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-03-29] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-03-29] (Oracle Corporation)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.)
Handler: haufereader - No CLSID Value
Tcpip\..\Interfaces\{2CAADFF7-B477-4AF5-A003-8DEDB63B5FFE}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{79FEF043-A9D9-446C-B552-6F996BCEE660}: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c0fh0669.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-27] ()
FF Plugin: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\system32\npDeployJava1.dll [2012-05-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [2012-05-04] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-27] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-03-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-26] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c0fh0669.default\searchplugins\google-images.xml [2015-06-17]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c0fh0669.default\searchplugins\google-maps.xml [2015-06-17]
FF Extension: Cliqz Beta - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c0fh0669.default\Extensions\cliqz@cliqz.com.xpi [2015-06-17]
FF HKU\S-1-5-21-1088146415-38023645-2323927296-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: Kein Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2014-11-25] () [Datei ist nicht signiert]
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [602624 2010-03-29] (Hauppauge Computer Works) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-07-14] (LogMeIn, Inc.)
S2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [234856 2015-07-27] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2014-02-07] (LogMeIn, Inc.)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 Online Shield Starter Service; C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe [345136 2015-07-09] (Steganos Software GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138360 2012-01-29] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138360 2012-01-29] (SlySoft, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-04] (Avira Operations GmbH & Co. KG)
S3 hcw95bda; C:\Windows\System32\Drivers\hcw95bda.sys [658432 2009-07-06] (Hauppauge Computer Works, Inc.)
S3 hcw95rc; C:\Windows\System32\DRIVERS\hcw95rc.sys [19456 2009-07-06] (Hauppauge Computer Works, Inc.)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2014-02-07] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-30 23:36 - 2015-07-30 23:36 - 00000000 ____D C:\Users\Admin\Desktop\FRST-OlderVersion
2015-07-30 23:18 - 2015-07-30 23:18 - 00852684 _____ C:\Users\Admin\Downloads\SecurityCheck.exe
2015-07-30 23:18 - 2015-07-30 23:18 - 00852684 _____ C:\Users\Admin\Desktop\SecurityCheck.exe
2015-07-30 15:45 - 2015-07-30 15:45 - 02870984 _____ (ESET) C:\Users\Admin\Desktop\esetsmartinstaller_deu.exe
2015-07-30 15:43 - 2015-07-30 15:45 - 02870984 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
2015-07-30 03:04 - 2015-07-30 03:04 - 00000000 ____D C:\Users\Daniel\AppData\Local\{B13305C5-A4FD-4822-843B-216774309396}
2015-07-29 18:22 - 2015-07-30 23:36 - 00019752 _____ C:\Users\Admin\Desktop\FRST.txt
2015-07-29 18:22 - 2015-07-29 18:23 - 00043544 _____ C:\Users\Admin\Desktop\Addition.txt
2015-07-29 18:17 - 2015-07-29 18:17 - 00001233 _____ C:\Users\Admin\Desktop\JRT.txt
2015-07-29 17:47 - 2015-07-29 17:55 - 00000022 _____ C:\Windows\S.dirmngr
2015-07-29 17:45 - 2015-07-29 17:54 - 00000000 ____D C:\AdwCleaner
2015-07-29 17:19 - 2015-07-29 17:55 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-29 17:19 - 2015-07-29 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-07-29 17:19 - 2015-07-29 17:19 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-07-29 17:19 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-29 17:16 - 2015-07-30 23:36 - 02168832 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2015-07-29 17:08 - 2015-07-29 17:19 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-29 17:08 - 2015-07-29 17:19 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Malwarebytes
2015-07-29 17:08 - 2015-07-29 17:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-07-29 17:08 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-29 17:07 - 2015-07-29 16:59 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Admin\Desktop\JRT.exe
2015-07-29 17:07 - 2015-07-29 16:56 - 02248704 _____ C:\Users\Admin\Desktop\AdwCleaner_4.208.exe
2015-07-29 17:07 - 2012-07-12 14:54 - 10652120 _____ (Malwarebytes Corporation ) C:\Users\Admin\Desktop\mbam-setup-1.62.0.1300.exe
2015-07-29 16:57 - 2015-07-29 16:59 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Daniel\Downloads\JRT.exe
2015-07-29 16:55 - 2015-07-29 16:56 - 02248704 _____ C:\Users\Daniel\Downloads\AdwCleaner_4.208.exe
2015-07-29 16:54 - 2015-07-29 17:03 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Daniel\Downloads\mbam-setup-2.1.6.1022.exe
2015-07-29 15:03 - 2015-07-29 15:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\{A9E69C0F-FE9B-4C6C-9E5F-971F8AC9D2F0}
2015-07-29 09:47 - 2015-07-29 09:47 - 00038177 _____ C:\ComboFix.txt
2015-07-29 09:41 - 2015-07-29 17:50 - 00000352 _____ C:\Windows\wininit.ini
2015-07-29 09:27 - 2015-07-29 09:47 - 00000000 ____D C:\Qoobox
2015-07-29 09:27 - 2015-07-29 09:46 - 00000000 ____D C:\Windows\erdnt
2015-07-29 09:27 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-29 09:27 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-29 09:27 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-29 09:27 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-29 09:27 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-29 09:27 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-29 09:27 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-29 09:27 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-29 09:26 - 2015-07-29 09:25 - 05633622 ____R (Swearware) C:\Users\Admin\Desktop\ComboFix.exe
2015-07-29 09:23 - 2015-07-29 09:25 - 05633622 _____ (Swearware) C:\Users\Daniel\Downloads\ComboFix.exe
2015-07-29 09:22 - 2015-07-29 09:22 - 00000000 ____D C:\Users\Admin\AppData\Local\ext_meduke
2015-07-29 09:18 - 2015-07-29 20:29 - 00000448 _____ C:\Windows\setupact.log
2015-07-29 09:18 - 2015-07-29 09:18 - 00000000 _____ C:\Windows\setuperr.log
2015-07-29 09:17 - 2015-07-29 17:55 - 00264470 _____ C:\Windows\PFRO.log
2015-07-29 02:16 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-29 02:16 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-29 02:16 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-29 02:16 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-29 02:16 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-29 02:16 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-29 02:16 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-29 02:16 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-28 13:19 - 2015-07-28 13:19 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Desktop\tdsskiller.exe
2015-07-28 13:17 - 2015-07-28 13:19 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Downloads\tdsskiller.exe
2015-07-28 12:59 - 2015-07-29 17:49 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-28 12:55 - 2015-07-28 13:16 - 00000000 ____D C:\Users\Admin\Desktop\mbar
2015-07-28 12:55 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-28 12:54 - 2015-07-28 12:54 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Admin\Desktop\mbar-1.09.1.1004.exe
2015-07-28 12:48 - 2015-07-28 12:54 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Admin\Downloads\mbar-1.09.1.1004.exe
2015-07-28 12:41 - 2015-07-28 12:41 - 00001268 _____ C:\Users\Admin\Desktop\Revo Uninstaller.lnk
2015-07-28 12:41 - 2015-07-28 12:41 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-07-28 12:39 - 2015-07-28 12:40 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Admin\Downloads\revosetup95.exe
2015-07-28 12:35 - 2015-07-29 09:15 - 00000000 ____D C:\Users\Admin\AppData\Local\AviraSpeedup
2015-07-27 10:59 - 2015-07-30 23:36 - 00000000 ____D C:\FRST
2015-07-27 10:59 - 2015-07-27 20:54 - 00060762 _____ C:\Users\Daniel\Downloads\FRST.txt
2015-07-27 10:59 - 2015-07-27 20:54 - 00042061 _____ C:\Users\Daniel\Downloads\Addition.txt
2015-07-27 10:57 - 2015-07-27 10:58 - 02146816 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2015-07-27 09:39 - 2015-07-28 12:35 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Steganos
2015-07-27 09:35 - 2015-07-29 18:53 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Steganos VPN
2015-07-27 09:35 - 2015-07-28 12:34 - 00000000 ____D C:\Users\Public\Speedup Sessions
2015-07-27 09:35 - 2015-07-27 09:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup
2015-07-27 09:34 - 2015-07-28 13:27 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Steganos
2015-07-27 09:32 - 2015-07-27 09:32 - 00001123 _____ C:\Users\Public\Desktop\Steganos Online Shield.lnk
2015-07-27 09:32 - 2015-07-27 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steganos Online Shield
2015-07-27 09:32 - 2015-07-27 09:32 - 00000000 ____D C:\Program Files (x86)\Steganos Online Shield
2015-07-27 03:50 - 2015-07-27 03:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-07-27 03:50 - 2015-07-27 03:50 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-07-26 12:38 - 2015-07-26 12:38 - 00000000 ____D C:\Users\Daniel\AppData\Local\Image Composite Editor
2015-07-26 12:37 - 2015-07-26 12:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Composite Editor
2015-07-26 12:37 - 2015-07-26 12:37 - 00000000 ____D C:\Program Files\Microsoft Research
2015-07-26 12:28 - 2015-07-26 12:33 - 07195928 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\vcredist_x64.exe
2015-07-26 12:28 - 2015-07-26 12:33 - 06505592 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\vcredist_x86.exe
2015-07-26 12:28 - 2015-07-26 12:30 - 01422408 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\vcredist_arm.exe
2015-07-26 12:22 - 2015-07-26 12:25 - 07963136 _____ C:\Users\Daniel\Downloads\ICE-2.0.3-for-64-bit-Windows.msi
2015-07-26 12:15 - 2015-07-26 12:18 - 07440896 _____ C:\Users\Daniel\Downloads\ICE-2.0.3-for-32-bit-Windows.msi
2015-07-26 07:03 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-26 07:03 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-26 07:03 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-26 07:03 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-26 07:03 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-26 07:03 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-26 07:03 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-26 07:03 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-26 07:03 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-26 07:03 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-26 07:03 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-26 07:03 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-26 07:03 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-26 07:03 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-26 07:03 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-26 07:03 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-26 07:03 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-26 07:03 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-26 07:03 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-26 07:03 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-26 07:03 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-26 07:03 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-26 07:03 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-26 07:03 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-26 07:03 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-26 07:03 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-26 07:03 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-26 07:03 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-26 07:03 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-26 07:03 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-26 07:03 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-26 07:03 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-26 07:03 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-26 07:03 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-26 07:03 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-26 07:03 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-26 07:03 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-26 07:03 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-26 07:03 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-26 07:03 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-26 07:03 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-26 07:03 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-26 07:03 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-26 07:03 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-26 06:57 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-26 06:57 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-26 06:57 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-26 06:57 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-26 06:57 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-26 06:57 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-26 06:57 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-26 06:57 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-26 06:57 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-26 06:57 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-26 06:57 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-26 06:57 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-26 06:29 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-26 06:29 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-26 06:29 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-26 06:29 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-26 06:29 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-26 06:29 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-26 06:29 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-26 06:29 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-26 06:29 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-26 06:29 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-26 06:29 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-26 06:29 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-26 06:29 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-26 06:29 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-26 06:29 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-26 06:29 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-26 06:29 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-26 06:29 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-26 06:29 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-26 06:29 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-26 06:28 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-26 06:28 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-26 06:28 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-26 06:28 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-26 06:28 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-26 06:28 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-26 06:28 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-26 06:17 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-26 06:17 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-26 06:16 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-26 06:16 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-26 06:16 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-26 06:16 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-26 06:16 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-26 06:16 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-26 06:16 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-26 06:16 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-26 06:16 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-26 06:16 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-26 06:16 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-26 06:16 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-26 06:16 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-26 06:16 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-26 06:16 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-26 06:16 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-26 06:16 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-26 06:16 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-26 06:16 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-26 06:16 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-26 06:16 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-26 06:16 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-26 06:16 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-26 06:16 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-26 06:16 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-26 06:16 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-26 06:16 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-26 06:16 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-26 06:16 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-26 06:16 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-26 06:16 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-26 06:16 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-26 06:16 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-26 06:16 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-26 06:16 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-26 06:16 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-26 06:16 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-26 06:16 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-26 06:16 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-26 06:16 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-26 06:16 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-26 02:28 - 2015-07-26 02:28 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-10 19:28 - 2015-07-30 11:24 - 00000000 ___HD C:\$Windows.~BT
2015-07-07 22:40 - 2015-07-26 00:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-07 10:33 - 2015-07-07 10:33 - 00000000 ____D C:\Users\Daniel\AppData\Local\{4BAEA186-020B-4086-B44A-FF6BF01F00F6}
2015-06-30 12:58 - 2015-06-30 12:58 - 00000000 ____D C:\Users\Daniel\AppData\Local\PDF24
2015-06-30 12:57 - 2015-06-30 12:57 - 00001083 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-06-30 12:57 - 2015-06-30 12:57 - 00001063 _____ C:\Users\Public\Desktop\PDF24 Fax.lnk
2015-06-30 12:57 - 2015-06-30 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-06-30 12:57 - 2015-06-30 12:57 - 00000000 ____D C:\Program Files (x86)\PDF24
2015-06-30 12:51 - 2015-06-30 12:51 - 01198368 _____ C:\Users\Daniel\Downloads\PDF24 Creator - CHIP-Installer.exe
2015-06-30 12:24 - 2015-06-30 12:24 - 00493636 _____ C:\Users\Daniel\Desktop\Plakat (klein) – Party.rar
2015-06-30 12:22 - 2015-06-30 12:22 - 00522576 _____ C:\Users\Daniel\Desktop\Plakat (klein) – Party.pages
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-30 23:05 - 2015-06-19 10:09 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1088146415-38023645-2323927296-1000UA.job
2015-07-30 23:00 - 2011-11-02 14:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-30 22:46 - 2012-10-21 10:54 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-30 22:15 - 2011-08-10 16:29 - 01180620 _____ C:\Windows\WindowsUpdate.log
2015-07-30 16:52 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-30 16:52 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-30 12:38 - 2013-08-19 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-30 12:37 - 2014-08-05 11:12 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-30 11:27 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2015-07-30 02:05 - 2015-06-19 10:09 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1088146415-38023645-2323927296-1000Core.job
2015-07-30 02:00 - 2011-11-02 14:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-30 00:34 - 2014-08-28 12:56 - 00000000 ____D C:\ProgramData\LogMeIn
2015-07-29 18:56 - 2014-08-28 12:56 - 00000000 ____D C:\Users\Daniel\AppData\Local\LogMeIn Hamachi
2015-07-29 18:53 - 2012-03-01 13:40 - 00000040 ___SH C:\ProgramData\.zreglib
2015-07-29 18:53 - 2011-08-30 16:30 - 00000000 ____D C:\ProgramData\clear.fi
2015-07-29 18:02 - 2011-08-05 18:38 - 00699432 _____ C:\Windows\system32\perfh007.dat
2015-07-29 18:02 - 2011-08-05 18:38 - 00149572 _____ C:\Windows\system32\perfc007.dat
2015-07-29 18:02 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-29 17:58 - 2014-09-11 07:59 - 00000000 ____D C:\Users\Admin\AppData\Local\LogMeIn Hamachi
2015-07-29 17:55 - 2014-08-28 13:11 - 00001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-07-29 17:55 - 2014-08-28 13:10 - 00000992 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-07-29 17:55 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-29 17:45 - 2011-10-04 22:32 - 00000000 ____D C:\ProgramData\ICQ
2015-07-29 17:19 - 2012-07-12 14:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-29 16:25 - 2012-06-07 11:37 - 00000000 ____D C:\Users\Daniel\AppData\Local\Windows Live
2015-07-29 12:01 - 2012-03-26 23:46 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
2015-07-29 09:47 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-29 09:40 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-29 09:35 - 2014-02-06 22:12 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Common
2015-07-29 09:22 - 2013-11-11 18:21 - 00000000 ___RD C:\Users\Daniel\Dropbox
2015-07-29 09:22 - 2013-11-11 18:14 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Dropbox
2015-07-29 09:18 - 2009-07-14 06:45 - 00435960 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-29 09:16 - 2014-04-30 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-28 18:45 - 2013-08-19 22:50 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-28 18:45 - 2013-08-19 22:50 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-28 12:40 - 2014-03-29 11:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Avira
2015-07-27 11:07 - 2011-08-30 19:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\Microsoft Help
2015-07-27 10:50 - 2011-08-30 14:55 - 00117064 _____ C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-27 09:43 - 2014-03-29 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-07-27 09:43 - 2012-10-03 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
2015-07-27 09:43 - 2011-11-03 01:02 - 00000000 ____D C:\Windows\Minidump
2015-07-27 09:36 - 2013-10-14 15:57 - 00117064 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-27 09:35 - 2013-08-19 22:50 - 00000000 ____D C:\Program Files (x86)\Avira
2015-07-27 09:08 - 2013-10-14 15:56 - 00000000 ____D C:\Users\Admin
2015-07-27 04:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-27 03:22 - 2014-12-10 04:19 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-27 03:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-27 03:05 - 2011-08-30 19:27 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-27 01:52 - 2012-10-21 10:54 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-27 01:52 - 2012-10-21 10:54 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-27 01:52 - 2011-09-02 17:47 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-27 00:40 - 2014-08-28 13:10 - 00000000 ____D C:\Program Files (x86)\LogMeIn
2015-07-27 00:37 - 2014-08-28 13:10 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2015-07-27 00:37 - 2014-08-28 13:10 - 00092520 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2015-07-27 00:37 - 2014-08-28 13:10 - 00035688 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2015-07-26 18:10 - 2011-09-01 22:14 - 00000000 ____D C:\Users\Daniel\AppData\Local\Adobe
2015-07-26 17:30 - 2013-11-25 14:16 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2015-07-26 03:06 - 2015-04-11 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-26 03:00 - 2015-04-11 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-26 02:00 - 2015-06-19 10:09 - 00004200 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1088146415-38023645-2323927296-1000UA
2015-07-26 02:00 - 2015-06-19 10:09 - 00003804 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1088146415-38023645-2323927296-1000Core
2015-07-26 01:55 - 2011-11-02 14:02 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-26 01:55 - 2011-11-02 14:02 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-26 00:33 - 2012-07-13 13:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-14 11:44 - 2014-09-05 22:34 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-07-07 17:28 - 2014-04-30 11:00 - 00000000 ____D C:\Users\Daniel\Desktop\TSGHomepage
2015-07-01 09:31 - 2013-08-19 22:50 - 00000000 ____D C:\ProgramData\Avira
2015-07-01 09:31 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-30 21:32 - 2015-01-21 19:58 - 00000000 ____D C:\Users\Daniel\Desktop\TSG Jugendwart
2015-06-30 13:08 - 2013-08-17 20:39 - 00000000 ____D C:\Users\Daniel\Desktop\Patricia
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-03-01 13:40 - 2015-07-29 18:53 - 0000040 ___SH () C:\ProgramData\.zreglib
2011-08-10 17:09 - 2011-08-10 17:11 - 0014802 _____ () C:\ProgramData\ArcadeDeluxe5.log
2011-03-16 14:39 - 2010-03-02 23:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2012-02-16 12:59 - 2014-04-24 16:11 - 0013764 _____ () C:\ProgramData\hpzinstall.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\Package Cache\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}\Avira.OE.Setup.Bundle.exe
Einige Dateien in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll
C:\Users\Daniel\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-07-26 02:16
==================== Ende von log ============================
LG Daniel noch eine Ergänzung von heute: Nicht nur, dass ich immer noch keine Mails über Outlook versenden kann, möchte Outlook immer noch 1-2 Mails versenden die nicht da sind  |
|
01.08.2015, 10:40
| #12 |
| /// the machine /// TB-Ausbilder | Outlook 2007 möchte mehrere Mails versenden obwohl keine Mails im Ausgangsordner existieren [gelöst] Java, Adobe und Thunderbird updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Admin\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.20.48_0\js\background.js
C:\Users\Admin\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.20.48_0\js\lib\cookie_store.js
C:\Users\Admin\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.20.48_0\js\lib\data_store.js
C:\Users\Admin\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.20.48_0\js\lib\reports.js
C:\Users\Admin\AppData\Local\Temp\nsk4967.tmp\userid.dll
C:\Users\Admin\AppData\Local\Temp\nsv933A.tmp\userid.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF10.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF11.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF12.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF13.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF14.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF15.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF16.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF17.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF18.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF19.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF2.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF20.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF21.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF22.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF23.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF24.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF25.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF26.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF27.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF4.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF5.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF6.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF7.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF8.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF9.dll
C:\Users\Daniel\Downloads\FreeStudio_5.7.4.918.exe
C:\Users\Daniel\Downloads\FreeYouTubeToMP3Converter.exe
C:\Users\Daniel\Downloads\FreeYouTubeToMP3Converter31124.exe
C:\Users\Daniel\Downloads\MediathekView - CHIP-Installer.exe
C:\Users\Daniel\Downloads\PDF24 Creator - CHIP-Installer.exe
L:\Alte Rechner\Daten\Backup\Nero-8.2.8.0_deu_trial.exe
L:\Alte Rechner\Desktop\media.player.codec.pack.v3.9.9.setup.exe
L:\Alte Rechner\Downloads\iLividSetupV1.exe
HKLM-x32\...\RunOnce: [{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}] => C:\ProgramData\Package Cache\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}\Avira.OE.Setup.Bundle.exe [833736 2015-07-30] (Avira Operations GmbH & Co. KG) <===== ACHTUNG
C:\ProgramData\Package Cache\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Revo Uninstaller - Download - Filepony damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.mozilla.org/de/kb/fi...einfach-loesen Revo Uninstaller - Download - Filepony damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.google.com/chrome/answer/3296214?hl=de Konten aus Outlook löschen, neu anlegen, Passwörter der Email Konten ändern.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.08.2015, 22:41
| #13 |
| | Outlook 2007 möchte mehrere Mails versenden obwohl keine Mails im Ausgangsordner existieren [gelöst] Hier der Fixlog: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
durchgeführt von Admin (2015-08-02 23:34:26) Run:1
Gestartet von C:\Users\Admin\Desktop
Geladene Profile: Daniel & Admin (Verfügbare Profile: Daniel & Admin & LogMeInRemoteUser)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\Users\Admin\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.20.48_0\js\background.js
C:\Users\Admin\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.20.48_0\js\lib\cookie_store.js
C:\Users\Admin\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.20.48_0\js\lib\data_store.js
C:\Users\Admin\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.20.48_0\js\lib\reports.js
C:\Users\Admin\AppData\Local\Temp\nsk4967.tmp\userid.dll
C:\Users\Admin\AppData\Local\Temp\nsv933A.tmp\userid.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF10.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF11.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF12.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF13.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF14.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF15.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF16.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF17.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF18.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF19.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF2.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF20.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF21.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF22.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF23.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF24.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF25.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF26.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF27.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF4.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF5.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF6.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF7.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF8.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF9.dll
C:\Users\Daniel\Downloads\FreeStudio_5.7.4.918.exe
C:\Users\Daniel\Downloads\FreeYouTubeToMP3Converter.exe
C:\Users\Daniel\Downloads\FreeYouTubeToMP3Converter31124.exe
C:\Users\Daniel\Downloads\MediathekView - CHIP-Installer.exe
C:\Users\Daniel\Downloads\PDF24 Creator - CHIP-Installer.exe
L:\Alte Rechner\Daten\Backup\Nero-8.2.8.0_deu_trial.exe
L:\Alte Rechner\Desktop\media.player.codec.pack.v3.9.9.setup.exe
L:\Alte Rechner\Downloads\iLividSetupV1.exe
HKLM-x32\...\RunOnce: [{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}] => C:\ProgramData\Package Cache\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}\Avira.OE.Setup.Bundle.exe [833736 2015-07-30] (Avira Operations GmbH & Co. KG) <===== ACHTUNG
C:\ProgramData\Package Cache\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
Emptytemp:
*****************
C:\Users\Admin\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.20.48_0\js\background.js => erfolgreich verschoben.
C:\Users\Admin\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.20.48_0\js\lib\cookie_store.js => erfolgreich verschoben.
C:\Users\Admin\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.20.48_0\js\lib\data_store.js => erfolgreich verschoben.
C:\Users\Admin\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.20.48_0\js\lib\reports.js => erfolgreich verschoben.
C:\Users\Admin\AppData\Local\Temp\nsk4967.tmp\userid.dll => erfolgreich verschoben.
C:\Users\Admin\AppData\Local\Temp\nsv933A.tmp\userid.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF10.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF11.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF12.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF13.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF14.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF15.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF16.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF17.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF18.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF19.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF2.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF20.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF21.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF22.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF23.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF24.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF25.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF26.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF27.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF4.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF5.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF6.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF7.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF8.dll => erfolgreich verschoben.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\b7xgpkqj.default\extensions\{D62ECFF0-09D4-C1B0-2E9C-A6766A153AB1}\components\DatamngrHlpFF9.dll => erfolgreich verschoben.
C:\Users\Daniel\Downloads\FreeStudio_5.7.4.918.exe => erfolgreich verschoben.
C:\Users\Daniel\Downloads\FreeYouTubeToMP3Converter.exe => erfolgreich verschoben.
C:\Users\Daniel\Downloads\FreeYouTubeToMP3Converter31124.exe => erfolgreich verschoben.
C:\Users\Daniel\Downloads\MediathekView - CHIP-Installer.exe => erfolgreich verschoben.
C:\Users\Daniel\Downloads\PDF24 Creator - CHIP-Installer.exe => erfolgreich verschoben.
L:\Alte Rechner\Daten\Backup\Nero-8.2.8.0_deu_trial.exe => erfolgreich verschoben.
L:\Alte Rechner\Desktop\media.player.codec.pack.v3.9.9.setup.exe => erfolgreich verschoben.
L:\Alte Rechner\Downloads\iLividSetupV1.exe => erfolgreich verschoben.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e} => Wert nicht gefunden.
C:\ProgramData\Package Cache\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e} => erfolgreich verschoben.
esgiguard => Dienst erfolgreich entfernt
EmptyTemp: => 3.1 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 23:34:56 ====
LG Daniel Geändert von Blackfish (02.08.2015 um 23:21 Uhr) |
|
03.08.2015, 13:00
| #14 |
| /// the machine /// TB-Ausbilder | Outlook 2007 möchte mehrere Mails versenden obwohl keine Mails im Ausgangsordner existieren [gelöst] Java und Adobe Reader deinstallieren, wenn benötigt die aktuelle Version laden und installieren. bestehen noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.08.2015, 06:51
| #15 |
| | Outlook 2007 möchte mehrere Mails versenden obwohl keine Mails im Ausgangsordner existieren [gelöst] Hi also bis jetzt konnte ich keine Probleme feststellen. Vielen Dank für deine Hilfe. MIST MIST MIST MIST MIST! Moin Schrauber, leider habe ich doch ncoh Probleme. Mein Rechner hat mir jetzt zweimal nen Bluescreen geschmissen. Liebe Grüße Daniel |
|
| Themen zu Outlook 2007 möchte mehrere Mails versenden obwohl keine Mails im Ausgangsordner existieren |
| auf einmal, avira, gen, hallo zusammen, heute, hilfe, keinerlei, mails, mails versenden, outlook, outlook 2007, plötzlich, problem, scan, scanner, selbstständig, selbständiger versand, versand, versenden, virenscan, virenscanner, warnungen, woran, zusammen |
Outlook 2007 möchte mehrere Mails versenden obwohl keine Mails im Ausgangsordner existieren
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
Linear-Darstellung
