| |
| |||||||
Log-Analyse und Auswertung: Email- Konto gehackt?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.08.2015, 16:43
| #1 |
 |  Email- Konto gehackt? Hallo Trojanerteam, gestern bekam ich einen Anruf von einem Freund, der mich fragte, was ich ihm denn für eine Mail geschickt habe, mit einem Link (nach Polen), den er leichtsinnigerweise angeklickt hat. Da verschickt also 'Jemand' bzw. ein 'Programm' - mit meiner Mailadresse als Absender - Mails an Personen aus meinen Kontakten, aber auch an andere Personen. Die Namen werden offenbar auch mit anderen Netzen bzw. Providern kombiniert (...Name@vpstux3.its-gbr.de. oder ...Name@host ns1.dinamocms.com). Was falsch ist, kommt dann vom Mailer-Daemon zurück an mich. Ob das Folgende was mit dem oben Geschilderten zu tun hat, weiß ich nicht: vor ein paar Tagen hatte ich einen Bluescreen (' ... um den Computer vor Schaden zu bewahren ...'). Seit ca. 1 Jahr verweigert die Maus , egal ob USB oder BT in unregelmäßigen Abständen den Dienst. Da hilft nur USB-Stecker ziehen bzw. Aus- Einschalten der BT-Maus. Schon jetzt vielen Dank für Eure Mühen! günni42 Avira meldet keine Funde - gmer muß ich noch nachliefern, ist zu groß ( 8178 ohne 13795 mit Leerzeichen) - (Zit. 'Vermeide es auf Dein Thema selbst zu antworten') Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 15.08.2015 Suchlaufzeit: 15:37 Protokolldatei: MWB-Scan_150815.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.08.15.03 Rootkit-Datenbank: v2015.08.06.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Admi_günter Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 524792 Abgelaufene Zeit: 16 Min., 42 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 1 PUP.Optional.AskAPN.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4646332D-5350-006A-76A7-A758B70C1200}, In Quarantäne, [a8771bee09826ec8aed49e7d2fd426da], Registrierungswerte: 1 PUP.Optional.AskAPN.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4646332D-5350-006A-76A7-A758B70C1200}|InstallSource, C:\ProgramData\APN\APN-Stub\FF3-SP\, In Quarantäne, [a8771bee09826ec8aed49e7d2fd426da] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:14-08-2015 01 durchgeführt von Admi_günter (Administrator) auf RECHNER_*** (15-08-2015 18:46:39) Gestartet von C:\Users\Günter\Downloads Geladene Profile: Günter & Admi_günter & (Verfügbare Profile: Günter & Admi_günter & Christine) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: IE) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (AMD) C:\Windows\System32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Logitech Inc.) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (O3SIS AG) C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe () C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe (Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe () C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 8.0\PhotoshopElementsEditor.exe (Acresso Software Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_232_ActiveX.exe (Microsoft Corporation) C:\Windows\System32\prevhost.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation) C:\Windows\splwow64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-23] (Realtek Semiconductor) HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64 HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation) HKLM-x32\...\Run: [ShwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.) HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd) HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.) HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.) HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2010-10-27] (cyberlink) HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-06-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions) HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] () HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-28] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.) HKLM\...\RunOnce: [PC-Doctor for Windows REBOOT] => [X] HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-11] (Softthinks) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2015-04-14] (Malwarebytes Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [CAHeadless] => c:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe [615808 2009-09-18] (Adobe Systems Incorporated) HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.) HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe [4280184 2012-03-08] (Microsoft Corporation) HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084800 2012-04-25] (Nokia) HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG) HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [Amazon Cloud Player] => C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] () HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd) HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CAHeadless] => c:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe [615808 2009-09-18] (Adobe Systems Incorporated) HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.) HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe [4280184 2012-03-08] (Microsoft Corporation) HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084800 2012-04-25] (Nokia) HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG) HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Cloud Player] => C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] () HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd) HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.) HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [] => [X] HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG) HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.) HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab ZAO) HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd) HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\RunOnce: [Adobe Speed Launcher] => 1427060868 HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.) HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [] => [X] HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG) HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.) HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab ZAO) HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd) HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Adobe Speed Launcher] => 1427060868 HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.) HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG) HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.) HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG) Startup: C:\Users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2011-06-15] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Versandhelfer.lnk [2012-02-11] ShortcutTarget: Versandhelfer.lnk -> C:\Program Files (x86)\Versandhelfer\Versandhelfer.exe (Keine Datei) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-06-07] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2011-06-13] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei BootExecute: autocheck autochk * sdnclean64.exe GroupPolicyScripts-x32: Gruppenrichtline erkannt <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ixquick.com/deu/ HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01 HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ixquick.com/deu/ HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01 HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ixquick.com/deu/? HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ixquick.com/deu/? HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.search.ask.com/?tpid=FF3-SP&o=APN11414&pf=V7&trgb=IE&p2=%5EBBM%5Eaaa155%5EYY%5EDE&gct=hp&apn_ptnrs=%5EBBM&apn_dtid=%5Eaaa155%5EYY%5EDE&apn_dbr=iexplore.exe_6_11.0.9600.17280&apn_uid=E06E78F2-71B2-4AD9-8284-F83C3CD00A9F&itbv=12.17.1.2464&doi=2014-10-10&psv=&pt=tb HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8 HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.search.ask.com/?tpid=FF3-SP&o=APN11414&pf=V7&trgb=IE&p2=%5EBBM%5Eaaa155%5EYY%5EDE&gct=hp&apn_ptnrs=%5EBBM&apn_dtid=%5Eaaa155%5EYY%5EDE&apn_dbr=iexplore.exe_6_11.0.9600.17280&apn_uid=E06E78F2-71B2-4AD9-8284-F83C3CD00A9F&itbv=12.17.1.2464&doi=2014-10-10&psv=&pt=tb HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8 SearchScopes: HKLM -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003 -> DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003 -> {E935E8C2-8F33-448E-8292-885736E481FE} URL = hxxp://ixquick.com/do/metasearch.pl?query={searchTerms}&cat=web&pl=ie&language=deutsch SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {E935E8C2-8F33-448E-8292-885736E481FE} URL = hxxp://ixquick.com/do/metasearch.pl?query={searchTerms}&cat=web&pl=ie&language=deutsch BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08] (pdfforge GmbH) DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: HKLM-x32 {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6538/mcfscan.cab Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1 Tcpip\..\Interfaces\{D1A003C6-1664-4416-B03E-A904900A29D8}: [DhcpNameServer] 192.168.2.1 192.168.2.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-02-13] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-04-04] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-04-25] ( ) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-08-27] Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-28] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-28] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG) S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [236016 2010-10-26] (CyberLink) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert] R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab ZAO) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-28] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-28] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-04] (Avira Operations GmbH & Co. KG) S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT) S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir3.sys [33792 2010-06-03] (Hauppauge Computer Works, Inc.) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) S3 MEMSWEEP2; C:\Windows\system32\F492.tmp [6144 2011-05-12] (Sophos Plc) [Datei ist nicht signiert] S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2014-08-06] () S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-15 18:38 - 2015-08-15 18:39 - 00038767 _____ C:\Users\Günter\Downloads\Addition.txt 2015-08-15 18:37 - 2015-08-15 18:46 - 00032491 _____ C:\Users\Günter\Downloads\FRST.txt 2015-08-15 18:36 - 2015-08-15 18:46 - 00000000 ____D C:\FRST 2015-08-15 18:30 - 2015-08-15 18:30 - 02173952 _____ (Farbar) C:\Users\Günter\Downloads\FRST64.exe 2015-08-15 18:26 - 2015-08-15 18:26 - 00000484 _____ C:\Users\Günter\Desktop\defogger_disable.log 2015-08-15 18:26 - 2015-08-15 18:26 - 00000000 _____ C:\Users\Admi_günter\defogger_reenable 2015-08-15 18:23 - 2015-08-15 18:25 - 00050477 _____ C:\Users\Günter\Downloads\Defogger.exe 2015-08-15 17:46 - 2015-08-15 17:46 - 00000000 ____D C:\Program Files\Common Files\AV 2015-08-15 17:46 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe 2015-08-14 16:26 - 2015-08-14 16:26 - 00000000 ____D C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte 2015-08-13 07:50 - 2015-08-13 07:50 - 00001022 _____ C:\Users\Günter\Desktop\E-Mail.url 2015-08-12 22:02 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-08-12 22:02 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-08-12 08:30 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-08-12 08:30 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-08-12 08:30 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-08-12 08:30 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-08-12 08:30 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-08-12 08:30 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-08-12 08:30 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-08-12 08:30 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-08-12 08:28 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-08-12 08:28 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-08-12 08:28 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-08-12 08:28 - 2015-07-16 22:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-08-12 08:28 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-08-12 08:28 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-08-12 08:28 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-08-12 08:28 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-08-12 08:28 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-08-12 08:28 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-08-12 08:28 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-08-12 08:28 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-08-12 08:28 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-08-12 08:28 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-08-12 08:28 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-08-12 08:28 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-08-12 08:28 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-08-12 08:28 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-08-12 08:28 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-08-12 08:28 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-08-12 08:28 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-08-12 08:28 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-08-12 08:28 - 2015-07-16 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-08-12 08:28 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-08-12 08:28 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-08-12 08:28 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-08-12 08:28 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-08-12 08:28 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-08-12 08:28 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-08-12 08:28 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-08-12 08:28 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-08-12 08:28 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-08-12 08:28 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-08-12 08:28 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-08-12 08:28 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-08-12 08:28 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-08-12 08:28 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-08-12 08:28 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-08-12 08:28 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-08-12 08:28 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-08-12 08:28 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-08-12 08:28 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-08-12 08:28 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-08-12 08:28 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-08-12 08:28 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-08-12 08:28 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-08-12 08:28 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-08-12 08:28 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-08-12 08:28 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-08-12 08:28 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-08-12 08:28 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-08-12 08:28 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-08-12 08:28 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2015-08-12 08:28 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2015-08-12 08:28 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-08-12 08:28 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2015-08-12 08:28 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2015-08-12 08:28 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-08-12 08:28 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-08-12 08:28 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-08-12 08:28 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-08-12 08:28 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-08-12 08:28 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-08-12 08:28 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-08-12 08:28 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-08-12 08:28 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-08-12 08:28 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-08-12 08:28 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-08-12 08:28 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-08-12 08:28 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-08-12 08:28 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-08-12 08:28 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-08-12 08:28 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-08-12 08:28 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-08-12 08:28 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-08-12 08:28 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-08-12 08:28 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-08-12 08:28 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-08-12 08:28 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-08-12 08:28 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-08-12 08:28 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-08-12 08:28 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-08-12 08:28 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-08-12 08:28 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-08-12 08:28 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-08-12 08:28 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-08-12 08:28 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-08-12 08:28 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-08-12 08:28 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-08-12 08:28 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-08-12 08:28 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-08-12 08:28 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-08-12 08:28 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-08-12 08:28 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-08-12 08:28 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2015-08-12 08:28 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-08-12 08:28 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-08-12 08:28 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-08-12 08:28 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-08-12 08:28 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-08-12 08:28 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-08-12 08:28 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-08-12 08:28 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-08-12 08:28 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-08-12 08:28 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-08-12 08:28 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-08-12 08:28 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-08-12 08:28 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-08-12 08:28 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-08-12 08:28 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-08-12 08:28 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-08-12 08:28 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2015-08-12 08:28 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2015-08-12 08:27 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2015-08-12 08:27 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-08-12 08:27 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-08-12 08:27 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-08-12 08:27 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-08-12 08:27 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-08-12 08:27 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-08-12 08:27 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2015-08-12 08:27 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-08-12 08:27 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-08-12 08:27 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-08-12 08:27 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-08-12 08:27 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-08-12 08:27 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-08-12 08:27 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-08-12 08:27 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-08-12 08:27 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-08-12 08:27 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-08-12 08:27 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2015-08-12 08:27 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-08-12 08:27 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-08-12 08:27 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-08-12 08:27 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2015-08-12 08:27 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2015-08-12 08:27 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2015-08-12 08:27 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2015-08-12 08:27 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2015-08-12 08:27 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2015-08-12 08:25 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-08-12 08:25 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-08-12 08:25 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-08-12 08:25 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-08-12 08:25 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-08-12 08:25 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-08-12 08:25 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-08-12 08:25 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-08-12 08:25 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-08-12 08:25 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-08-12 08:25 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-08-12 08:25 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-08-12 08:25 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-08-12 08:25 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-08-12 08:25 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-08-12 08:25 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-08-12 08:25 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-08-12 08:25 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-08-12 08:25 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe 2015-08-12 08:25 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2015-08-12 08:25 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe 2015-08-12 08:25 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2015-07-31 22:22 - 2015-07-31 22:40 - 00000000 ____D C:\Users\Public\Documents\QV7_Data 2015-07-28 20:08 - 2015-07-28 20:28 - 3268147200 _____ C:\Users\Günter\Downloads\WIN_7_HOME_MAR_64.iso 2015-07-25 23:36 - 2015-07-25 23:43 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask 2015-07-25 23:36 - 2015-07-25 23:36 - 00004048 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask 2015-07-25 23:36 - 2015-07-25 23:36 - 00003236 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest 2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows 2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\Program Files\Dell Support Center 2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\Program Files\Dell 2015-07-25 23:28 - 2015-07-25 23:28 - 00000000 ____D C:\Users\Günter\AppData\Local\Dell Edoc Viewer 2015-07-22 21:15 - 2015-07-22 21:15 - 00074703 _____ C:\Windows\SysWOW64\mfc45.dat 2015-07-22 21:15 - 2015-07-22 21:15 - 00001181 _____ C:\Users\Admi_günter\Desktop\System Checkup.lnk 2015-07-22 21:15 - 2015-07-22 21:15 - 00000000 ____D C:\ProgramData\iolo 2015-07-22 21:15 - 2015-07-22 21:15 - 00000000 ____D C:\Program Files (x86)\iolo ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-15 18:47 - 2011-12-20 20:28 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-15 18:26 - 2011-06-12 17:32 - 00000000 ____D C:\Users\Admi_günter 2015-08-15 18:10 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-15 18:10 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-08-15 18:05 - 2012-08-24 00:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-08-15 18:04 - 2011-06-17 14:09 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs 2015-08-15 17:46 - 2013-04-18 22:52 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2015-08-15 17:28 - 2011-06-07 16:17 - 01731428 _____ C:\Windows\WindowsUpdate.log 2015-08-15 17:25 - 2011-06-14 15:32 - 00000000 ____D C:\Users\Günter\Documents\Outlook-Dateien 2015-08-15 17:07 - 2011-06-15 17:24 - 00000000 ____D C:\Users\Admi_günter\Documents\Outlook-Dateien 2015-08-15 15:37 - 2015-03-21 21:38 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-08-15 15:36 - 2015-03-21 21:38 - 00001108 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-08-15 15:36 - 2015-03-21 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-08-15 15:36 - 2015-03-21 21:38 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-08-14 22:59 - 2011-12-20 20:28 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-14 16:26 - 2015-04-11 07:14 - 00008289 _____ C:\Windows\setupact.log 2015-08-14 14:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2015-08-13 15:39 - 2013-09-03 15:45 - 00000219 _____ C:\Users\Günter\Desktop\www_ixquick Suche.url 2015-08-12 23:27 - 2015-05-30 21:06 - 00000458 _____ C:\Users\Günter\Desktop\www_PayPal.url 2015-08-12 23:24 - 2010-11-21 08:50 - 00702964 _____ C:\Windows\system32\perfh007.dat 2015-08-12 23:24 - 2010-11-21 08:50 - 00150604 _____ C:\Windows\system32\perfc007.dat 2015-08-12 23:24 - 2009-07-14 07:13 - 01629436 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-12 23:18 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-12 22:26 - 2009-07-14 06:45 - 00489808 _____ C:\Windows\system32\FNTCACHE.DAT 2015-08-12 22:24 - 2015-04-26 16:55 - 00023808 _____ C:\Windows\PFRO.log 2015-08-12 22:24 - 2014-12-11 16:36 - 00000000 ____D C:\Windows\system32\appraiser 2015-08-12 22:24 - 2014-05-06 22:34 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-08-12 22:01 - 2011-06-13 01:33 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-08-12 21:57 - 2013-08-15 21:53 - 00000000 ____D C:\Windows\system32\MRT 2015-08-12 21:57 - 2009-07-14 04:34 - 00000510 _____ C:\Windows\win.ini 2015-08-12 21:47 - 2011-06-10 22:26 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-08-12 19:05 - 2012-08-24 00:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-08-12 19:05 - 2012-04-09 10:39 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-08-12 19:05 - 2011-06-19 14:29 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-08-06 20:10 - 2011-06-16 21:23 - 00000000 ____D C:\Users\Günter\Documents\Computer, Treiber, Internet 2015-08-05 17:58 - 2011-06-16 21:28 - 00000000 ____D C:\Users\Günter\Documents\Telekom 2015-08-01 00:16 - 2013-09-08 23:50 - 00000000 ____D C:\Program Files (x86)\TTQV4 2015-07-31 22:44 - 2011-06-14 21:28 - 00000064 _____ C:\Windows\control.ini 2015-07-31 22:22 - 2015-02-28 00:50 - 00001074 _____ C:\Users\Admi_günter\Desktop\QuoVadis 7.lnk 2015-07-31 22:22 - 2015-02-28 00:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuoVadis 7 2015-07-31 22:22 - 2013-09-15 12:21 - 00000000 ____D C:\Program Files (x86)\QuoVadis7 2015-07-30 21:56 - 2015-01-24 18:20 - 00000000 ____D C:\ProgramData\Package Cache 2015-07-30 21:56 - 2015-01-24 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-07-28 20:51 - 2011-06-10 18:54 - 00000000 ____D C:\Users\Günter\AppData\Roaming\Roxio 2015-07-28 13:19 - 2015-01-24 18:21 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-07-28 13:19 - 2015-01-24 18:21 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-07-28 08:23 - 2011-02-11 19:13 - 00000000 ____D C:\Windows\panther 2015-07-28 08:17 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT 2015-07-25 23:43 - 2011-06-17 14:09 - 00099106 _____ C:\Windows\system32\lvcoinst.log 2015-07-25 23:37 - 2012-05-06 16:53 - 00000000 ____D C:\Users\Admi_günter\AppData\Roaming\PCDr 2015-07-25 23:36 - 2011-06-12 17:00 - 00000000 ____D C:\ProgramData\PCDr 2015-07-25 23:36 - 2011-06-07 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2015-07-25 22:34 - 2015-04-04 23:37 - 00000000 ___SD C:\Windows\system32\GWX 2015-07-21 17:47 - 2014-12-12 08:40 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk 2015-07-21 17:47 - 2011-06-07 16:41 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2015-07-21 17:45 - 2015-05-17 23:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-07-20 17:55 - 2015-04-04 23:37 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-07-16 07:19 - 2015-01-02 17:17 - 00000000 __SHD C:\Users\Admi_günter\AppData\Local\EmieBrowserModeList 2015-07-16 07:19 - 2014-05-23 22:29 - 00000000 __SHD C:\Users\Admi_günter\AppData\Local\EmieUserList 2015-07-16 07:19 - 2014-05-23 22:29 - 00000000 __SHD C:\Users\Admi_günter\AppData\Local\EmieSiteList 2015-07-16 07:15 - 2011-06-16 21:23 - 00000000 ____D C:\Users\Günter\Documents\Bild- Scans; OCR 2015-07-16 06:43 - 2015-02-16 00:27 - 00000430 _____ C:\Windows\Tasks\Defraggler Volume C Task.job 2015-07-16 06:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2012-04-13 23:18 - 2012-04-13 23:18 - 0000361 _____ () C:\Users\Admi_günter\AppData\Roaming\dpdhl.versandhelfer_state.xml 2011-11-05 19:48 - 2011-11-30 16:16 - 0124657 _____ () C:\Users\Admi_günter\AppData\Local\ars.cache 2011-11-05 19:48 - 2011-11-30 16:16 - 0920400 _____ () C:\Users\Admi_günter\AppData\Local\census.cache 2013-07-31 10:43 - 2013-07-31 10:43 - 0003584 _____ () C:\Users\Admi_günter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2011-11-05 19:41 - 2011-11-05 19:41 - 0000036 _____ () C:\Users\Admi_günter\AppData\Local\housecall.guid.cache 2011-06-29 12:18 - 2015-05-17 23:45 - 0007646 _____ () C:\Users\Admi_günter\AppData\Local\Resmon.ResmonCfg 2013-05-02 22:40 - 2013-05-02 22:40 - 0000056 _____ () C:\ProgramData\3mj1ol.bat 2013-05-02 22:40 - 2013-05-02 22:49 - 95023320 ____T () C:\ProgramData\3mj1ol.pad 2013-05-02 22:40 - 2013-05-02 22:40 - 0000152 _____ () C:\ProgramData\3mj1ol.reg 2013-05-02 22:40 - 2013-05-02 22:49 - 0000000 _____ () C:\ProgramData\as98213.txt 2011-06-22 15:58 - 2011-06-22 15:58 - 0000056 ____H () C:\ProgramData\ezsidmv.dat Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\ProgramData\3mj1ol.bat C:\ProgramData\3mj1ol.pad C:\ProgramData\3mj1ol.reg Einige Dateien in TEMP: ==================== C:\Users\Christine\AppData\Local\Temp\avgnt.exe C:\Users\Günter\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-08-14 14:09 ==================== Ende von Ergebnis ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:14-08-2015 01
durchgeführt von Günter (2015-08-15 18:38:42)
Gestartet von C:\Users\Günter\Downloads
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1916591956-2551971433-4189181994-500 - Administrator - Disabled)
Admi_günter (S-1-5-21-1916591956-2551971433-4189181994-1003 - Administrator - Enabled) => C:\Users\Admi_günter
Christine (S-1-5-21-1916591956-2551971433-4189181994-1004 - Limited - Enabled) => C:\Users\Christine
Gast (S-1-5-21-1916591956-2551971433-4189181994-501 - Limited - Disabled)
Günter (S-1-5-21-1916591956-2551971433-4189181994-1000 - Limited - Enabled) => C:\Users\Günter
HomeGroupUser$ (S-1-5-21-1916591956-2551971433-4189181994-1006 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 8.0 (HKLM-x32\...\PremElem80) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 8.0 Templates (HKLM-x32\...\PremElem80Templates) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Amazon Cloud Player (HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
Amazon Cloud Player (HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{20384EBF-4F10-13F0-07C6-7A6C87FD83DF}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI AVIVO64 Codecs (Version: 11.6.0.51125 - ATI Technologies Inc.) Hidden
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3426 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DataSync Outlook (HKLM-x32\...\InstallShield_{1C9171AC-5519-4DF4-B44D-B28F678DEB4C}) (Version: 7.00.2906 - O3SIS IT AG)
DataSync Outlook (x32 Version: 7.00.2906 - O3SIS IT AG) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.47 - Dell)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{17407164-F2AD-4E04-886B-8060D503F21C}) (Version: 1.4.162.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.30 - ArcSoft)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.1.1.1408 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.1.1.1408 - CyberLink Corp.) Hidden
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
EAGLE 6.5.0 (HKLM-x32\...\EAGLE 6.5.0) (Version: 6.5.0 - CadSoft Computer GmbH)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Attach To Email (x32 Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON File Manager (HKLM-x32\...\{D02F30FB-0BC4-419A-9B9C-ADC610029B50}) (Version: 1.3.2.0 - )
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.34.00 - SEIKO EPSON CORPORATION)
EPSON Scan Assistant (HKLM-x32\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Greenfish Icon Editor Pro 3.31 (HKLM-x32\...\{27135B83-5AFF-42A3-BCEB-E689BE9E2090}_is1) (Version: - Greenfish Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C4}) (Version: 12.0.1.881 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 12.0.1.881 - Kaspersky Lab) Hidden
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7248) - Logitech Inc..)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
MagicMaps Baden-Württemberg 3.0 (HKLM-x32\...\{F9A536B2-61B8-418C-AA23-258E2CCF4FB1}) (Version: 3.0 - MagicMaps)
MagicMaps Bayern 3.0 (HKLM-x32\...\{9CAD9741-F868-4D22-8D98-5AE8F65A4A9D}) (Version: 3.0 - MagicMaps)
MagicMaps Berlin Brandenburg Sachsen-Anhalt 3.0 (HKLM-x32\...\{86E3BE15-66B5-4775-862F-9C8A6C67C7C5}) (Version: 3.0 - MagicMaps)
MagicMaps Hessen Rheinland-Pfalz Saarland 3.0 (HKLM-x32\...\{8E7C9790-9804-44E9-8B50-34D5F448570B}) (Version: 3.0 - MagicMaps)
MagicMaps Niedersachsen Bremen 3.0 (HKLM-x32\...\{37C70729-A5AE-4894-AAB7-ADB8A2A8DD0E}) (Version: 3.0 - MagicMaps)
MagicMaps Nordrhein-Westfalen 3.0 (HKLM-x32\...\{C1918F8D-03AC-49D1-BA57-22A1AC3F672A}) (Version: 3.0 - MagicMaps)
MagicMaps Sachsen Thüringen 3.0 (HKLM-x32\...\{30D14A06-9B5B-4CA0-84E7-DBD16D5678F5}) (Version: 3.0 - MagicMaps)
MagicMaps Schleswig-Holstein Hamburg Mecklenburg-Vorpommern 3.0 (HKLM-x32\...\{8191A649-0833-44B4-BCC0-422227A67FA7}) (Version: 3.0 - MagicMaps)
MagicMaps Support und Update Tool (HKLM-x32\...\{0CA1C412-6716-40E8-B033-006002E7F7EC}) (Version: 1.1.3 - MagicMaps)
MagicMaps Tour Explorer Deutschland (HKLM-x32\...\{655B0665-7688-4269-B5B0-EC2D8F62D8B7}) (Version: 3.0.6 - MagicMaps)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower)
Multimedia Card Reader (x32 Version: 1.7.915.93 - Fitipower) Hidden
Nikon Scan (HKLM-x32\...\{9AE4AC96-A5F4-4F19-9D13-066C8B3CE034}) (Version: - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.4.40.0 - Nokia)
Nokia Suite (x32 Version: 3.4.40.0 - Nokia) Hidden
OpenFietsMap (BNLv10-05-2013) (HKLM-x32\...\OpenFietsMap (BNL)) (Version: - )
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.107 - Panda Security)
PathAway GPS 5 for Windows Mobile (HKLM-x32\...\PathAway GPS 5 for Windows Mobile) (Version: - )
PC Connectivity Solution (HKLM-x32\...\{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}) (Version: 12.0.17.0 - Nokia)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
QuickSteuer 2014 (HKLM-x32\...\{52DD1288-FA17-4062-8280-532C89A7E2F2}) (Version: 20.04.00.0003 - Haufe-Lexware GmbH & Co.KG)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
QuoVadis 7 (HKLM-x32\...\QuoVadis 7_is1) (Version: 7 - Flemming Software Development CC)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Real Time Analyzer (HKLM-x32\...\Real Time Analyzer_is1) (Version: 1.3 - Timo Esser)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.43 - Piriform)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.13 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
System Checkup 3.4 (HKLM-x32\...\{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1) (Version: 3.4.0.47 - iolo technologies, LLC)
THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited)
Touratech QV 4 (HKLM-x32\...\Touratech QV 4_is1) (Version: 4 - Thomas Flemming, Touratech AG)
TTQV Navteq-Maps 2005Q4 (HKLM-x32\...\TTQV Navteq-Maps_is1) (Version: - Touratech AG, Niedereschach)
TTQV-Map Europa Serie 200 (HKLM-x32\...\TTQV-Map Europa Serie 200_is1) (Version: 4 - Thomas Flemming, Touratech AG)
Ulead PhotoImpact 8 (HKLM-x32\...\InstallShield_{F101C58C-15CC-42B3-83D1-536CFB960634}) (Version: 8.0 - Ulead System)
Ulead PhotoImpact 8 (x32 Version: 8.0 - Ulead System) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6200 - Broadcom Corporation)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job =>
Task: C:\Windows\Tasks\Defraggler Volume C Task.job =>
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job =>
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job =>
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2010-07-21 13:46 - 2010-07-21 13:46 - 00173856 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2014-05-27 17:31 - 2014-05-08 19:26 - 03145536 _____ () C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-12-13 00:24 - 2014-12-13 00:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2010-11-17 10:35 - 2010-11-17 10:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
2011-11-11 14:07 - 2011-11-11 14:07 - 00265240 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2011-08-12 12:19 - 2011-08-12 12:19 - 00680984 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Günter\Downloads\geburtstagsgruß an udo.eml:OECustomProperty
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7867 mehr eingeschränkte Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{E41899B2-C951-4F9C-8F50-C55ACEA0C8C2}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{43B65E2F-9BD9-4472-B16D-86A9E3BFD43D}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{0FC66207-DD09-44FE-9B16-3887FA4698F6}] => (Allow) c:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [{3D66FE33-7768-47EA-9D8E-EF65818EF7C6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{6326CA8F-A859-4E19-B938-2F192EBA5407}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{8289E964-C8CA-4E43-B01C-F131CB392846}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FBDB4155-46DB-4DD7-ADCC-B7DE97CBBCBE}] => (Allow) LPort=2869
FirewallRules: [{E0E9307E-966C-4D6F-B865-81A2212B3907}] => (Allow) LPort=1900
FirewallRules: [{944FA721-B09E-4DFC-9F16-4D37359C7F32}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{7722C1AB-A88E-4C2F-8A6F-F87637BC87C9}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{27D121AA-BD51-41A4-943A-6E3AAD0532C4}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{85FFE42F-593E-4472-B6BF-B0A1AA7DB0DC}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{264402D7-7A7F-41F4-B146-5480C0EA5F37}] => (Allow) LPort=26675
FirewallRules: [{B2738629-CBA9-41C5-B75A-AA2AAA8659DF}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
FirewallRules: [{DEDEE668-4BA1-4D33-A3B3-3B7F9B376013}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
FirewallRules: [TCP Query User{1C539E96-F30F-4C5D-98F1-12A41A9274A7}C:\program files (x86)\logitech\vid hd\vid.exe] => (Block) C:\program files (x86)\logitech\vid hd\vid.exe
FirewallRules: [UDP Query User{B8F03193-3143-4379-AE44-639BDA39B37D}C:\program files (x86)\logitech\vid hd\vid.exe] => (Block) C:\program files (x86)\logitech\vid hd\vid.exe
FirewallRules: [{82BDAAF5-D4FA-4A3D-BDBA-CFD2170F7467}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{11986B09-3F96-40F9-BED3-CD08A6A5DA94}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{594427F1-EDA9-4261-89A5-86D20DB19A89}] => (Allow) LPort=26675
FirewallRules: [{9379F618-D5CC-46AF-B1DD-BDE13D736DD8}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{D95CA1D7-E74C-4233-9F1E-434EE7F5210C}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{D956C328-C1BE-4F1E-BD62-A9E4388E9EBD}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{2EC1FF0F-3293-46E2-AED9-39221AE480F5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3892184A-DC33-4C12-8CF4-0B04FD696E54}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/13/2015 01:47:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17937 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2278
Startzeit: 01d0d5bdc5bc226a
Endzeit: 10
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID:
Error: (08/13/2015 07:52:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17937 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: e74
Startzeit: 01d0d58c16a38c0c
Endzeit: 12
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID:
Error: (08/12/2015 11:18:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/12/2015 10:26:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/08/2015 11:30:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.17923, Zeitstempel: 0x55945dbd
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x556366f2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004ada4
ID des fehlerhaften Prozesses: 0x16c8
Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0
Pfad der fehlerhaften Anwendung: GWXUX.exe1
Pfad des fehlerhaften Moduls: GWXUX.exe2
Berichtskennung: GWXUX.exe3
Error: (08/01/2015 07:41:30 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "J:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (08/01/2015 12:22:11 AM) (Source: RapiMgr) (EventID: 8) (User: )
Description: communication (0x80072745)-Fehler beim Verbinden des Windows Mobile-basierten Geräts. (Die Daten enthalten den Fehlercode.).
Error: (07/31/2015 11:03:45 PM) (Source: RapiMgr) (EventID: 8) (User: )
Description: communication (0x80072745)-Fehler beim Verbinden des Windows Mobile-basierten Geräts. (Die Daten enthalten den Fehlercode.).
Error: (07/30/2015 11:51:42 AM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{d29a9d45-910f-11e0-938c-806e6f6e6963} - 0000000000000074,0x0053c008,000000000039EFD0,0,000000000039FFE0,4096,[0])". hr = 0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (07/29/2015 01:35:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (08/15/2015 01:56:10 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (08/15/2015 01:17:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Home
Error: (08/14/2015 04:25:55 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst RasMan erreicht.
Error: (08/14/2015 04:23:45 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (08/14/2015 07:31:25 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Home
Error: (08/13/2015 10:36:23 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (08/13/2015 10:36:23 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (08/13/2015 10:30:17 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (08/13/2015 10:30:17 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (08/13/2015 10:21:41 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Microsoft Office:
=========================
Error: (08/13/2015 01:47:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17937227801d0d5bdc5bc226a10C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Error: (08/13/2015 07:52:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17937e7401d0d58c16a38c0c12C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Error: (08/12/2015 11:18:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/12/2015 10:26:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/08/2015 11:30:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.1792355945dbdntdll.dll6.1.7601.18869556366f2c0000005000000000004ada416c801d0d1bcceb46f11C:\Windows\System32\GWX\GWXUX.exeC:\Windows\SYSTEM32\ntdll.dll0e0aa126-3db0-11e5-8fb3-782bcb983f04
Error: (08/01/2015 07:41:30 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: J:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (08/01/2015 12:22:11 AM) (Source: RapiMgr) (EventID: 8) (User: )
Description: communication (0x80072745)
Error: (07/31/2015 11:03:45 PM) (Source: RapiMgr) (EventID: 8) (User: )
Description: communication (0x80072745)
Error: (07/30/2015 11:51:42 AM) (Source: VSS) (EventID: 12289) (User: )
Description: DeviceIoControl(\\?\Volume{d29a9d45-910f-11e0-938c-806e6f6e6963} - 0000000000000074,0x0053c008,000000000039EFD0,0,000000000039FFE0,4096,[0])0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (07/29/2015 01:35:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity:
===================================
Date: 2015-07-28 08:12:37.676
Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 08:12:37.671
Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 08:12:37.665
Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 08:12:37.658
Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 08:12:37.591
Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 08:12:37.585
Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 08:12:37.580
Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 08:12:37.573
Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 08:12:37.507
Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 08:12:37.500
Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 8174.41 MB
Verfügbarer physikalischer RAM: 5745.73 MB
Summe virtueller Speicher: 16347.02 MB
Verfügbarer virtueller Speicher: 11006.92 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:1845.61 GB) (Free:1580.56 GB) NTFS
==================== MBR & Partitionstabelle ==================
==================== Ende von Ergebnis ============================
|
|
16.08.2015, 17:09
| #2 |
| /// the machine /// TB-Ausbilder    | Email- Konto gehackt? hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
16.08.2015, 22:55
| #3 |
| | Email- Konto gehackt? Hallo Schrauber,
__________________Nachtrag: GMER Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-08-15 22:46:34
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2 Intel___ rev.1.0. 1863,02GB
Running: Gmer-19357.exe; Driver: C:\Users\ADMI_G~1\AppData\Local\Temp\pwdoaaow.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075a91401 2 bytes JMP 76f7b20b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075a91419 2 bytes JMP 76f7b336 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075a91431 2 bytes JMP 76ff8f39 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075a9144a 2 bytes CALL 76f54885 C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075a914dd 2 bytes JMP 76ff8832 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075a914f5 2 bytes JMP 76ff8a08 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075a9150d 2 bytes JMP 76ff8728 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075a91525 2 bytes JMP 76ff8af2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075a9153d 2 bytes JMP 76f6fc98 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075a91555 2 bytes JMP 76f768df C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075a9156d 2 bytes JMP 76ff8ff1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075a91585 2 bytes JMP 76ff8b52 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075a9159d 2 bytes JMP 76ff86ec C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075a915b5 2 bytes JMP 76f6fd31 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075a915cd 2 bytes JMP 76f7b2cc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075a916b2 2 bytes JMP 76ff8eb4 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075a916bd 2 bytes JMP 76ff8681 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075a91401 2 bytes JMP 76f7b20b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075a91419 2 bytes JMP 76f7b336 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075a91431 2 bytes JMP 76ff8f39 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075a9144a 2 bytes CALL 76f54885 C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075a914dd 2 bytes JMP 76ff8832 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075a914f5 2 bytes JMP 76ff8a08 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075a9150d 2 bytes JMP 76ff8728 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075a91525 2 bytes JMP 76ff8af2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075a9153d 2 bytes JMP 76f6fc98 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075a91555 2 bytes JMP 76f768df C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075a9156d 2 bytes JMP 76ff8ff1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075a91585 2 bytes JMP 76ff8b52 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075a9159d 2 bytes JMP 76ff86ec C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075a915b5 2 bytes JMP 76f6fd31 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075a915cd 2 bytes JMP 76f7b2cc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075a916b2 2 bytes JMP 76ff8eb4 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075a916bd 2 bytes JMP 76ff8681 C:\Windows\syswow64\kernel32.dll
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\svchost.exe [5760:2984] 000007feff33a808
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8daea49a3
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8daea49a3@002376a7b2e6 0xBE 0x5C 0x61 0x75 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8daea49a3@001122334455 0xF2 0xF4 0xD7 0xCA ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8daea49a3@000113141a69 0xF4 0x9A 0x42 0xA4 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8daea49a3@001dd9eb27a9 0x84 0xD3 0x71 0x2D ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8daea49a3@1dfe819f6260 0x19 0xFC 0xA2 0x9B ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8daea49a3@0007619c84b2 0x46 0x8F 0xD8 0x4E ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0f8daea49a3 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0f8daea49a3@002376a7b2e6 0xBE 0x5C 0x61 0x75 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0f8daea49a3@001122334455 0xF2 0xF4 0xD7 0xCA ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0f8daea49a3@000113141a69 0xF4 0x9A 0x42 0xA4 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0f8daea49a3@001dd9eb27a9 0x84 0xD3 0x71 0x2D ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0f8daea49a3@1dfe819f6260 0x19 0xFC 0xA2 0x9B ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0f8daea49a3@0007619c84b2 0x46 0x8F 0xD8 0x4E ...
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Admi_günter\AppData\Local\Logitech\xae Webcam-Software\Logishrd\LU2.0\LogitechUpdate.exe 1
---- EOF - GMER 2.1 ----
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.08.16.03
rootkit: v2015.08.16.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17959
Admi_günter :: RECHNER_*** [administrator]
16.08.2015 20:21:13
mbar-log-2015-08-16 (20-21-13).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 526443
Time elapsed: 18 minute(s), 57 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Der Log von TDSSKiller in den noch folgenden Teilbeiträgen (wegen zu großem Umfang) Gruß! - günni42 Nachtrag: Report TDSSKiller Code:
ATTFilter 22:05:11.0611 0x365c TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
22:05:16.0221 0x365c ============================================================
22:05:16.0221 0x365c Current date / time: 2015/08/16 22:05:16.0221
22:05:16.0221 0x365c SystemInfo:
22:05:16.0221 0x365c
22:05:16.0221 0x365c OS Version: 6.1.7601 ServicePack: 1.0
22:05:16.0221 0x365c Product type: Workstation
22:05:16.0221 0x365c ComputerName: RECHNER_RUG
22:05:16.0221 0x365c UserName: Admi_günter
22:05:16.0221 0x365c Windows directory: C:\Windows
22:05:16.0221 0x365c System windows directory: C:\Windows
22:05:16.0221 0x365c Running under WOW64
22:05:16.0221 0x365c Processor architecture: Intel x64
22:05:16.0221 0x365c Number of processors: 8
22:05:16.0221 0x365c Page size: 0x1000
22:05:16.0221 0x365c Boot type: Normal boot
22:05:16.0221 0x365c ============================================================
22:05:16.0701 0x365c KLMD registered as C:\Windows\system32\drivers\27365469.sys
22:05:16.0986 0x365c System UUID: {3DBE4E46-81AA-A90D-DDCD-1A5BE8A86BEB}
22:05:17.0237 0x365c Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1600000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:05:17.0249 0x365c ============================================================
22:05:17.0249 0x365c \Device\Harddisk0\DR0:
22:05:17.0249 0x365c MBR partitions:
22:05:17.0249 0x365c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x52800, BlocksNum 0x227F000
22:05:17.0249 0x365c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x22D1800, BlocksNum 0xE6B39000
22:05:17.0249 0x365c ============================================================
22:05:17.0320 0x365c C: <-> \Device\Harddisk0\DR0\Partition2
22:05:17.0321 0x365c ============================================================
22:05:17.0321 0x365c Initialize success
22:05:17.0321 0x365c ============================================================
22:05:24.0941 0x26e0 ============================================================
22:05:24.0941 0x26e0 Scan started
22:05:24.0941 0x26e0 Mode: Manual;
22:05:24.0941 0x26e0 ============================================================
22:05:24.0941 0x26e0 KSN ping started
22:05:27.0276 0x26e0 KSN ping finished: true
22:05:28.0398 0x26e0 ================ Scan system memory ========================
22:05:28.0398 0x26e0 System memory - ok
22:05:28.0399 0x26e0 ================ Scan services =============================
22:05:28.0557 0x26e0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:05:28.0561 0x26e0 1394ohci - ok
22:05:28.0593 0x26e0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:05:28.0598 0x26e0 ACPI - ok
22:05:28.0621 0x26e0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:05:28.0629 0x26e0 AcpiPmi - ok
22:05:28.0740 0x26e0 [ 765FE0463E711E5A68AC7B69538ED922, A1D31DECBE8F703DB2FAF4B1A10D3B70FBBA0AD776CDC1B813387BFEDAE9D0A0 ] AdobeActiveFileMonitor8.0 c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
22:05:28.0742 0x26e0 AdobeActiveFileMonitor8.0 - ok
22:05:28.0823 0x26e0 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:05:28.0825 0x26e0 AdobeARMservice - ok
22:05:28.0913 0x26e0 [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:05:28.0916 0x26e0 AdobeFlashPlayerUpdateSvc - ok
22:05:28.0943 0x26e0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:05:28.0956 0x26e0 adp94xx - ok
22:05:28.0972 0x26e0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:05:28.0978 0x26e0 adpahci - ok
22:05:29.0003 0x26e0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:05:29.0006 0x26e0 adpu320 - ok
22:05:29.0045 0x26e0 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:05:29.0047 0x26e0 AeLookupSvc - ok
22:05:29.0094 0x26e0 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
22:05:29.0105 0x26e0 AFD - ok
22:05:29.0122 0x26e0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
22:05:29.0123 0x26e0 agp440 - ok
22:05:29.0151 0x26e0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
22:05:29.0154 0x26e0 ALG - ok
22:05:29.0182 0x26e0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
22:05:29.0183 0x26e0 aliide - ok
22:05:29.0222 0x26e0 [ 4EAAAAB8759644D572522FBCDD196A13, EF1ECE8073B048C2286F639BA76C523B6B267B64447358383C042BD593194350 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:05:29.0235 0x26e0 AMD External Events Utility - ok
22:05:29.0253 0x26e0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
22:05:29.0254 0x26e0 amdide - ok
22:05:29.0266 0x26e0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:05:29.0268 0x26e0 AmdK8 - ok
22:05:29.0489 0x26e0 [ 22A14DF59FB8D0BE918C597988AF4296, 714BD1BB63D732C6D03DFA1C2D81A2E00659C04052E110F0BF1EB74A7CD39B1C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:05:29.0759 0x26e0 amdkmdag - ok
22:05:29.0795 0x26e0 [ EE22D3ED6D55A855E709F811CCCA97ED, 179F34CF6E0C2F821EBC0AECF09AAA0867616CCBB5EA6B17891860B27D56AC66 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
22:05:29.0807 0x26e0 amdkmdap - ok
22:05:29.0814 0x26e0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
22:05:29.0816 0x26e0 AmdPPM - ok
22:05:29.0840 0x26e0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:05:29.0848 0x26e0 amdsata - ok
22:05:29.0868 0x26e0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:05:29.0873 0x26e0 amdsbs - ok
22:05:29.0888 0x26e0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:05:29.0889 0x26e0 amdxata - ok
22:05:30.0029 0x26e0 [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
22:05:30.0048 0x26e0 AntiVirMailService - ok
22:05:30.0110 0x26e0 [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:05:30.0116 0x26e0 AntiVirSchedulerService - ok
22:05:30.0179 0x26e0 [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:05:30.0185 0x26e0 AntiVirService - ok
22:05:30.0290 0x26e0 [ F857D22CEC14854D310C5596C8CE6006, 67448C506D3171D327A6CE3952E41BDC65587FEB45F510160A1DAFCA9491711E ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
22:05:30.0316 0x26e0 AntiVirWebService - ok
22:05:30.0356 0x26e0 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
22:05:30.0358 0x26e0 AppID - ok
22:05:30.0398 0x26e0 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:05:30.0406 0x26e0 AppIDSvc - ok
22:05:30.0454 0x26e0 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
22:05:30.0456 0x26e0 Appinfo - ok
22:05:30.0492 0x26e0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
22:05:30.0495 0x26e0 arc - ok
22:05:30.0517 0x26e0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:05:30.0520 0x26e0 arcsas - ok
22:05:30.0617 0x26e0 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:05:30.0619 0x26e0 aspnet_state - ok
22:05:30.0647 0x26e0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:05:30.0648 0x26e0 AsyncMac - ok
22:05:30.0665 0x26e0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
22:05:30.0665 0x26e0 atapi - ok
22:05:30.0684 0x26e0 [ 437F55435623D4D54D36197F5AD8B435, CE004F1E3299E39AFD70C8618253901614C0F3DBD594B6F0E1BA294C7B47FAD6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
22:05:30.0687 0x26e0 AtiHDAudioService - ok
22:05:30.0720 0x26e0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:05:30.0733 0x26e0 AudioEndpointBuilder - ok
22:05:30.0745 0x26e0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:05:30.0754 0x26e0 AudioSrv - ok
22:05:30.0820 0x26e0 [ 24843902369DC82B4691F816F08F2938, 330E22C6007B10FE9C232BBCA2F388ADA17DEDBAA11BEC2A70377A4466DFB6FA ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
22:05:30.0827 0x26e0 avgntflt - ok
22:05:30.0872 0x26e0 [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
22:05:30.0880 0x26e0 avipbb - ok
22:05:30.0941 0x26e0 [ 4B3DBF1CEBE1B2346BF2F8D2251F641A, CDC5BCA35BE658007E29E94E7FBFAA499B50929E738A12904397D16268C6FBAE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
22:05:30.0944 0x26e0 Avira.ServiceHost - ok
22:05:30.0974 0x26e0 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
22:05:30.0975 0x26e0 avkmgr - ok
22:05:31.0003 0x26e0 [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
22:05:31.0005 0x26e0 avnetflt - ok
22:05:31.0035 0x26e0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:05:31.0038 0x26e0 AxInstSV - ok
22:05:31.0069 0x26e0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:05:31.0077 0x26e0 b06bdrv - ok
22:05:31.0090 0x26e0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:05:31.0095 0x26e0 b57nd60a - ok
22:05:31.0113 0x26e0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
22:05:31.0116 0x26e0 BDESVC - ok
22:05:31.0141 0x26e0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
22:05:31.0141 0x26e0 Beep - ok
22:05:31.0191 0x26e0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
22:05:31.0204 0x26e0 BFE - ok
22:05:31.0261 0x26e0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
22:05:31.0281 0x26e0 BITS - ok
22:05:31.0301 0x26e0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:05:31.0303 0x26e0 blbdrive - ok
22:05:31.0321 0x26e0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:05:31.0323 0x26e0 bowser - ok
22:05:31.0338 0x26e0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:05:31.0342 0x26e0 BrFiltLo - ok
22:05:31.0358 0x26e0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:05:31.0366 0x26e0 BrFiltUp - ok
22:05:31.0394 0x26e0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
22:05:31.0397 0x26e0 Browser - ok
22:05:31.0414 0x26e0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:05:31.0419 0x26e0 Brserid - ok
22:05:31.0433 0x26e0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:05:31.0434 0x26e0 BrSerWdm - ok
22:05:31.0450 0x26e0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:05:31.0458 0x26e0 BrUsbMdm - ok
22:05:31.0467 0x26e0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:05:31.0468 0x26e0 BrUsbSer - ok
22:05:31.0504 0x26e0 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
22:05:31.0505 0x26e0 BthEnum - ok
22:05:31.0517 0x26e0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:05:31.0519 0x26e0 BTHMODEM - ok
22:05:31.0548 0x26e0 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:05:31.0551 0x26e0 BthPan - ok
22:05:31.0595 0x26e0 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
22:05:31.0604 0x26e0 BTHPORT - ok
22:05:31.0620 0x26e0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
22:05:31.0622 0x26e0 bthserv - ok
22:05:31.0662 0x26e0 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
22:05:31.0664 0x26e0 BTHUSB - ok
22:05:31.0705 0x26e0 [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
22:05:31.0711 0x26e0 btwampfl - ok
22:05:31.0733 0x26e0 [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
22:05:31.0742 0x26e0 btwaudio - ok
22:05:31.0774 0x26e0 [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
22:05:31.0780 0x26e0 btwavdt - ok
22:05:31.0873 0x26e0 [ 6A667ADAD3C2151131E6A478850762BE, 3A98BFB7E201EBDB55CB7C7332CF7C3D876BE03910FDA24F1146F8AAE4C39DD8 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
22:05:31.0886 0x26e0 btwdins - ok
22:05:31.0894 0x26e0 [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
22:05:31.0895 0x26e0 btwl2cap - ok
22:05:31.0902 0x26e0 [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
22:05:31.0903 0x26e0 btwrchid - ok
22:05:31.0915 0x26e0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:05:31.0922 0x26e0 cdfs - ok
22:05:31.0933 0x26e0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:05:31.0935 0x26e0 cdrom - ok
22:05:31.0951 0x26e0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
22:05:31.0953 0x26e0 CertPropSvc - ok
22:05:31.0969 0x26e0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:05:31.0970 0x26e0 circlass - ok
22:05:31.0993 0x26e0 [ 06E1F5228399FC49A8D026DA38DB6784, 5554071E5C55FC7EF3C7C95F0BC565509C3F0C03E0814C98376932A9D1C32AA6 ] cjusb C:\Windows\system32\DRIVERS\cjusb.sys
22:05:31.0994 0x26e0 cjusb - ok
22:05:32.0041 0x26e0 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
22:05:32.0048 0x26e0 CLFS - ok
22:05:32.0104 0x26e0 [ 730BF325E4CC1E3935B81943AC6DA216, FF6D7C087976D6B431F8799AEF6DFA12F31F6B38D5D70F9A8F03AB01CC58BD58 ] CLKMSVC10_9EC60124 C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
22:05:32.0109 0x26e0 CLKMSVC10_9EC60124 - ok
22:05:32.0181 0x26e0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:05:32.0190 0x26e0 clr_optimization_v2.0.50727_32 - ok
22:05:32.0262 0x26e0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:05:32.0265 0x26e0 clr_optimization_v2.0.50727_64 - ok
22:05:32.0361 0x26e0 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:05:32.0364 0x26e0 clr_optimization_v4.0.30319_32 - ok
22:05:32.0379 0x26e0 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:05:32.0390 0x26e0 clr_optimization_v4.0.30319_64 - ok
22:05:32.0410 0x26e0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
22:05:32.0411 0x26e0 CmBatt - ok
22:05:32.0430 0x26e0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:05:32.0436 0x26e0 cmdide - ok
22:05:32.0509 0x26e0 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
22:05:32.0526 0x26e0 CNG - ok
22:05:32.0550 0x26e0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
22:05:32.0551 0x26e0 Compbatt - ok
22:05:32.0572 0x26e0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:05:32.0573 0x26e0 CompositeBus - ok
22:05:32.0585 0x26e0 COMSysApp - ok
22:05:32.0598 0x26e0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:05:32.0599 0x26e0 crcdisk - ok
22:05:32.0644 0x26e0 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:05:32.0648 0x26e0 CryptSvc - ok
22:05:32.0674 0x26e0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:05:32.0683 0x26e0 DcomLaunch - ok
22:05:32.0707 0x26e0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
22:05:32.0713 0x26e0 defragsvc - ok
22:05:32.0729 0x26e0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:05:32.0738 0x26e0 DfsC - ok
22:05:32.0774 0x26e0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:05:32.0779 0x26e0 Dhcp - ok
22:05:32.0881 0x26e0 [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
22:05:32.0906 0x26e0 DiagTrack - ok
22:05:32.0921 0x26e0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
22:05:32.0922 0x26e0 discache - ok
22:05:32.0933 0x26e0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
22:05:32.0935 0x26e0 Disk - ok
22:05:32.0983 0x26e0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:05:32.0987 0x26e0 Dnscache - ok
22:05:33.0016 0x26e0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
22:05:33.0029 0x26e0 dot3svc - ok
22:05:33.0043 0x26e0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
22:05:33.0047 0x26e0 DPS - ok
22:05:33.0074 0x26e0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:05:33.0075 0x26e0 drmkaud - ok
22:05:33.0134 0x26e0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:05:33.0153 0x26e0 DXGKrnl - ok
22:05:33.0158 0x26e0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
22:05:33.0160 0x26e0 EapHost - ok
22:05:33.0241 0x26e0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:05:33.0312 0x26e0 ebdrv - ok
22:05:33.0346 0x26e0 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] EFS C:\Windows\System32\lsass.exe
22:05:33.0348 0x26e0 EFS - ok
22:05:33.0446 0x26e0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:05:33.0459 0x26e0 ehRecvr - ok
22:05:33.0493 0x26e0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
22:05:33.0496 0x26e0 ehSched - ok
22:05:33.0528 0x26e0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:05:33.0541 0x26e0 elxstor - ok
22:05:33.0559 0x26e0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:05:33.0564 0x26e0 ErrDev - ok
22:05:33.0600 0x26e0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
22:05:33.0607 0x26e0 EventSystem - ok
22:05:33.0638 0x26e0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
22:05:33.0641 0x26e0 exfat - ok
22:05:33.0661 0x26e0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:05:33.0669 0x26e0 fastfat - ok
22:05:33.0699 0x26e0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
22:05:33.0713 0x26e0 Fax - ok
22:05:33.0727 0x26e0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
22:05:33.0728 0x26e0 fdc - ok
22:05:33.0749 0x26e0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
22:05:33.0750 0x26e0 fdPHost - ok
22:05:33.0761 0x26e0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
22:05:33.0762 0x26e0 FDResPub - ok
22:05:33.0775 0x26e0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:05:33.0777 0x26e0 FileInfo - ok
22:05:33.0788 0x26e0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:05:33.0790 0x26e0 Filetrace - ok
22:05:33.0834 0x26e0 [ 8669BE94F63944E4F899C3950B520241, 9991E57B3C366D59BD186CEAA78D4590EDB2BC127250CF4D1522CBE413453E72 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:05:33.0857 0x26e0 FLEXnet Licensing Service - ok
22:05:33.0861 0x26e0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:05:33.0862 0x26e0 flpydisk - ok
22:05:33.0881 0x26e0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:05:33.0885 0x26e0 FltMgr - ok
22:05:33.0966 0x26e0 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
22:05:34.0000 0x26e0 FontCache - ok
22:05:34.0040 0x26e0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:05:34.0042 0x26e0 FontCache3.0.0.0 - ok
22:05:34.0053 0x26e0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:05:34.0054 0x26e0 FsDepends - ok
22:05:34.0080 0x26e0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:05:34.0080 0x26e0 Fs_Rec - ok
22:05:34.0107 0x26e0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:05:34.0112 0x26e0 fvevol - ok
22:05:34.0126 0x26e0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:05:34.0135 0x26e0 gagp30kx - ok
22:05:34.0177 0x26e0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
22:05:34.0192 0x26e0 gpsvc - ok
22:05:34.0249 0x26e0 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:05:34.0251 0x26e0 gupdate - ok
22:05:34.0269 0x26e0 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:05:34.0271 0x26e0 gupdatem - ok
22:05:34.0341 0x26e0 [ 8298C833C1EE0B271F6E6F50439B8814, 4E5C54423405B2DB2DEDE49DBA2C11C75693AC994236DECAFE50F96B852BF471 ] HCW85BDA C:\Windows\system32\drivers\HCW85BDA.sys
22:05:34.0369 0x26e0 HCW85BDA - ok
22:05:34.0391 0x26e0 [ C3097DDF0618315438A660CE34CAB4E6, 5A0BA48C7F02DE31A973DE81F7C46F1D4091CE887D46710B58DCDD17804145A3 ] hcw85cir C:\Windows\system32\drivers\hcw85cir3.sys
22:05:34.0399 0x26e0 hcw85cir - ok
22:05:34.0418 0x26e0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:05:34.0420 0x26e0 HDAudBus - ok
22:05:34.0434 0x26e0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:05:34.0435 0x26e0 HidBatt - ok
22:05:34.0466 0x26e0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:05:34.0468 0x26e0 HidBth - ok
22:05:34.0491 0x26e0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:05:34.0499 0x26e0 HidIr - ok
22:05:34.0514 0x26e0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
22:05:34.0515 0x26e0 hidserv - ok
22:05:34.0539 0x26e0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:05:34.0540 0x26e0 HidUsb - ok
22:05:34.0560 0x26e0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:05:34.0563 0x26e0 hkmsvc - ok
22:05:34.0593 0x26e0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:05:34.0599 0x26e0 HomeGroupListener - ok
22:05:34.0610 0x26e0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:05:34.0614 0x26e0 HomeGroupProvider - ok
22:05:34.0629 0x26e0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:05:34.0631 0x26e0 HpSAMD - ok
22:05:34.0689 0x26e0 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:05:34.0700 0x26e0 HTTP - ok
22:05:34.0710 0x26e0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:05:34.0711 0x26e0 hwpolicy - ok
22:05:34.0738 0x26e0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:05:34.0741 0x26e0 i8042prt - ok
22:05:34.0771 0x26e0 [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor C:\Windows\system32\drivers\iaStor.sys
22:05:34.0777 0x26e0 iaStor - ok
22:05:34.0818 0x26e0 [ B25F192EA1F84A316EB7C19EFCCCF33D, 00BACE87CCA40722FF3AD7243439201CDCC23D0BA01E25F928BF63DA12816F8F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:05:34.0819 0x26e0 IAStorDataMgrSvc - ok
22:05:34.0841 0x26e0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:05:34.0850 0x26e0 iaStorV - ok
22:05:34.0931 0x26e0 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:05:34.0947 0x26e0 IDriverT - ok
22:05:35.0003 0x26e0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:05:35.0024 0x26e0 idsvc - ok
22:05:35.0040 0x26e0 IEEtwCollectorService - ok
22:05:35.0057 0x26e0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:05:35.0059 0x26e0 iirsp - ok
22:05:35.0089 0x26e0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
22:05:35.0102 0x26e0 IKEEXT - ok
22:05:35.0124 0x26e0 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\drivers\Impcd.sys
22:05:35.0132 0x26e0 Impcd - ok
22:05:35.0213 0x26e0 [ 235362D403D9D677514649D88DB31914, 522F5BA88169ADEC1EEB595BFBBCD6417DF38CD93A0D2B2FD0AF4C907FF6D965 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:05:35.0265 0x26e0 IntcAzAudAddService - ok
22:05:35.0308 0x26e0 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
22:05:35.0315 0x26e0 IntcDAud - ok
22:05:35.0344 0x26e0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
22:05:35.0345 0x26e0 intelide - ok
22:05:35.0373 0x26e0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:05:35.0374 0x26e0 intelppm - ok
22:05:35.0393 0x26e0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:05:35.0396 0x26e0 IPBusEnum - ok
22:05:35.0409 0x26e0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:05:35.0411 0x26e0 IpFilterDriver - ok
22:05:35.0436 0x26e0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:05:35.0445 0x26e0 iphlpsvc - ok
22:05:35.0458 0x26e0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:05:35.0460 0x26e0 IPMIDRV - ok
22:05:35.0478 0x26e0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:05:35.0486 0x26e0 IPNAT - ok
22:05:35.0502 0x26e0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:05:35.0511 0x26e0 IRENUM - ok
22:05:35.0523 0x26e0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:05:35.0523 0x26e0 isapnp - ok
22:05:35.0549 0x26e0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:05:35.0554 0x26e0 iScsiPrt - ok
22:05:35.0585 0x26e0 [ 12E27942DBB7C91880163634B0D8A776, DEE56DB8993A915E8FC32F9F50FAEED591799B0694655926C4F260EBFB99FC7E ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
22:05:35.0593 0x26e0 k57nd60a - ok
22:05:35.0613 0x26e0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:05:35.0621 0x26e0 kbdclass - ok
22:05:35.0634 0x26e0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:05:35.0635 0x26e0 kbdhid - ok
22:05:35.0646 0x26e0 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] KeyIso C:\Windows\system32\lsass.exe
22:05:35.0647 0x26e0 KeyIso - ok
22:05:35.0687 0x26e0 [ 67A1743377EBB5D9A370A8C2086CFDCC, 2F0FD6C1969B1EEEEFFC1A8F972E1E90F1AD9558FF00EC159BC19ED927FD4BF5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:05:35.0690 0x26e0 KSecDD - ok
22:05:35.0705 0x26e0 [ 522A1595D5701800DD41B2D472F5AAED, B62924AE94A5AC454AD6057BC133D717BB1C6445BE36D6BECAB76E1600F60C33 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:05:35.0709 0x26e0 KSecPkg - ok
22:05:35.0839 0x26e0 [ EFB2614E9142FA4427CE82EE6DC0CA7B, DE67CED09EA1A3B10BF0F3B22B2675844122783AE2523CE01E0BDE2691FC684A ] KSS C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
22:05:35.0842 0x26e0 KSS - ok
22:05:35.0861 0x26e0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:05:35.0862 0x26e0 ksthunk - ok
22:05:35.0900 0x26e0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
22:05:35.0915 0x26e0 KtmRm - ok
22:05:35.0960 0x26e0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:05:35.0965 0x26e0 LanmanServer - ok
22:05:35.0997 0x26e0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:05:36.0004 0x26e0 LanmanWorkstation - ok
22:05:36.0022 0x26e0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:05:36.0023 0x26e0 lltdio - ok
22:05:36.0052 0x26e0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:05:36.0059 0x26e0 lltdsvc - ok
22:05:36.0073 0x26e0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:05:36.0074 0x26e0 lmhosts - ok
22:05:36.0104 0x26e0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:05:36.0108 0x26e0 LSI_FC - ok
22:05:36.0120 0x26e0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:05:36.0123 0x26e0 LSI_SAS - ok
22:05:36.0135 0x26e0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:05:36.0137 0x26e0 LSI_SAS2 - ok
22:05:36.0167 0x26e0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:05:36.0175 0x26e0 LSI_SCSI - ok
22:05:36.0191 0x26e0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
22:05:36.0199 0x26e0 luafv - ok
22:05:36.0231 0x26e0 [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
22:05:36.0243 0x26e0 LVRS64 - ok
22:05:36.0372 0x26e0 [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
22:05:36.0460 0x26e0 LVUVC64 - ok
22:05:36.0525 0x26e0 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
22:05:36.0527 0x26e0 MBAMProtector - ok
22:05:36.0638 0x26e0 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
22:05:36.0662 0x26e0 MBAMService - ok
22:05:36.0679 0x26e0 [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
22:05:36.0681 0x26e0 MBAMWebAccessControl - ok
22:05:36.0707 0x26e0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:05:36.0712 0x26e0 Mcx2Svc - ok
22:05:36.0725 0x26e0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
22:05:36.0726 0x26e0 megasas - ok
22:05:36.0741 0x26e0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:05:36.0747 0x26e0 MegaSR - ok
22:05:36.0779 0x26e0 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:05:36.0780 0x26e0 MEIx64 - ok
22:05:36.0827 0x26e0 [ F9CE67E9E0226079B59107B649851F96, 7A55FB58425F2E59B5D400E85E1B271B84295548B8EDA865F7B8C804CB94563C ] MEMSWEEP2 C:\Windows\system32\F492.tmp
22:05:36.0828 0x26e0 MEMSWEEP2 - ok
22:05:36.0847 0x26e0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
22:05:36.0849 0x26e0 MMCSS - ok
22:05:36.0875 0x26e0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
22:05:36.0876 0x26e0 Modem - ok
22:05:36.0902 0x26e0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:05:36.0903 0x26e0 monitor - ok
22:05:36.0911 0x26e0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:05:36.0913 0x26e0 mouclass - ok
22:05:36.0920 0x26e0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:05:36.0921 0x26e0 mouhid - ok
22:05:36.0964 0x26e0 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:05:36.0974 0x26e0 mountmgr - ok
22:05:36.0978 0x26e0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
22:05:36.0982 0x26e0 mpio - ok
22:05:36.0993 0x26e0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:05:37.0001 0x26e0 mpsdrv - ok
22:05:37.0031 0x26e0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:05:37.0050 0x26e0 MpsSvc - ok
22:05:37.0067 0x26e0 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:05:37.0070 0x26e0 MRxDAV - ok
22:05:37.0115 0x26e0 [ B2081803D510DCE174992BA880EDCA70, 37DB53C9756EC03EB7165DEB58251615D70B7C86DF32A54DE25ADAF30A04D792 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:05:37.0121 0x26e0 mrxsmb - ok
22:05:37.0165 0x26e0 [ 552FA62B0EFECD22D8D52499324BCA4F, C3A02C9C30C36928AC7B1025496544967187A05BEF5D100B54F2C0155E47145C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:05:37.0171 0x26e0 mrxsmb10 - ok
22:05:37.0211 0x26e0 [ 97687971F9CB30E2633DE0F1296B9F61, 865DA87523E4C32D65D55D5475A5CDDFA10699780DA500E6D606384FB3BEB1BE ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:05:37.0215 0x26e0 mrxsmb20 - ok
22:05:37.0244 0x26e0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
22:05:37.0252 0x26e0 msahci - ok
22:05:37.0256 0x26e0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:05:37.0259 0x26e0 msdsm - ok
22:05:37.0276 0x26e0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
22:05:37.0284 0x26e0 MSDTC - ok
22:05:37.0300 0x26e0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:05:37.0301 0x26e0 Msfs - ok
22:05:37.0323 0x26e0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:05:37.0332 0x26e0 mshidkmdf - ok
22:05:37.0343 0x26e0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:05:37.0343 0x26e0 msisadrv - ok
22:05:37.0371 0x26e0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:05:37.0375 0x26e0 MSiSCSI - ok
22:05:37.0377 0x26e0 msiserver - ok
22:05:37.0408 0x26e0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:05:37.0416 0x26e0 MSKSSRV - ok
22:05:37.0428 0x26e0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:05:37.0429 0x26e0 MSPCLOCK - ok
22:05:37.0439 0x26e0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:05:37.0447 0x26e0 MSPQM - ok
22:05:37.0467 0x26e0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:05:37.0482 0x26e0 MsRPC - ok
22:05:37.0517 0x26e0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:05:37.0518 0x26e0 mssmbios - ok
22:05:37.0528 0x26e0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:05:37.0536 0x26e0 MSTEE - ok
22:05:37.0551 0x26e0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:05:37.0560 0x26e0 MTConfig - ok
22:05:37.0568 0x26e0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
22:05:37.0570 0x26e0 Mup - ok
22:05:37.0607 0x26e0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
22:05:37.0621 0x26e0 napagent - ok
22:05:37.0658 0x26e0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:05:37.0663 0x26e0 NativeWifiP - ok
22:05:37.0713 0x26e0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
22:05:37.0727 0x26e0 NDIS - ok
22:05:37.0747 0x26e0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:05:37.0748 0x26e0 NdisCap - ok
22:05:37.0763 0x26e0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:05:37.0764 0x26e0 NdisTapi - ok
22:05:37.0777 0x26e0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:05:37.0779 0x26e0 Ndisuio - ok
22:05:37.0795 0x26e0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:05:37.0803 0x26e0 NdisWan - ok
22:05:37.0823 0x26e0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:05:37.0824 0x26e0 NDProxy - ok
22:05:37.0827 0x26e0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:05:37.0828 0x26e0 NetBIOS - ok
22:05:37.0846 0x26e0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:05:37.0851 0x26e0 NetBT - ok
22:05:37.0854 0x26e0 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] Netlogon C:\Windows\system32\lsass.exe
22:05:37.0855 0x26e0 Netlogon - ok
22:05:37.0903 0x26e0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
22:05:37.0912 0x26e0 Netman - ok
22:05:37.0953 0x26e0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:05:37.0960 0x26e0 NetMsmqActivator - ok
22:05:37.0964 0x26e0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:05:37.0966 0x26e0 NetPipeActivator - ok
22:05:37.0994 0x26e0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
22:05:38.0002 0x26e0 netprofm - ok
22:05:38.0005 0x26e0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:05:38.0008 0x26e0 NetTcpActivator - ok
22:05:38.0011 0x26e0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:05:38.0013 0x26e0 NetTcpPortSharing - ok
22:05:38.0027 0x26e0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:05:38.0035 0x26e0 nfrd960 - ok
22:05:38.0082 0x26e0 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
22:05:38.0089 0x26e0 NlaSvc - ok
22:05:38.0128 0x26e0 [ 5FE6F8C05F0769BBB74AFAC11453B182, ACF6026EF8D038B73484AE59FBD03559E1263CE134473D7A8C3F97CF71BC640C ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
22:05:38.0129 0x26e0 nmwcd - ok
22:05:38.0165 0x26e0 [ 73C929945C0850B8D1FE2FEA05FDF05D, 665FBA777E5EF3F28828D19F2BBCCB778C1C6105BD830C1E29A1C4739663F0D3 ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
22:05:38.0166 0x26e0 nmwcdc - ok
22:05:38.0272 0x26e0 [ B9B72FAAAA41D59B73B88FE3DD737ED1, 050E741FB5313523340B19C9C168611222C4AE9A6084FE3E2F908A49EA909A29 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
22:05:38.0310 0x26e0 NOBU - ok
22:05:38.0320 0x26e0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:05:38.0321 0x26e0 Npfs - ok
22:05:38.0351 0x26e0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
22:05:38.0353 0x26e0 nsi - ok
22:05:38.0355 0x26e0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:05:38.0356 0x26e0 nsiproxy - ok
22:05:38.0413 0x26e0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:05:38.0445 0x26e0 Ntfs - ok
22:05:38.0452 0x26e0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
22:05:38.0452 0x26e0 Null - ok
22:05:38.0465 0x26e0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:05:38.0468 0x26e0 nvraid - ok
22:05:38.0496 0x26e0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:05:38.0503 0x26e0 nvstor - ok
22:05:38.0535 0x26e0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:05:38.0539 0x26e0 nv_agp - ok
22:05:38.0559 0x26e0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:05:38.0561 0x26e0 ohci1394 - ok
22:05:38.0622 0x26e0 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:05:38.0629 0x26e0 ose - ok
22:05:38.0788 0x26e0 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:05:38.0855 0x26e0 osppsvc - ok
22:05:38.0906 0x26e0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:05:38.0912 0x26e0 p2pimsvc - ok
22:05:38.0939 0x26e0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
22:05:38.0953 0x26e0 p2psvc - ok
22:05:38.0966 0x26e0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
22:05:38.0969 0x26e0 Parport - ok
22:05:38.0983 0x26e0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:05:38.0985 0x26e0 partmgr - ok
22:05:39.0027 0x26e0 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:05:39.0032 0x26e0 PcaSvc - ok
22:05:39.0069 0x26e0 [ BC0018C2D29F655188A0ED3FA94FDB24, BCF7F2CA5E30F569AEB69049BA3C196982C72EA7264CFBA59D7123041BA96E5A ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
22:05:39.0070 0x26e0 pccsmcfd - ok
22:05:39.0092 0x26e0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
22:05:39.0096 0x26e0 pci - ok
22:05:39.0122 0x26e0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
22:05:39.0122 0x26e0 pciide - ok
22:05:39.0139 0x26e0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:05:39.0144 0x26e0 pcmcia - ok
22:05:39.0154 0x26e0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
22:05:39.0156 0x26e0 pcw - ok
22:05:39.0257 0x26e0 [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
22:05:39.0275 0x26e0 PDF Architect Helper Service - ok
22:05:39.0331 0x26e0 [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
22:05:39.0342 0x26e0 PDF Architect Service - ok
22:05:39.0397 0x26e0 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:05:39.0414 0x26e0 PEAUTH - ok
22:05:39.0457 0x26e0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:05:39.0458 0x26e0 PerfHost - ok
22:05:39.0508 0x26e0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
22:05:39.0532 0x26e0 pla - ok
22:05:39.0565 0x26e0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:05:39.0574 0x26e0 PlugPlay - ok
22:05:39.0595 0x26e0 [ 0BEE791C7C7ACE453C134E73633C497D, 82B30461DBF40AC15FCE6A83B9BAD2EBD05B27DEA1B784EAA096422FE8927B7B ] pmxdrv C:\Windows\system32\drivers\pmxdrv.sys
22:05:39.0596 0x26e0 pmxdrv - ok
22:05:39.0604 0x26e0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:05:39.0613 0x26e0 PNRPAutoReg - ok
22:05:39.0637 0x26e0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:05:39.0642 0x26e0 PNRPsvc - ok
22:05:39.0678 0x26e0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:05:39.0688 0x26e0 PolicyAgent - ok
22:05:39.0704 0x26e0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
22:05:39.0708 0x26e0 Power - ok
22:05:39.0734 0x26e0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:05:39.0738 0x26e0 PptpMiniport - ok
22:05:39.0751 0x26e0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
22:05:39.0753 0x26e0 Processor - ok
22:05:39.0796 0x26e0 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
22:05:39.0806 0x26e0 ProfSvc - ok
22:05:39.0821 0x26e0 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:05:39.0822 0x26e0 ProtectedStorage - ok
22:05:39.0838 0x26e0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:05:39.0840 0x26e0 Psched - ok
22:05:39.0885 0x26e0 [ 05A0C2744CEAC6F1B723EC469B650EF0, D9F2E0E4431217C6A7CDE38D36362CD5A06E93B9F45F92638120EF151089B370 ] PSKMAD C:\Windows\system32\DRIVERS\PSKMAD.sys
22:05:39.0886 0x26e0 PSKMAD - ok
22:05:39.0909 0x26e0 [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
22:05:39.0913 0x26e0 PxHlpa64 - ok
22:05:39.0960 0x26e0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:05:39.0982 0x26e0 ql2300 - ok
22:05:39.0998 0x26e0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:05:40.0001 0x26e0 ql40xx - ok
22:05:40.0028 0x26e0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
22:05:40.0039 0x26e0 QWAVE - ok
22:05:40.0053 0x26e0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:05:40.0061 0x26e0 QWAVEdrv - ok
22:05:40.0135 0x26e0 [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
22:05:40.0148 0x26e0 RapiMgr - ok
22:05:40.0167 0x26e0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:05:40.0176 0x26e0 RasAcd - ok
22:05:40.0207 0x26e0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:05:40.0208 0x26e0 RasAgileVpn - ok
22:05:40.0228 0x26e0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
22:05:40.0231 0x26e0 RasAuto - ok
22:05:40.0242 0x26e0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:05:40.0245 0x26e0 Rasl2tp - ok
22:05:40.0282 0x26e0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
22:05:40.0289 0x26e0 RasMan - ok
22:05:40.0296 0x26e0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:05:40.0298 0x26e0 RasPppoe - ok
22:05:40.0327 0x26e0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:05:40.0329 0x26e0 RasSstp - ok
22:05:40.0353 0x26e0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:05:40.0359 0x26e0 rdbss - ok
22:05:40.0373 0x26e0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
22:05:40.0374 0x26e0 rdpbus - ok
22:05:40.0386 0x26e0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:05:40.0386 0x26e0 RDPCDD - ok
22:05:40.0393 0x26e0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:05:40.0393 0x26e0 RDPENCDD - ok
22:05:40.0416 0x26e0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:05:40.0417 0x26e0 RDPREFMP - ok
22:05:40.0485 0x26e0 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:05:40.0494 0x26e0 RdpVideoMiniport - ok
22:05:40.0531 0x26e0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:05:40.0535 0x26e0 RDPWD - ok
22:05:40.0555 0x26e0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:05:40.0559 0x26e0 rdyboost - ok
22:05:40.0590 0x26e0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:05:40.0593 0x26e0 RemoteAccess - ok
22:05:40.0608 0x26e0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:05:40.0612 0x26e0 RemoteRegistry - ok
22:05:40.0644 0x26e0 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:05:40.0647 0x26e0 RFCOMM - ok
22:05:40.0738 0x26e0 [ 3C957189B31C34D3AD21967B12B6AED7, 878FE6EA03F60592D6D557B905A5119E2CC836C2A6A86ED2867C3C9B0F0FDBA2 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
22:05:40.0762 0x26e0 RoxMediaDB12OEM - ok
22:05:40.0793 0x26e0 [ 2B73088CC2CA757A172B425C9398E5BC, 3D296B4D6F66F7729CC48FE54456E6E6D8207DBA7E31D66653566C128E53163B ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
22:05:40.0797 0x26e0 RoxWatch12 - ok
22:05:40.0815 0x26e0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:05:40.0823 0x26e0 RpcEptMapper - ok
22:05:40.0845 0x26e0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
22:05:40.0853 0x26e0 RpcLocator - ok
22:05:40.0869 0x26e0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
22:05:40.0877 0x26e0 RpcSs - ok
22:05:40.0889 0x26e0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:05:40.0891 0x26e0 rspndr - ok
22:05:40.0893 0x26e0 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] SamSs C:\Windows\system32\lsass.exe
22:05:40.0895 0x26e0 SamSs - ok
22:05:40.0905 0x26e0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:05:40.0907 0x26e0 sbp2port - ok
22:05:40.0919 0x26e0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:05:40.0924 0x26e0 SCardSvr - ok
22:05:40.0932 0x26e0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:05:40.0933 0x26e0 scfilter - ok
22:05:40.0988 0x26e0 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
22:05:41.0008 0x26e0 Schedule - ok
22:05:41.0039 0x26e0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:05:41.0041 0x26e0 SCPolicySvc - ok
22:05:41.0058 0x26e0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:05:41.0062 0x26e0 SDRSVC - ok
22:05:41.0169 0x26e0 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
22:05:41.0193 0x26e0 SDScannerService - ok
22:05:41.0274 0x26e0 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
22:05:41.0302 0x26e0 SDUpdateService - ok
22:05:41.0322 0x26e0 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
22:05:41.0325 0x26e0 SDWSCService - ok
22:05:41.0342 0x26e0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:05:41.0342 0x26e0 secdrv - ok
22:05:41.0360 0x26e0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
22:05:41.0362 0x26e0 seclogon - ok
22:05:41.0365 0x26e0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
22:05:41.0367 0x26e0 SENS - ok
22:05:41.0381 0x26e0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:05:41.0383 0x26e0 SensrSvc - ok
22:05:41.0393 0x26e0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:05:41.0394 0x26e0 Serenum - ok
22:05:41.0409 0x26e0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
22:05:41.0411 0x26e0 Serial - ok
22:05:41.0429 0x26e0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:05:41.0437 0x26e0 sermouse - ok
22:05:41.0518 0x26e0 [ C15B813F2FDB44F87F23312472C6E790, 2AA4024C312D0FFDC7DD2F46D011C8C54085216A3B5FA99FA42312C2E991E141 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
22:05:41.0528 0x26e0 ServiceLayer - ok
22:05:41.0553 0x26e0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
22:05:41.0557 0x26e0 SessionEnv - ok
22:05:41.0578 0x26e0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:05:41.0579 0x26e0 sffdisk - ok
22:05:41.0589 0x26e0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:05:41.0590 0x26e0 sffp_mmc - ok
22:05:41.0597 0x26e0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:05:41.0598 0x26e0 sffp_sd - ok
22:05:41.0605 0x26e0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:05:41.0613 0x26e0 sfloppy - ok
22:05:41.0681 0x26e0 [ E1974A92AC0914A3859359A0A8C82C68, 4908917F72D6E531B44488F06A05915F0DA9767758E44C886F5F93F46BA79654 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
22:05:41.0691 0x26e0 SftService - ok
22:05:41.0739 0x26e0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:05:41.0753 0x26e0 SharedAccess - ok
22:05:41.0778 0x26e0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:05:41.0785 0x26e0 ShellHWDetection - ok
22:05:41.0807 0x26e0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:05:41.0808 0x26e0 SiSRaid2 - ok
22:05:41.0820 0x26e0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:05:41.0822 0x26e0 SiSRaid4 - ok
22:05:41.0896 0x26e0 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:05:41.0900 0x26e0 SkypeUpdate - ok
22:05:41.0908 0x26e0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:05:41.0910 0x26e0 Smb - ok
22:05:41.0914 0x26e0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:05:41.0915 0x26e0 SNMPTRAP - ok
22:05:41.0924 0x26e0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
22:05:41.0924 0x26e0 spldr - ok
22:05:41.0952 0x26e0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
22:05:41.0961 0x26e0 Spooler - ok
22:05:42.0058 0x26e0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
22:05:42.0131 0x26e0 sppsvc - ok
22:05:42.0150 0x26e0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:05:42.0152 0x26e0 sppuinotify - ok
22:05:42.0183 0x26e0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:05:42.0192 0x26e0 srv - ok
22:05:42.0202 0x26e0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:05:42.0208 0x26e0 srv2 - ok
22:05:42.0223 0x26e0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:05:42.0230 0x26e0 srvnet - ok
22:05:42.0246 0x26e0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:05:42.0250 0x26e0 SSDPSRV - ok
22:05:42.0263 0x26e0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:05:42.0265 0x26e0 SstpSvc - ok
22:05:42.0278 0x26e0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:05:42.0279 0x26e0 stexstor - ok
22:05:42.0310 0x26e0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
22:05:42.0321 0x26e0 stisvc - ok
22:05:42.0356 0x26e0 [ 7731F46EC0D687A931CBA063E8F90EF0, 5CF996A209756B901316C4406C7D3E52ECC9C15A1BDB0D4D9C77846AB29FD040 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
22:05:42.0381 0x26e0 stllssvr - ok
22:05:42.0399 0x26e0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:05:42.0407 0x26e0 swenum - ok
22:05:42.0430 0x26e0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
22:05:42.0441 0x26e0 swprv - ok
22:05:42.0514 0x26e0 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
22:05:42.0567 0x26e0 SysMain - ok
22:05:42.0589 0x26e0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:05:42.0593 0x26e0 TabletInputService - ok
22:05:42.0612 0x26e0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
22:05:42.0627 0x26e0 TapiSrv - ok
22:05:42.0630 0x26e0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
22:05:42.0632 0x26e0 TBS - ok
22:05:42.0700 0x26e0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:05:42.0727 0x26e0 Tcpip - ok
22:05:42.0757 0x26e0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:05:42.0783 0x26e0 TCPIP6 - ok
22:05:42.0808 0x26e0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:05:42.0810 0x26e0 tcpipreg - ok
22:05:42.0830 0x26e0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:05:42.0835 0x26e0 TDPIPE - ok
22:05:42.0858 0x26e0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:05:42.0859 0x26e0 TDTCP - ok
22:05:42.0903 0x26e0 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:05:42.0912 0x26e0 tdx - ok
22:05:42.0919 0x26e0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:05:42.0921 0x26e0 TermDD - ok
22:05:42.0974 0x26e0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
22:05:42.0985 0x26e0 TermService - ok
22:05:43.0000 0x26e0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
22:05:43.0002 0x26e0 Themes - ok
22:05:43.0013 0x26e0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
22:05:43.0015 0x26e0 THREADORDER - ok
22:05:43.0028 0x26e0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
22:05:43.0031 0x26e0 TrkWks - ok
22:05:43.0079 0x26e0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:05:43.0083 0x26e0 TrustedInstaller - ok
22:05:43.0094 0x26e0 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:05:43.0096 0x26e0 tssecsrv - ok
22:05:43.0132 0x26e0 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:05:43.0134 0x26e0 TsUsbFlt - ok
22:05:43.0161 0x26e0 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:05:43.0170 0x26e0 TsUsbGD - ok
22:05:43.0189 0x26e0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:05:43.0192 0x26e0 tunnel - ok
22:05:43.0210 0x26e0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:05:43.0217 0x26e0 uagp35 - ok
22:05:43.0238 0x26e0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:05:43.0243 0x26e0 udfs - ok
22:05:43.0254 0x26e0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:05:43.0256 0x26e0 UI0Detect - ok
22:05:43.0271 0x26e0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:05:43.0273 0x26e0 uliagpkx - ok
22:05:43.0288 0x26e0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:05:43.0289 0x26e0 umbus - ok
22:05:43.0303 0x26e0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
22:05:43.0303 0x26e0 UmPass - ok
22:05:43.0381 0x26e0 [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
22:05:43.0387 0x26e0 UMVPFSrv - ok
22:05:43.0415 0x26e0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
22:05:43.0422 0x26e0 upnphost - ok
22:05:43.0446 0x26e0 [ 34AFB83C7BBA370E404E52CC2290350C, 1B3F9DF6C0DA8166FE02D4B2B8E3D5A432FE84A248516D0F5DA9E42076095AB8 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
22:05:43.0447 0x26e0 upperdev - ok
22:05:43.0483 0x26e0 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:05:43.0486 0x26e0 usbaudio - ok
22:05:43.0500 0x26e0 [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:05:43.0502 0x26e0 usbccgp - ok
22:05:43.0530 0x26e0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:05:43.0531 0x26e0 usbcir - ok
22:05:43.0554 0x26e0 [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:05:43.0555 0x26e0 usbehci - ok
22:05:43.0579 0x26e0 [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:05:43.0593 0x26e0 usbhub - ok
22:05:43.0614 0x26e0 [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:05:43.0615 0x26e0 usbohci - ok
22:05:43.0627 0x26e0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:05:43.0628 0x26e0 usbprint - ok
22:05:43.0632 0x26e0 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:05:43.0634 0x26e0 usbscan - ok
22:05:43.0658 0x26e0 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\drivers\usbser.sys
22:05:43.0659 0x26e0 usbser - ok
22:05:43.0669 0x26e0 [ AA75E1EFBEE7186B4CBAAACF1F15E6CA, D7A3069913CF8A7F281AC2D7C1FA58FA31A05D7E35E93D7588F4B3B18B3377FD ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
22:05:43.0669 0x26e0 UsbserFilt - ok
22:05:43.0689 0x26e0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:05:43.0692 0x26e0 USBSTOR - ok
22:05:43.0708 0x26e0 [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:05:43.0716 0x26e0 usbuhci - ok
22:05:43.0758 0x26e0 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
22:05:43.0759 0x26e0 usb_rndisx - ok
22:05:43.0761 0x26e0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
22:05:43.0763 0x26e0 UxSms - ok
22:05:43.0771 0x26e0 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] VaultSvc C:\Windows\system32\lsass.exe
22:05:43.0772 0x26e0 VaultSvc - ok
22:05:43.0782 0x26e0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:05:43.0783 0x26e0 vdrvroot - ok
22:05:43.0802 0x26e0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
22:05:43.0810 0x26e0 vds - ok
22:05:43.0835 0x26e0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:05:43.0836 0x26e0 vga - ok
22:05:43.0838 0x26e0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
22:05:43.0839 0x26e0 VgaSave - ok
22:05:43.0858 0x26e0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:05:43.0866 0x26e0 vhdmp - ok
22:05:43.0882 0x26e0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
22:05:43.0883 0x26e0 viaide - ok
22:05:43.0905 0x26e0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:05:43.0907 0x26e0 volmgr - ok
22:05:43.0923 0x26e0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:05:43.0930 0x26e0 volmgrx - ok
22:05:43.0947 0x26e0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:05:43.0953 0x26e0 volsnap - ok
22:05:43.0972 0x26e0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:05:43.0976 0x26e0 vsmraid - ok
22:05:44.0027 0x26e0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
22:05:44.0053 0x26e0 VSS - ok
22:05:44.0065 0x26e0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
22:05:44.0066 0x26e0 vwifibus - ok
22:05:44.0085 0x26e0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
22:05:44.0092 0x26e0 W32Time - ok
22:05:44.0110 0x26e0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:05:44.0118 0x26e0 WacomPen - ok
22:05:44.0141 0x26e0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:05:44.0144 0x26e0 WANARP - ok
22:05:44.0155 0x26e0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:05:44.0156 0x26e0 Wanarpv6 - ok
22:05:44.0201 0x26e0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
22:05:44.0231 0x26e0 wbengine - ok
22:05:44.0263 0x26e0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:05:44.0276 0x26e0 WbioSrvc - ok
22:05:44.0308 0x26e0 [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
22:05:44.0321 0x26e0 WcesComm - ok
22:05:44.0343 0x26e0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:05:44.0357 0x26e0 wcncsvc - ok
22:05:44.0370 0x26e0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:05:44.0378 0x26e0 WcsPlugInService - ok
22:05:44.0381 0x26e0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
22:05:44.0381 0x26e0 Wd - ok
22:05:44.0421 0x26e0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:05:44.0433 0x26e0 Wdf01000 - ok
22:05:44.0471 0x26e0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:05:44.0474 0x26e0 WdiServiceHost - ok
22:05:44.0476 0x26e0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:05:44.0478 0x26e0 WdiSystemHost - ok
22:05:44.0526 0x26e0 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
22:05:44.0532 0x26e0 WebClient - ok
22:05:44.0544 0x26e0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:05:44.0549 0x26e0 Wecsvc - ok
22:05:44.0562 0x26e0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:05:44.0565 0x26e0 wercplsupport - ok
22:05:44.0586 0x26e0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
22:05:44.0589 0x26e0 WerSvc - ok
22:05:44.0608 0x26e0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:05:44.0609 0x26e0 WfpLwf - ok
22:05:44.0644 0x26e0 [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
22:05:44.0652 0x26e0 WimFltr - ok
22:05:44.0663 0x26e0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:05:44.0664 0x26e0 WIMMount - ok
22:05:44.0687 0x26e0 WinDefend - ok
22:05:44.0695 0x26e0 WinHttpAutoProxySvc - ok
22:05:44.0757 0x26e0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:05:44.0764 0x26e0 Winmgmt - ok
22:05:44.0844 0x26e0 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
22:05:44.0886 0x26e0 WinRM - ok
22:05:44.0947 0x26e0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:05:44.0966 0x26e0 Wlansvc - ok
22:05:45.0021 0x26e0 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:05:45.0029 0x26e0 wlcrasvc - ok
22:05:45.0118 0x26e0 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:05:45.0149 0x26e0 wlidsvc - ok
22:05:45.0161 0x26e0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:05:45.0169 0x26e0 WmiAcpi - ok
22:05:45.0185 0x26e0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:05:45.0189 0x26e0 wmiApSrv - ok
22:05:45.0221 0x26e0 WMPNetworkSvc - ok
22:05:45.0271 0x26e0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:05:45.0272 0x26e0 WPCSvc - ok
22:05:45.0317 0x26e0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:05:45.0321 0x26e0 WPDBusEnum - ok
22:05:45.0330 0x26e0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:05:45.0332 0x26e0 ws2ifsl - ok
22:05:45.0341 0x26e0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
22:05:45.0345 0x26e0 wscsvc - ok
22:05:45.0346 0x26e0 WSearch - ok
22:05:45.0439 0x26e0 [ 499034D7F1F6AF49F9EE12F8822793CB, 55D591C4861AF66C6B9201BF78808B2ECE7B79D95C6BB07FF0ED87EFE63DD99E ] wuauserv C:\Windows\system32\wuaueng.dll
22:05:45.0482 0x26e0 wuauserv - ok
22:05:45.0499 0x26e0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:05:45.0501 0x26e0 WudfPf - ok
22:05:45.0528 0x26e0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:05:45.0532 0x26e0 WUDFRd - ok
22:05:45.0565 0x26e0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:05:45.0568 0x26e0 wudfsvc - ok
22:05:45.0594 0x26e0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
22:05:45.0600 0x26e0 WwanSvc - ok
22:05:45.0629 0x26e0 ================ Scan global ===============================
22:05:45.0663 0x26e0 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
22:05:45.0703 0x26e0 [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
22:05:45.0713 0x26e0 [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
22:05:45.0744 0x26e0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:05:45.0787 0x26e0 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
|
|
16.08.2015, 23:01
| #4 |
| | Email- Konto gehackt? hier der Rest Code:
ATTFilter 22:05:45.0801 0x26e0 [ Global ] - ok 22:05:45.0801 0x26e0 ================ Scan MBR ================================== 22:05:45.0816 0x26e0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 22:05:45.0959 0x26e0 \Device\Harddisk0\DR0 - ok 22:05:45.0959 0x26e0 ================ Scan VBR ================================== 22:05:45.0961 0x26e0 [ 37FD435BE0AA27EB3947661B19EDE7AE ] \Device\Harddisk0\DR0\Partition1 22:05:46.0026 0x26e0 \Device\Harddisk0\DR0\Partition1 - ok 22:05:46.0027 0x26e0 [ 953A27EC4B468FC9629B098EFA1555A8 ] \Device\Harddisk0\DR0\Partition2 22:05:46.0081 0x26e0 \Device\Harddisk0\DR0\Partition2 - ok 22:05:46.0081 0x26e0 ================ Scan generic autorun ====================== 22:05:46.0318 0x26e0 [ 8CB8E0C93C5459B45BE1FA628FB0D761, F06830359F11515BA1CA5EC061F5B254E5A4676FBEC8AFAC23B56BB413B7E63F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 22:05:46.0463 0x26e0 RtHDVCpl - ok 22:05:46.0491 0x26e0 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\RunDLL32.exe 22:05:46.0492 0x26e0 RunDLLEntry_THXCfg - ok 22:05:46.0495 0x26e0 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\RunDLL32.exe 22:05:46.0497 0x26e0 RunDLLEntry_EptMon - ok 22:05:46.0528 0x26e0 [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe 22:05:46.0537 0x26e0 Windows Mobile Device Center - ok 22:05:46.0570 0x26e0 [ C0B97E53A0E39A48EEA2DCD500EEA07A, 111FBD91850E52E61E6A4D8065BF56C9C6B89C55BA6312F726125F1CE4B09EE1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 22:05:46.0574 0x26e0 IAStorIcon - ok 22:05:46.0604 0x26e0 [ 49916F80B1CCE8B80477999921ED14E4, 9AFB9F53FF642BB19F1BE7B3073EC96C59F22D50BF935846E3622D56A414211B ] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe 22:05:46.0608 0x26e0 ShwiconXP9106 - ok 22:05:46.0683 0x26e0 [ 2A5E8DBC310C2FB7511B9AB8E7CFB297, F9522B42BAA4A3B5D325385C8AB7BBDE549AB6420D0F430925A22C61C09FE5B2 ] C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe 22:05:46.0696 0x26e0 THX Audio Control Panel - ok 22:05:46.0719 0x26e0 [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\Windows\UpdReg.EXE 22:05:46.0721 0x26e0 UpdReg - ok 22:05:46.0749 0x26e0 [ 88FD47E3BD31BC358AD1EF14E75C7681, 0177A849A8E63122628D42AAB97F29224413B10C5E9720F7ED9E109E509EC7ED ] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe 22:05:46.0750 0x26e0 RemoteControl9 - ok 22:05:46.0778 0x26e0 [ A4A59E38A82781985AF76BA2038C78BE, 0E349A07EFC7FB0BB6E9CD3A6B9E72CDA4FD45001EEAB3AAC5D885E2AE0CEF77 ] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe 22:05:46.0779 0x26e0 PDVD9LanguageShortcut - ok 22:05:46.0793 0x26e0 [ 845BA1CEFFD99B178345E2A5A2CC435C, 7539796035A97DF9B1EEAB23ADC0F2385EBD2A5E11EE72E8DDF76CD14A24DD18 ] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe 22:05:46.0794 0x26e0 BDRegion - ok 22:05:46.0874 0x26e0 [ EBE1962DC5EEFC13D20543013A891ABC, E6E993B38267D17EF4FFAD8870817DA0D65405C920177D077FA3FD7B98DB4C3D ] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe 22:05:46.0890 0x26e0 Dell DataSafe Online - ok 22:05:46.0944 0x26e0 [ 1196380F7BC5A83193BE66594193C20B, 1CDA7C838548C8B3A92F72643A129C077E3AB0E5EBBC2112A7C22CE3E3A81007 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe 22:05:46.0945 0x26e0 Adobe Reader Speed Launcher - ok 22:05:46.0979 0x26e0 [ 6CE36EE8D47C825A8D0C56C846CF636F, 62611B4D1CB67E93BFEFCCE605D33A72C3AF2C362B904B571A9E671A178F73E1 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe 22:05:46.0982 0x26e0 Launcher - ok 22:05:47.0046 0x26e0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 22:05:47.0069 0x26e0 Sidebar - ok 22:05:47.0098 0x26e0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 22:05:47.0105 0x26e0 mctadmin - ok 22:05:47.0123 0x26e0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 22:05:47.0138 0x26e0 Sidebar - ok 22:05:47.0142 0x26e0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 22:05:47.0144 0x26e0 mctadmin - ok 22:05:47.0232 0x26e0 [ 16DEFCB5F3FAC44D5EB35B19DA337FE5, CE8531B8FBA4896D4A1AB0C5CCEFC5DF0C74063D717EC9BA386B4E25D7F93651 ] c:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe 22:05:47.0243 0x26e0 CAHeadless - ok 22:05:47.0410 0x26e0 [ 61E3B5BEE1C10954F53DC07282F2A61C, 9B092FE63CAECDAD165B702D45B79D5D06DC879C11FEFFCE62B431712C50A1F2 ] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe 22:05:47.0492 0x26e0 Logitech Vid - ok 22:05:47.0497 0x26e0 msnmsgr - ok 22:05:47.0564 0x26e0 [ 35F8F5B393DBBD9A509868E2012795FA, 315BF201051FBBDA0A2A5DAC308F51E6642870B07DD514AB60B2C8B2A580E9BB ] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe 22:05:47.0578 0x26e0 NokiaSuite.exe - ok 22:05:47.0638 0x26e0 [ F82090054C9691B7AB7543B081BDA447, 8769BA4A6A8988B68574857A5BBFB82A5CB3BA5EDFFF7793154B19751B736E8C ] C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe 22:05:47.0647 0x26e0 DataSync Outlook - ok 22:05:47.0699 0x26e0 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe 22:05:47.0721 0x26e0 Sidebar - ok 22:05:47.0853 0x26e0 [ D8470A716BE1C02A81F5AD704D43D334, DA2E76AFB6C0F0111CC5B3A83B331D2BCA54CC78C56128D2B90B86FC89E7EAA7 ] C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe 22:05:47.0894 0x26e0 Amazon Cloud Player - ok 22:05:48.0047 0x26e0 [ B2BAE2D76FBE9FDC3F6E0D1F886DF367, 964EBF736891BE252C68FCE1F9EAD5E60E6E0C2119D21C6DF49FBD30FBB678EF ] C:\Program Files\CCleaner\CCleaner64.exe 22:05:48.0146 0x26e0 CCleaner Monitoring - ok 22:05:48.0211 0x26e0 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe 22:05:48.0261 0x26e0 SpybotPostWindows10UpgradeReInstall - ok 22:05:48.0385 0x26e0 [ 61E3B5BEE1C10954F53DC07282F2A61C, 9B092FE63CAECDAD165B702D45B79D5D06DC879C11FEFFCE62B431712C50A1F2 ] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe 22:05:48.0466 0x26e0 Logitech Vid - ok 22:05:48.0496 0x26e0 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe 22:05:48.0516 0x26e0 Sidebar - ok 22:05:48.0631 0x26e0 [ 61E3B5BEE1C10954F53DC07282F2A61C, 9B092FE63CAECDAD165B702D45B79D5D06DC879C11FEFFCE62B431712C50A1F2 ] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe 22:05:48.0713 0x26e0 Logitech Vid - ok 22:05:48.0733 0x26e0 [ F82090054C9691B7AB7543B081BDA447, 8769BA4A6A8988B68574857A5BBFB82A5CB3BA5EDFFF7793154B19751B736E8C ] C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe 22:05:48.0743 0x26e0 DataSync Outlook - ok 22:05:48.0744 0x26e0 Waiting for KSN requests completion. In queue: 83 22:05:49.0745 0x26e0 Waiting for KSN requests completion. In queue: 83 22:05:50.0745 0x26e0 Waiting for KSN requests completion. In queue: 83 22:05:51.0799 0x26e0 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.12.402 ), 0x40000 ( disabled : updated ) 22:05:51.0801 0x26e0 Win FW state via NFP2: enabled ( trusted ) 22:05:54.0156 0x26e0 ============================================================ 22:05:54.0156 0x26e0 Scan finished 22:05:54.0156 0x26e0 ============================================================ 22:05:54.0160 0x2988 Detected object count: 0 22:05:54.0160 0x2988 Actual detected object count: 0 22:06:29.0021 0x2670 ============================================================ 22:06:29.0021 0x2670 Scan started 22:06:29.0021 0x2670 Mode: Manual; 22:06:29.0021 0x2670 ============================================================ 22:06:29.0021 0x2670 KSN ping started 22:06:31.0315 0x2670 KSN ping finished: true 22:06:31.0663 0x2670 ================ Scan system memory ======================== 22:06:31.0663 0x2670 System memory - ok 22:06:31.0664 0x2670 ================ Scan services ============================= 22:06:31.0791 0x2670 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 22:06:31.0794 0x2670 1394ohci - ok 22:06:31.0819 0x2670 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 22:06:31.0823 0x2670 ACPI - ok 22:06:31.0838 0x2670 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 22:06:31.0839 0x2670 AcpiPmi - ok 22:06:31.0949 0x2670 [ 765FE0463E711E5A68AC7B69538ED922, A1D31DECBE8F703DB2FAF4B1A10D3B70FBBA0AD776CDC1B813387BFEDAE9D0A0 ] AdobeActiveFileMonitor8.0 c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe 22:06:31.0951 0x2670 AdobeActiveFileMonitor8.0 - ok 22:06:31.0999 0x2670 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 22:06:32.0001 0x2670 AdobeARMservice - ok 22:06:32.0072 0x2670 [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 22:06:32.0075 0x2670 AdobeFlashPlayerUpdateSvc - ok 22:06:32.0102 0x2670 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 22:06:32.0109 0x2670 adp94xx - ok 22:06:32.0123 0x2670 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 22:06:32.0128 0x2670 adpahci - ok 22:06:32.0137 0x2670 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 22:06:32.0139 0x2670 adpu320 - ok 22:06:32.0179 0x2670 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 22:06:32.0180 0x2670 AeLookupSvc - ok 22:06:32.0212 0x2670 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys 22:06:32.0219 0x2670 AFD - ok 22:06:32.0231 0x2670 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 22:06:32.0232 0x2670 agp440 - ok 22:06:32.0261 0x2670 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 22:06:32.0262 0x2670 ALG - ok 22:06:32.0283 0x2670 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 22:06:32.0283 0x2670 aliide - ok 22:06:32.0315 0x2670 [ 4EAAAAB8759644D572522FBCDD196A13, EF1ECE8073B048C2286F639BA76C523B6B267B64447358383C042BD593194350 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 22:06:32.0318 0x2670 AMD External Events Utility - ok 22:06:32.0337 0x2670 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 22:06:32.0337 0x2670 amdide - ok 22:06:32.0350 0x2670 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 22:06:32.0351 0x2670 AmdK8 - ok 22:06:32.0580 0x2670 [ 22A14DF59FB8D0BE918C597988AF4296, 714BD1BB63D732C6D03DFA1C2D81A2E00659C04052E110F0BF1EB74A7CD39B1C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 22:06:32.0734 0x2670 amdkmdag - ok 22:06:32.0778 0x2670 [ EE22D3ED6D55A855E709F811CCCA97ED, 179F34CF6E0C2F821EBC0AECF09AAA0867616CCBB5EA6B17891860B27D56AC66 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 22:06:32.0786 0x2670 amdkmdap - ok 22:06:32.0798 0x2670 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 22:06:32.0799 0x2670 AmdPPM - ok 22:06:32.0824 0x2670 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 22:06:32.0826 0x2670 amdsata - ok 22:06:32.0844 0x2670 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 22:06:32.0847 0x2670 amdsbs - ok 22:06:32.0855 0x2670 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 22:06:32.0856 0x2670 amdxata - ok 22:06:32.0972 0x2670 [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe 22:06:32.0984 0x2670 AntiVirMailService - ok 22:06:33.0027 0x2670 [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 22:06:33.0034 0x2670 AntiVirSchedulerService - ok 22:06:33.0079 0x2670 [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 22:06:33.0086 0x2670 AntiVirService - ok 22:06:33.0149 0x2670 [ F857D22CEC14854D310C5596C8CE6006, 67448C506D3171D327A6CE3952E41BDC65587FEB45F510160A1DAFCA9491711E ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe 22:06:33.0166 0x2670 AntiVirWebService - ok 22:06:33.0215 0x2670 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys 22:06:33.0216 0x2670 AppID - ok 22:06:33.0257 0x2670 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll 22:06:33.0258 0x2670 AppIDSvc - ok 22:06:33.0305 0x2670 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll 22:06:33.0306 0x2670 Appinfo - ok 22:06:33.0326 0x2670 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 22:06:33.0328 0x2670 arc - ok 22:06:33.0340 0x2670 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 22:06:33.0342 0x2670 arcsas - ok 22:06:33.0443 0x2670 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 22:06:33.0444 0x2670 aspnet_state - ok 22:06:33.0456 0x2670 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 22:06:33.0457 0x2670 AsyncMac - ok 22:06:33.0479 0x2670 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 22:06:33.0480 0x2670 atapi - ok 22:06:33.0502 0x2670 [ 437F55435623D4D54D36197F5AD8B435, CE004F1E3299E39AFD70C8618253901614C0F3DBD594B6F0E1BA294C7B47FAD6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys 22:06:33.0503 0x2670 AtiHDAudioService - ok 22:06:33.0524 0x2670 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 22:06:33.0534 0x2670 AudioEndpointBuilder - ok 22:06:33.0555 0x2670 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll 22:06:33.0564 0x2670 AudioSrv - ok 22:06:33.0587 0x2670 [ 24843902369DC82B4691F816F08F2938, 330E22C6007B10FE9C232BBCA2F388ADA17DEDBAA11BEC2A70377A4466DFB6FA ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 22:06:33.0589 0x2670 avgntflt - ok 22:06:33.0606 0x2670 [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 22:06:33.0609 0x2670 avipbb - ok 22:06:33.0667 0x2670 [ 4B3DBF1CEBE1B2346BF2F8D2251F641A, CDC5BCA35BE658007E29E94E7FBFAA499B50929E738A12904397D16268C6FBAE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe 22:06:33.0670 0x2670 Avira.ServiceHost - ok 22:06:33.0700 0x2670 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 22:06:33.0701 0x2670 avkmgr - ok 22:06:33.0712 0x2670 [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys 22:06:33.0713 0x2670 avnetflt - ok 22:06:33.0744 0x2670 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 22:06:33.0746 0x2670 AxInstSV - ok 22:06:33.0767 0x2670 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 22:06:33.0773 0x2670 b06bdrv - ok 22:06:33.0788 0x2670 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 22:06:33.0792 0x2670 b57nd60a - ok 22:06:33.0806 0x2670 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 22:06:33.0808 0x2670 BDESVC - ok 22:06:33.0817 0x2670 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 22:06:33.0817 0x2670 Beep - ok 22:06:33.0847 0x2670 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 22:06:33.0857 0x2670 BFE - ok 22:06:33.0895 0x2670 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 22:06:33.0908 0x2670 BITS - ok 22:06:33.0923 0x2670 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 22:06:33.0924 0x2670 blbdrive - ok 22:06:33.0953 0x2670 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 22:06:33.0954 0x2670 bowser - ok 22:06:33.0973 0x2670 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 22:06:33.0973 0x2670 BrFiltLo - ok 22:06:33.0987 0x2670 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 22:06:33.0988 0x2670 BrFiltUp - ok 22:06:34.0011 0x2670 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 22:06:34.0014 0x2670 Browser - ok 22:06:34.0031 0x2670 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 22:06:34.0035 0x2670 Brserid - ok 22:06:34.0050 0x2670 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 22:06:34.0051 0x2670 BrSerWdm - ok 22:06:34.0067 0x2670 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 22:06:34.0067 0x2670 BrUsbMdm - ok 22:06:34.0076 0x2670 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 22:06:34.0076 0x2670 BrUsbSer - ok 22:06:34.0088 0x2670 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 22:06:34.0089 0x2670 BthEnum - ok 22:06:34.0103 0x2670 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 22:06:34.0105 0x2670 BTHMODEM - ok 22:06:34.0132 0x2670 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 22:06:34.0134 0x2670 BthPan - ok 22:06:34.0170 0x2670 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 22:06:34.0178 0x2670 BTHPORT - ok 22:06:34.0182 0x2670 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 22:06:34.0183 0x2670 bthserv - ok 22:06:34.0205 0x2670 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 22:06:34.0206 0x2670 BTHUSB - ok 22:06:34.0230 0x2670 [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl C:\Windows\system32\drivers\btwampfl.sys 22:06:34.0235 0x2670 btwampfl - ok 22:06:34.0260 0x2670 [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 22:06:34.0261 0x2670 btwaudio - ok 22:06:34.0282 0x2670 [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys 22:06:34.0284 0x2670 btwavdt - ok 22:06:34.0372 0x2670 [ 6A667ADAD3C2151131E6A478850762BE, 3A98BFB7E201EBDB55CB7C7332CF7C3D876BE03910FDA24F1146F8AAE4C39DD8 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 22:06:34.0385 0x2670 btwdins - ok 22:06:34.0394 0x2670 [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys 22:06:34.0395 0x2670 btwl2cap - ok 22:06:34.0402 0x2670 [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 22:06:34.0402 0x2670 btwrchid - ok 22:06:34.0415 0x2670 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 22:06:34.0416 0x2670 cdfs - ok 22:06:34.0431 0x2670 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 22:06:34.0433 0x2670 cdrom - ok 22:06:34.0436 0x2670 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 22:06:34.0438 0x2670 CertPropSvc - ok 22:06:34.0444 0x2670 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 22:06:34.0445 0x2670 circlass - ok 22:06:34.0459 0x2670 [ 06E1F5228399FC49A8D026DA38DB6784, 5554071E5C55FC7EF3C7C95F0BC565509C3F0C03E0814C98376932A9D1C32AA6 ] cjusb C:\Windows\system32\DRIVERS\cjusb.sys 22:06:34.0460 0x2670 cjusb - ok 22:06:34.0507 0x2670 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys 22:06:34.0512 0x2670 CLFS - ok 22:06:34.0571 0x2670 [ 730BF325E4CC1E3935B81943AC6DA216, FF6D7C087976D6B431F8799AEF6DFA12F31F6B38D5D70F9A8F03AB01CC58BD58 ] CLKMSVC10_9EC60124 C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe 22:06:34.0574 0x2670 CLKMSVC10_9EC60124 - ok 22:06:34.0648 0x2670 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 22:06:34.0649 0x2670 clr_optimization_v2.0.50727_32 - ok 22:06:34.0720 0x2670 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 22:06:34.0722 0x2670 clr_optimization_v2.0.50727_64 - ok 22:06:34.0786 0x2670 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 22:06:34.0788 0x2670 clr_optimization_v4.0.30319_32 - ok 22:06:34.0804 0x2670 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 22:06:34.0806 0x2670 clr_optimization_v4.0.30319_64 - ok 22:06:34.0826 0x2670 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 22:06:34.0827 0x2670 CmBatt - ok 22:06:34.0847 0x2670 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 22:06:34.0847 0x2670 cmdide - ok 22:06:34.0925 0x2670 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys 22:06:34.0932 0x2670 CNG - ok 22:06:34.0941 0x2670 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 22:06:34.0942 0x2670 Compbatt - ok 22:06:34.0947 0x2670 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 22:06:34.0947 0x2670 CompositeBus - ok 22:06:34.0949 0x2670 COMSysApp - ok 22:06:34.0964 0x2670 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 22:06:34.0965 0x2670 crcdisk - ok 22:06:35.0002 0x2670 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll 22:06:35.0005 0x2670 CryptSvc - ok 22:06:35.0032 0x2670 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 22:06:35.0040 0x2670 DcomLaunch - ok 22:06:35.0066 0x2670 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 22:06:35.0070 0x2670 defragsvc - ok 22:06:35.0087 0x2670 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 22:06:35.0089 0x2670 DfsC - ok 22:06:35.0107 0x2670 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 22:06:35.0111 0x2670 Dhcp - ok 22:06:35.0180 0x2670 [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll 22:06:35.0198 0x2670 DiagTrack - ok 22:06:35.0237 0x2670 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 22:06:35.0238 0x2670 discache - ok 22:06:35.0250 0x2670 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 22:06:35.0251 0x2670 Disk - ok 22:06:35.0299 0x2670 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 22:06:35.0302 0x2670 Dnscache - ok 22:06:35.0333 0x2670 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 22:06:35.0337 0x2670 dot3svc - ok 22:06:35.0351 0x2670 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 22:06:35.0353 0x2670 DPS - ok 22:06:35.0366 0x2670 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 22:06:35.0366 0x2670 drmkaud - ok 22:06:35.0425 0x2670 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 22:06:35.0439 0x2670 DXGKrnl - ok 22:06:35.0443 0x2670 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 22:06:35.0445 0x2670 EapHost - ok 22:06:35.0521 0x2670 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 22:06:35.0566 0x2670 ebdrv - ok 22:06:35.0596 0x2670 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] EFS C:\Windows\System32\lsass.exe 22:06:35.0597 0x2670 EFS - ok 22:06:35.0696 0x2670 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 22:06:35.0706 0x2670 ehRecvr - ok 22:06:35.0719 0x2670 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 22:06:35.0721 0x2670 ehSched - ok 22:06:35.0744 0x2670 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 22:06:35.0751 0x2670 elxstor - ok 22:06:35.0767 0x2670 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 22:06:35.0767 0x2670 ErrDev - ok 22:06:35.0799 0x2670 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 22:06:35.0805 0x2670 EventSystem - ok 22:06:35.0837 0x2670 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 22:06:35.0840 0x2670 exfat - ok 22:06:35.0861 0x2670 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 22:06:35.0864 0x2670 fastfat - ok 22:06:35.0894 0x2670 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 22:06:35.0904 0x2670 Fax - ok 22:06:35.0918 0x2670 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 22:06:35.0919 0x2670 fdc - ok 22:06:35.0940 0x2670 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 22:06:35.0941 0x2670 fdPHost - ok 22:06:35.0952 0x2670 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 22:06:35.0953 0x2670 FDResPub - ok 22:06:35.0966 0x2670 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 22:06:35.0967 0x2670 FileInfo - ok 22:06:35.0972 0x2670 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 22:06:35.0972 0x2670 Filetrace - ok 22:06:36.0026 0x2670 [ 8669BE94F63944E4F899C3950B520241, 9991E57B3C366D59BD186CEAA78D4590EDB2BC127250CF4D1522CBE413453E72 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 22:06:36.0040 0x2670 FLEXnet Licensing Service - ok 22:06:36.0043 0x2670 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 22:06:36.0044 0x2670 flpydisk - ok 22:06:36.0064 0x2670 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 22:06:36.0069 0x2670 FltMgr - ok 22:06:36.0141 0x2670 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll 22:06:36.0157 0x2670 FontCache - ok 22:06:36.0199 0x2670 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 22:06:36.0199 0x2670 FontCache3.0.0.0 - ok 22:06:36.0211 0x2670 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 22:06:36.0212 0x2670 FsDepends - ok 22:06:36.0238 0x2670 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 22:06:36.0238 0x2670 Fs_Rec - ok 22:06:36.0265 0x2670 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 22:06:36.0268 0x2670 fvevol - ok 22:06:36.0284 0x2670 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 22:06:36.0286 0x2670 gagp30kx - ok 22:06:36.0327 0x2670 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 22:06:36.0338 0x2670 gpsvc - ok 22:06:36.0374 0x2670 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 22:06:36.0376 0x2670 gupdate - ok 22:06:36.0394 0x2670 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 22:06:36.0396 0x2670 gupdatem - ok 22:06:36.0458 0x2670 [ 8298C833C1EE0B271F6E6F50439B8814, 4E5C54423405B2DB2DEDE49DBA2C11C75693AC994236DECAFE50F96B852BF471 ] HCW85BDA C:\Windows\system32\drivers\HCW85BDA.sys 22:06:36.0483 0x2670 HCW85BDA - ok 22:06:36.0507 0x2670 [ C3097DDF0618315438A660CE34CAB4E6, 5A0BA48C7F02DE31A973DE81F7C46F1D4091CE887D46710B58DCDD17804145A3 ] hcw85cir C:\Windows\system32\drivers\hcw85cir3.sys 22:06:36.0508 0x2670 hcw85cir - ok 22:06:36.0526 0x2670 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 22:06:36.0528 0x2670 HDAudBus - ok 22:06:36.0542 0x2670 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 22:06:36.0543 0x2670 HidBatt - ok 22:06:36.0557 0x2670 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 22:06:36.0559 0x2670 HidBth - ok 22:06:36.0574 0x2670 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 22:06:36.0575 0x2670 HidIr - ok 22:06:36.0588 0x2670 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 22:06:36.0589 0x2670 hidserv - ok 22:06:36.0614 0x2670 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 22:06:36.0614 0x2670 HidUsb - ok 22:06:36.0634 0x2670 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 22:06:36.0636 0x2670 hkmsvc - ok 22:06:36.0660 0x2670 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 22:06:36.0663 0x2670 HomeGroupListener - ok 22:06:36.0677 0x2670 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 22:06:36.0680 0x2670 HomeGroupProvider - ok 22:06:36.0696 0x2670 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 22:06:36.0697 0x2670 HpSAMD - ok 22:06:36.0755 0x2670 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys 22:06:36.0766 0x2670 HTTP - ok 22:06:36.0777 0x2670 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 22:06:36.0777 0x2670 hwpolicy - ok 22:06:36.0793 0x2670 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 22:06:36.0794 0x2670 i8042prt - ok 22:06:36.0820 0x2670 [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor C:\Windows\system32\drivers\iaStor.sys 22:06:36.0826 0x2670 iaStor - ok 22:06:36.0860 0x2670 [ B25F192EA1F84A316EB7C19EFCCCF33D, 00BACE87CCA40722FF3AD7243439201CDCC23D0BA01E25F928BF63DA12816F8F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 22:06:36.0860 0x2670 IAStorDataMgrSvc - ok 22:06:36.0883 0x2670 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 22:06:36.0888 0x2670 iaStorV - ok 22:06:36.0956 0x2670 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 22:06:36.0957 0x2670 IDriverT - ok 22:06:37.0011 0x2670 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 22:06:37.0024 0x2670 idsvc - ok 22:06:37.0026 0x2670 IEEtwCollectorService - ok 22:06:37.0040 0x2670 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 22:06:37.0041 0x2670 iirsp - ok 22:06:37.0081 0x2670 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 22:06:37.0093 0x2670 IKEEXT - ok 22:06:37.0116 0x2670 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\drivers\Impcd.sys 22:06:37.0118 0x2670 Impcd - ok 22:06:37.0195 0x2670 [ 235362D403D9D677514649D88DB31914, 522F5BA88169ADEC1EEB595BFBBCD6417DF38CD93A0D2B2FD0AF4C907FF6D965 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 22:06:37.0228 0x2670 IntcAzAudAddService - ok 22:06:37.0274 0x2670 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 22:06:37.0279 0x2670 IntcDAud - ok 22:06:37.0302 0x2670 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 22:06:37.0302 0x2670 intelide - ok 22:06:37.0323 0x2670 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 22:06:37.0324 0x2670 intelppm - ok 22:06:37.0343 0x2670 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 22:06:37.0345 0x2670 IPBusEnum - ok 22:06:37.0358 0x2670 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 22:06:37.0360 0x2670 IpFilterDriver - ok 22:06:37.0385 0x2670 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 22:06:37.0394 0x2670 iphlpsvc - ok 22:06:37.0408 0x2670 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 22:06:37.0409 0x2670 IPMIDRV - ok 22:06:37.0428 0x2670 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 22:06:37.0429 0x2670 IPNAT - ok 22:06:37.0444 0x2670 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 22:06:37.0444 0x2670 IRENUM - ok 22:06:37.0456 0x2670 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 22:06:37.0456 0x2670 isapnp - ok 22:06:37.0482 0x2670 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 22:06:37.0486 0x2670 iScsiPrt - ok 22:06:37.0509 0x2670 [ 12E27942DBB7C91880163634B0D8A776, DEE56DB8993A915E8FC32F9F50FAEED591799B0694655926C4F260EBFB99FC7E ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys 22:06:37.0515 0x2670 k57nd60a - ok 22:06:37.0534 0x2670 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 22:06:37.0534 0x2670 kbdclass - ok 22:06:37.0542 0x2670 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 22:06:37.0543 0x2670 kbdhid - ok 22:06:37.0554 0x2670 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] KeyIso C:\Windows\system32\lsass.exe 22:06:37.0555 0x2670 KeyIso - ok 22:06:37.0595 0x2670 [ 67A1743377EBB5D9A370A8C2086CFDCC, 2F0FD6C1969B1EEEEFFC1A8F972E1E90F1AD9558FF00EC159BC19ED927FD4BF5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 22:06:37.0597 0x2670 KSecDD - ok 22:06:37.0614 0x2670 [ 522A1595D5701800DD41B2D472F5AAED, B62924AE94A5AC454AD6057BC133D717BB1C6445BE36D6BECAB76E1600F60C33 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 22:06:37.0616 0x2670 KSecPkg - ok 22:06:37.0705 0x2670 [ EFB2614E9142FA4427CE82EE6DC0CA7B, DE67CED09EA1A3B10BF0F3B22B2675844122783AE2523CE01E0BDE2691FC684A ] KSS C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe 22:06:37.0708 0x2670 KSS - ok 22:06:37.0727 0x2670 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 22:06:37.0728 0x2670 ksthunk - ok 22:06:37.0762 0x2670 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 22:06:37.0767 0x2670 KtmRm - ok 22:06:37.0802 0x2670 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 22:06:37.0806 0x2670 LanmanServer - ok 22:06:37.0839 0x2670 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 22:06:37.0842 0x2670 LanmanWorkstation - ok 22:06:37.0846 0x2670 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 22:06:37.0847 0x2670 lltdio - ok 22:06:37.0877 0x2670 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 22:06:37.0882 0x2670 lltdsvc - ok 22:06:37.0898 0x2670 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 22:06:37.0899 0x2670 lmhosts - ok 22:06:37.0917 0x2670 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 22:06:37.0918 0x2670 LSI_FC - ok 22:06:37.0928 0x2670 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 22:06:37.0930 0x2670 LSI_SAS - ok 22:06:37.0944 0x2670 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 22:06:37.0945 0x2670 LSI_SAS2 - ok 22:06:37.0961 0x2670 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 22:06:37.0963 0x2670 LSI_SCSI - ok 22:06:37.0983 0x2670 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 22:06:37.0984 0x2670 luafv - ok 22:06:38.0022 0x2670 [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys 22:06:38.0027 0x2670 LVRS64 - ok 22:06:38.0150 0x2670 [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys 22:06:38.0217 0x2670 LVUVC64 - ok 22:06:38.0242 0x2670 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 22:06:38.0243 0x2670 MBAMProtector - ok 22:06:38.0354 0x2670 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe 22:06:38.0370 0x2670 MBAMService - ok 22:06:38.0404 0x2670 [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys 22:06:38.0405 0x2670 MBAMWebAccessControl - ok 22:06:38.0431 0x2670 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 22:06:38.0433 0x2670 Mcx2Svc - ok 22:06:38.0450 0x2670 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 22:06:38.0450 0x2670 megasas - ok 22:06:38.0466 0x2670 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 22:06:38.0470 0x2670 MegaSR - ok 22:06:38.0487 0x2670 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 22:06:38.0488 0x2670 MEIx64 - ok 22:06:38.0510 0x2670 [ F9CE67E9E0226079B59107B649851F96, 7A55FB58425F2E59B5D400E85E1B271B84295548B8EDA865F7B8C804CB94563C ] MEMSWEEP2 C:\Windows\system32\F492.tmp 22:06:38.0511 0x2670 MEMSWEEP2 - ok 22:06:38.0530 0x2670 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 22:06:38.0532 0x2670 MMCSS - ok 22:06:38.0558 0x2670 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 22:06:38.0559 0x2670 Modem - ok 22:06:38.0577 0x2670 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 22:06:38.0578 0x2670 monitor - ok 22:06:38.0586 0x2670 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 22:06:38.0587 0x2670 mouclass - ok 22:06:38.0595 0x2670 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 22:06:38.0595 0x2670 mouhid - ok 22:06:38.0639 0x2670 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 22:06:38.0641 0x2670 mountmgr - ok 22:06:38.0645 0x2670 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 22:06:38.0648 0x2670 mpio - ok 22:06:38.0660 0x2670 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 22:06:38.0661 0x2670 mpsdrv - ok 22:06:38.0697 0x2670 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 22:06:38.0709 0x2670 MpsSvc - ok 22:06:38.0733 0x2670 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 22:06:38.0735 0x2670 MRxDAV - ok 22:06:38.0773 0x2670 [ B2081803D510DCE174992BA880EDCA70, 37DB53C9756EC03EB7165DEB58251615D70B7C86DF32A54DE25ADAF30A04D792 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 22:06:38.0775 0x2670 mrxsmb - ok 22:06:38.0822 0x2670 [ 552FA62B0EFECD22D8D52499324BCA4F, C3A02C9C30C36928AC7B1025496544967187A05BEF5D100B54F2C0155E47145C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 22:06:38.0827 0x2670 mrxsmb10 - ok 22:06:38.0861 0x2670 [ 97687971F9CB30E2633DE0F1296B9F61, 865DA87523E4C32D65D55D5475A5CDDFA10699780DA500E6D606384FB3BEB1BE ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 22:06:38.0863 0x2670 mrxsmb20 - ok 22:06:38.0885 0x2670 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 22:06:38.0886 0x2670 msahci - ok 22:06:38.0890 0x2670 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 22:06:38.0893 0x2670 msdsm - ok 22:06:38.0916 0x2670 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 22:06:38.0919 0x2670 MSDTC - ok 22:06:38.0933 0x2670 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 22:06:38.0934 0x2670 Msfs - ok 22:06:38.0948 0x2670 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 22:06:38.0949 0x2670 mshidkmdf - ok 22:06:38.0968 0x2670 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 22:06:38.0968 0x2670 msisadrv - ok 22:06:38.0995 0x2670 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 22:06:38.0998 0x2670 MSiSCSI - ok 22:06:39.0000 0x2670 msiserver - ok 22:06:39.0008 0x2670 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 22:06:39.0008 0x2670 MSKSSRV - ok 22:06:39.0020 0x2670 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 22:06:39.0020 0x2670 MSPCLOCK - ok 22:06:39.0031 0x2670 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 22:06:39.0031 0x2670 MSPQM - ok 22:06:39.0050 0x2670 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 22:06:39.0056 0x2670 MsRPC - ok 22:06:39.0075 0x2670 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 22:06:39.0076 0x2670 mssmbios - ok 22:06:39.0086 0x2670 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 22:06:39.0086 0x2670 MSTEE - ok 22:06:39.0101 0x2670 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 22:06:39.0102 0x2670 MTConfig - ok 22:06:39.0109 0x2670 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 22:06:39.0110 0x2670 Mup - ok 22:06:39.0134 0x2670 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 22:06:39.0141 0x2670 napagent - ok 22:06:39.0166 0x2670 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 22:06:39.0171 0x2670 NativeWifiP - ok 22:06:39.0213 0x2670 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys 22:06:39.0226 0x2670 NDIS - ok 22:06:39.0255 0x2670 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 22:06:39.0255 0x2670 NdisCap - ok 22:06:39.0279 0x2670 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 22:06:39.0280 0x2670 NdisTapi - ok 22:06:39.0318 0x2670 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 22:06:39.0319 0x2670 Ndisuio - ok 22:06:39.0337 0x2670 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 22:06:39.0339 0x2670 NdisWan - ok 22:06:39.0356 0x2670 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 22:06:39.0357 0x2670 NDProxy - ok 22:06:39.0360 0x2670 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 22:06:39.0361 0x2670 NetBIOS - ok 22:06:39.0379 0x2670 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 22:06:39.0383 0x2670 NetBT - ok 22:06:39.0385 0x2670 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] Netlogon C:\Windows\system32\lsass.exe 22:06:39.0387 0x2670 Netlogon - ok 22:06:39.0412 0x2670 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 22:06:39.0417 0x2670 Netman - ok 22:06:39.0453 0x2670 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 22:06:39.0456 0x2670 NetMsmqActivator - ok 22:06:39.0468 0x2670 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 22:06:39.0470 0x2670 NetPipeActivator - ok 22:06:39.0494 0x2670 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 22:06:39.0501 0x2670 netprofm - ok 22:06:39.0504 0x2670 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 22:06:39.0507 0x2670 NetTcpActivator - ok 22:06:39.0510 0x2670 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 22:06:39.0512 0x2670 NetTcpPortSharing - ok 22:06:39.0527 0x2670 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 22:06:39.0527 0x2670 nfrd960 - ok 22:06:39.0574 0x2670 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll 22:06:39.0579 0x2670 NlaSvc - ok 22:06:39.0603 0x2670 [ 5FE6F8C05F0769BBB74AFAC11453B182, ACF6026EF8D038B73484AE59FBD03559E1263CE134473D7A8C3F97CF71BC640C ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys 22:06:39.0603 0x2670 nmwcd - ok 22:06:39.0623 0x2670 [ 73C929945C0850B8D1FE2FEA05FDF05D, 665FBA777E5EF3F28828D19F2BBCCB778C1C6105BD830C1E29A1C4739663F0D3 ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys 22:06:39.0624 0x2670 nmwcdc - ok 22:06:39.0724 0x2670 [ B9B72FAAAA41D59B73B88FE3DD737ED1, 050E741FB5313523340B19C9C168611222C4AE9A6084FE3E2F908A49EA909A29 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe 22:06:39.0763 0x2670 NOBU - ok 22:06:39.0770 0x2670 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 22:06:39.0771 0x2670 Npfs - ok 22:06:39.0801 0x2670 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 22:06:39.0802 0x2670 nsi - ok 22:06:39.0804 0x2670 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 22:06:39.0805 0x2670 nsiproxy - ok 22:06:39.0864 0x2670 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 22:06:39.0887 0x2670 Ntfs - ok 22:06:39.0893 0x2670 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 22:06:39.0894 0x2670 Null - ok 22:06:39.0907 0x2670 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 22:06:39.0909 0x2670 nvraid - ok 22:06:39.0937 0x2670 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 22:06:39.0940 0x2670 nvstor - ok 22:06:39.0957 0x2670 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 22:06:39.0959 0x2670 nv_agp - ok 22:06:39.0975 0x2670 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 22:06:39.0976 0x2670 ohci1394 - ok 22:06:40.0014 0x2670 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 22:06:40.0016 0x2670 ose - ok 22:06:40.0162 0x2670 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 22:06:40.0230 0x2670 osppsvc - ok 22:06:40.0256 0x2670 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 22:06:40.0261 0x2670 p2pimsvc - ok 22:06:40.0289 0x2670 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 22:06:40.0296 0x2670 p2psvc - ok 22:06:40.0307 0x2670 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 22:06:40.0309 0x2670 Parport - ok 22:06:40.0324 0x2670 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 22:06:40.0326 0x2670 partmgr - ok 22:06:40.0369 0x2670 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll 22:06:40.0372 0x2670 PcaSvc - ok 22:06:40.0385 0x2670 [ BC0018C2D29F655188A0ED3FA94FDB24, BCF7F2CA5E30F569AEB69049BA3C196982C72EA7264CFBA59D7123041BA96E5A ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys 22:06:40.0386 0x2670 pccsmcfd - ok 22:06:40.0409 0x2670 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 22:06:40.0411 0x2670 pci - ok 22:06:40.0438 0x2670 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 22:06:40.0439 0x2670 pciide - ok 22:06:40.0456 0x2670 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 22:06:40.0459 0x2670 pcmcia - ok 22:06:40.0471 0x2670 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 22:06:40.0472 0x2670 pcw - ok 22:06:40.0540 0x2670 [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe 22:06:40.0558 0x2670 PDF Architect Helper Service - ok 22:06:40.0597 0x2670 [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe 22:06:40.0608 0x2670 PDF Architect Service - ok 22:06:40.0664 0x2670 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 22:06:40.0673 0x2670 PEAUTH - ok 22:06:40.0715 0x2670 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 22:06:40.0716 0x2670 PerfHost - ok 22:06:40.0766 0x2670 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 22:06:40.0786 0x2670 pla - ok 22:06:40.0815 0x2670 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 22:06:40.0821 0x2670 PlugPlay - ok 22:06:40.0845 0x2670 [ 0BEE791C7C7ACE453C134E73633C497D, 82B30461DBF40AC15FCE6A83B9BAD2EBD05B27DEA1B784EAA096422FE8927B7B ] pmxdrv C:\Windows\system32\drivers\pmxdrv.sys 22:06:40.0846 0x2670 pmxdrv - ok 22:06:40.0854 0x2670 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 22:06:40.0855 0x2670 PNRPAutoReg - ok 22:06:40.0878 0x2670 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 22:06:40.0883 0x2670 PNRPsvc - ok 22:06:40.0920 0x2670 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 22:06:40.0927 0x2670 PolicyAgent - ok 22:06:40.0938 0x2670 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 22:06:40.0941 0x2670 Power - ok 22:06:40.0951 0x2670 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 22:06:40.0953 0x2670 PptpMiniport - ok 22:06:40.0968 0x2670 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 22:06:40.0969 0x2670 Processor - ok 22:06:41.0013 0x2670 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll 22:06:41.0016 0x2670 ProfSvc - ok 22:06:41.0019 0x2670 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] ProtectedStorage C:\Windows\system32\lsass.exe 22:06:41.0020 0x2670 ProtectedStorage - ok 22:06:41.0038 0x2670 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 22:06:41.0040 0x2670 Psched - ok 22:06:41.0076 0x2670 [ 05A0C2744CEAC6F1B723EC469B650EF0, D9F2E0E4431217C6A7CDE38D36362CD5A06E93B9F45F92638120EF151089B370 ] PSKMAD C:\Windows\system32\DRIVERS\PSKMAD.sys 22:06:41.0077 0x2670 PSKMAD - ok 22:06:41.0101 0x2670 [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 22:06:41.0102 0x2670 PxHlpa64 - ok 22:06:41.0147 0x2670 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 22:06:41.0168 0x2670 ql2300 - ok 22:06:41.0184 0x2670 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 22:06:41.0201 0x2670 ql40xx - ok 22:06:41.0227 0x2670 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 22:06:41.0232 0x2670 QWAVE - ok 22:06:41.0244 0x2670 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 22:06:41.0245 0x2670 QWAVEdrv - ok 22:06:41.0351 0x2670 [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll 22:06:41.0355 0x2670 RapiMgr - ok 22:06:41.0367 0x2670 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 22:06:41.0368 0x2670 RasAcd - ok 22:06:41.0381 0x2670 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 22:06:41.0383 0x2670 RasAgileVpn - ok 22:06:41.0403 0x2670 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 22:06:41.0405 0x2670 RasAuto - ok 22:06:41.0416 0x2670 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 22:06:41.0418 0x2670 Rasl2tp - ok 22:06:41.0457 0x2670 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 22:06:41.0463 0x2670 RasMan - ok 22:06:41.0471 0x2670 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 22:06:41.0472 0x2670 RasPppoe - ok 22:06:41.0485 0x2670 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 22:06:41.0486 0x2670 RasSstp - ok 22:06:41.0509 0x2670 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 22:06:41.0514 0x2670 rdbss - ok 22:06:41.0531 0x2670 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 22:06:41.0532 0x2670 rdpbus - ok 22:06:41.0544 0x2670 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 22:06:41.0544 0x2670 RDPCDD - ok 22:06:41.0547 0x2670 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 22:06:41.0547 0x2670 RDPENCDD - ok 22:06:41.0558 0x2670 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 22:06:41.0558 0x2670 RDPREFMP - ok 22:06:41.0628 0x2670 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 22:06:41.0629 0x2670 RdpVideoMiniport - ok 22:06:41.0665 0x2670 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 22:06:41.0669 0x2670 RDPWD - ok 22:06:41.0689 0x2670 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 22:06:41.0692 0x2670 rdyboost - ok 22:06:41.0708 0x2670 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 22:06:41.0710 0x2670 RemoteAccess - ok 22:06:41.0725 0x2670 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 22:06:41.0728 0x2670 RemoteRegistry - ok 22:06:41.0761 0x2670 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 22:06:41.0763 0x2670 RFCOMM - ok 22:06:41.0855 0x2670 [ 3C957189B31C34D3AD21967B12B6AED7, 878FE6EA03F60592D6D557B905A5119E2CC836C2A6A86ED2867C3C9B0F0FDBA2 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe 22:06:41.0870 0x2670 RoxMediaDB12OEM - ok 22:06:41.0894 0x2670 [ 2B73088CC2CA757A172B425C9398E5BC, 3D296B4D6F66F7729CC48FE54456E6E6D8207DBA7E31D66653566C128E53163B ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe 22:06:41.0897 0x2670 RoxWatch12 - ok 22:06:41.0915 0x2670 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 22:06:41.0917 0x2670 RpcEptMapper - ok 22:06:41.0929 0x2670 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 22:06:41.0929 0x2670 RpcLocator - ok 22:06:41.0945 0x2670 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 22:06:41.0953 0x2670 RpcSs - ok 22:06:41.0965 0x2670 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 22:06:41.0966 0x2670 rspndr - ok 22:06:41.0968 0x2670 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] SamSs C:\Windows\system32\lsass.exe 22:06:41.0970 0x2670 SamSs - ok 22:06:41.0981 0x2670 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 22:06:41.0983 0x2670 sbp2port - ok 22:06:41.0988 0x2670 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 22:06:41.0992 0x2670 SCardSvr - ok 22:06:42.0004 0x2670 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 22:06:42.0005 0x2670 scfilter - ok 22:06:42.0044 0x2670 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 22:06:42.0060 0x2670 Schedule - ok 22:06:42.0090 0x2670 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 22:06:42.0092 0x2670 SCPolicySvc - ok 22:06:42.0101 0x2670 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 22:06:42.0104 0x2670 SDRSVC - ok 22:06:42.0203 0x2670 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe 22:06:42.0227 0x2670 SDScannerService - ok 22:06:42.0283 0x2670 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe 22:06:42.0311 0x2670 SDUpdateService - ok 22:06:42.0331 0x2670 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe 22:06:42.0334 0x2670 SDWSCService - ok 22:06:42.0351 0x2670 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 22:06:42.0351 0x2670 secdrv - ok 22:06:42.0369 0x2670 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 22:06:42.0370 0x2670 seclogon - ok 22:06:42.0374 0x2670 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 22:06:42.0376 0x2670 SENS - ok 22:06:42.0382 0x2670 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 22:06:42.0383 0x2670 SensrSvc - ok 22:06:42.0394 0x2670 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys 22:06:42.0394 0x2670 Serenum - ok 22:06:42.0410 0x2670 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 22:06:42.0411 0x2670 Serial - ok 22:06:42.0421 0x2670 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 22:06:42.0422 0x2670 sermouse - ok 22:06:42.0477 0x2670 [ C15B813F2FDB44F87F23312472C6E790, 2AA4024C312D0FFDC7DD2F46D011C8C54085216A3B5FA99FA42312C2E991E141 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe 22:06:42.0487 0x2670 ServiceLayer - ok 22:06:42.0504 0x2670 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 22:06:42.0507 0x2670 SessionEnv - ok 22:06:42.0529 0x2670 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 22:06:42.0529 0x2670 sffdisk - ok 22:06:42.0540 0x2670 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 22:06:42.0540 0x2670 sffp_mmc - ok 22:06:42.0548 0x2670 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 22:06:42.0548 0x2670 sffp_sd - ok 22:06:42.0564 0x2670 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 22:06:42.0564 0x2670 sfloppy - ok 22:06:42.0632 0x2670 [ E1974A92AC0914A3859359A0A8C82C68, 4908917F72D6E531B44488F06A05915F0DA9767758E44C886F5F93F46BA79654 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE 22:06:42.0642 0x2670 SftService - ok 22:06:42.0681 0x2670 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 22:06:42.0687 0x2670 SharedAccess - ok 22:06:42.0713 0x2670 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 22:06:42.0718 0x2670 ShellHWDetection - ok 22:06:42.0733 0x2670 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 22:06:42.0734 0x2670 SiSRaid2 - ok 22:06:42.0746 0x2670 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 22:06:42.0747 0x2670 SiSRaid4 - ok 22:06:42.0845 0x2670 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 22:06:42.0850 0x2670 SkypeUpdate - ok 22:06:42.0877 0x2670 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 22:06:42.0878 0x2670 Smb - ok 22:06:42.0882 0x2670 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 22:06:42.0883 0x2670 SNMPTRAP - ok 22:06:42.0899 0x2670 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 22:06:42.0900 0x2670 spldr - ok 22:06:42.0960 0x2670 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 22:06:42.0969 0x2670 Spooler - ok 22:06:43.0059 0x2670 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 22:06:43.0108 0x2670 sppsvc - ok 22:06:43.0134 0x2670 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 22:06:43.0136 0x2670 sppuinotify - ok 22:06:43.0168 0x2670 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 22:06:43.0175 0x2670 srv - ok 22:06:43.0210 0x2670 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 22:06:43.0216 0x2670 srv2 - ok 22:06:43.0249 0x2670 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 22:06:43.0252 0x2670 srvnet - ok 22:06:43.0258 0x2670 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 22:06:43.0261 0x2670 SSDPSRV - ok 22:06:43.0272 0x2670 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 22:06:43.0274 0x2670 SstpSvc - ok 22:06:43.0287 0x2670 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 22:06:43.0288 0x2670 stexstor - ok 22:06:43.0310 0x2670 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 22:06:43.0319 0x2670 stisvc - ok 22:06:43.0349 0x2670 [ 7731F46EC0D687A931CBA063E8F90EF0, 5CF996A209756B901316C4406C7D3E52ECC9C15A1BDB0D4D9C77846AB29FD040 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe 22:06:43.0350 0x2670 stllssvr - ok 22:06:43.0366 0x2670 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 22:06:43.0367 0x2670 swenum - ok 22:06:43.0389 0x2670 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 22:06:43.0397 0x2670 swprv - ok 22:06:43.0468 0x2670 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll 22:06:43.0492 0x2670 SysMain - ok 22:06:43.0507 0x2670 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 22:06:43.0509 0x2670 TabletInputService - ok 22:06:43.0537 0x2670 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 22:06:43.0542 0x2670 TapiSrv - ok 22:06:43.0546 0x2670 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 22:06:43.0547 0x2670 TBS - ok 22:06:43.0618 0x2670 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 22:06:43.0644 0x2670 Tcpip - ok 22:06:43.0675 0x2670 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 22:06:43.0701 0x2670 TCPIP6 - ok 22:06:43.0726 0x2670 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 22:06:43.0727 0x2670 tcpipreg - ok 22:06:43.0739 0x2670 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 22:06:43.0740 0x2670 TDPIPE - ok 22:06:43.0759 0x2670 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 22:06:43.0759 0x2670 TDTCP - ok 22:06:43.0805 0x2670 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys 22:06:43.0806 0x2670 tdx - ok 22:06:43.0812 0x2670 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 22:06:43.0813 0x2670 TermDD - ok 22:06:43.0867 0x2670 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 22:06:43.0877 0x2670 TermService - ok 22:06:43.0884 0x2670 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 22:06:43.0886 0x2670 Themes - ok 22:06:43.0898 0x2670 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 22:06:43.0899 0x2670 THREADORDER - ok 22:06:43.0912 0x2670 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 22:06:43.0914 0x2670 TrkWks - ok 22:06:43.0963 0x2670 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 22:06:43.0966 0x2670 TrustedInstaller - ok 22:06:43.0979 0x2670 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 22:06:43.0979 0x2670 tssecsrv - ok 22:06:44.0016 0x2670 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 22:06:44.0017 0x2670 TsUsbFlt - ok 22:06:44.0046 0x2670 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 22:06:44.0046 0x2670 TsUsbGD - ok 22:06:44.0058 0x2670 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 22:06:44.0060 0x2670 tunnel - ok 22:06:44.0077 0x2670 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 22:06:44.0078 0x2670 uagp35 - ok 22:06:44.0101 0x2670 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 22:06:44.0106 0x2670 udfs - ok 22:06:44.0121 0x2670 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 22:06:44.0123 0x2670 UI0Detect - ok 22:06:44.0132 0x2670 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 22:06:44.0133 0x2670 uliagpkx - ok 22:06:44.0147 0x2670 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 22:06:44.0148 0x2670 umbus - ok 22:06:44.0162 0x2670 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 22:06:44.0162 0x2670 UmPass - ok 22:06:44.0217 0x2670 [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe 22:06:44.0223 0x2670 UMVPFSrv - ok 22:06:44.0249 0x2670 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 22:06:44.0255 0x2670 upnphost - ok 22:06:44.0280 0x2670 [ 34AFB83C7BBA370E404E52CC2290350C, 1B3F9DF6C0DA8166FE02D4B2B8E3D5A432FE84A248516D0F5DA9E42076095AB8 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys 22:06:44.0281 0x2670 upperdev - ok 22:06:44.0309 0x2670 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 22:06:44.0311 0x2670 usbaudio - ok 22:06:44.0333 0x2670 [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 22:06:44.0335 0x2670 usbccgp - ok 22:06:44.0356 0x2670 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 22:06:44.0357 0x2670 usbcir - ok 22:06:44.0380 0x2670 [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci C:\Windows\system32\drivers\usbehci.sys 22:06:44.0381 0x2670 usbehci - ok 22:06:44.0405 0x2670 [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 22:06:44.0410 0x2670 usbhub - ok 22:06:44.0432 0x2670 [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci C:\Windows\system32\drivers\usbohci.sys 22:06:44.0432 0x2670 usbohci - ok 22:06:44.0444 0x2670 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 22:06:44.0445 0x2670 usbprint - ok 22:06:44.0450 0x2670 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 22:06:44.0450 0x2670 usbscan - ok 22:06:44.0458 0x2670 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\drivers\usbser.sys 22:06:44.0459 0x2670 usbser - ok 22:06:44.0478 0x2670 [ AA75E1EFBEE7186B4CBAAACF1F15E6CA, D7A3069913CF8A7F281AC2D7C1FA58FA31A05D7E35E93D7588F4B3B18B3377FD ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys 22:06:44.0478 0x2670 UsbserFilt - ok 22:06:44.0499 0x2670 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 22:06:44.0500 0x2670 USBSTOR - ok 22:06:44.0517 0x2670 [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 22:06:44.0517 0x2670 usbuhci - ok 22:06:44.0542 0x2670 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys 22:06:44.0543 0x2670 usb_rndisx - ok 22:06:44.0548 0x2670 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 22:06:44.0550 0x2670 UxSms - ok 22:06:44.0552 0x2670 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] VaultSvc C:\Windows\system32\lsass.exe 22:06:44.0553 0x2670 VaultSvc - ok 22:06:44.0566 0x2670 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 22:06:44.0567 0x2670 vdrvroot - ok 22:06:44.0586 0x2670 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 22:06:44.0594 0x2670 vds - ok 22:06:44.0603 0x2670 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 22:06:44.0603 0x2670 vga - ok 22:06:44.0605 0x2670 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 22:06:44.0606 0x2670 VgaSave - ok 22:06:44.0626 0x2670 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 22:06:44.0629 0x2670 vhdmp - ok 22:06:44.0641 0x2670 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 22:06:44.0642 0x2670 viaide - ok 22:06:44.0664 0x2670 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 22:06:44.0666 0x2670 volmgr - ok 22:06:44.0682 0x2670 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 22:06:44.0687 0x2670 volmgrx - ok 22:06:44.0705 0x2670 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 22:06:44.0709 0x2670 volsnap - ok 22:06:44.0723 0x2670 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 22:06:44.0725 0x2670 vsmraid - ok 22:06:44.0770 0x2670 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 22:06:44.0793 0x2670 VSS - ok 22:06:44.0808 0x2670 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 22:06:44.0808 0x2670 vwifibus - ok 22:06:44.0828 0x2670 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 22:06:44.0834 0x2670 W32Time - ok 22:06:44.0853 0x2670 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 22:06:44.0853 0x2670 WacomPen - ok 22:06:44.0867 0x2670 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 22:06:44.0869 0x2670 WANARP - ok 22:06:44.0872 0x2670 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 22:06:44.0874 0x2670 Wanarpv6 - ok 22:06:44.0928 0x2670 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 22:06:44.0949 0x2670 wbengine - ok 22:06:44.0969 0x2670 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 22:06:44.0973 0x2670 WbioSrvc - ok 22:06:44.0996 0x2670 [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll 22:06:45.0002 0x2670 WcesComm - ok 22:06:45.0042 0x2670 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 22:06:45.0047 0x2670 wcncsvc - ok 22:06:45.0063 0x2670 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 22:06:45.0064 0x2670 WcsPlugInService - ok 22:06:45.0078 0x2670 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 22:06:45.0078 0x2670 Wd - ok 22:06:45.0122 0x2670 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 22:06:45.0133 0x2670 Wdf01000 - ok 22:06:45.0171 0x2670 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll 22:06:45.0174 0x2670 WdiServiceHost - ok 22:06:45.0195 0x2670 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll 22:06:45.0198 0x2670 WdiSystemHost - ok 22:06:45.0243 0x2670 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll 22:06:45.0247 0x2670 WebClient - ok 22:06:45.0261 0x2670 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 22:06:45.0265 0x2670 Wecsvc - ok 22:06:45.0272 0x2670 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 22:06:45.0274 0x2670 wercplsupport - ok 22:06:45.0282 0x2670 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 22:06:45.0285 0x2670 WerSvc - ok 22:06:45.0300 0x2670 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 22:06:45.0301 0x2670 WfpLwf - ok 22:06:45.0328 0x2670 [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys 22:06:45.0330 0x2670 WimFltr - ok 22:06:45.0339 0x2670 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 22:06:45.0340 0x2670 WIMMount - ok 22:06:45.0363 0x2670 WinDefend - ok 22:06:45.0366 0x2670 WinHttpAutoProxySvc - ok 22:06:45.0424 0x2670 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 22:06:45.0428 0x2670 Winmgmt - ok 22:06:45.0512 0x2670 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll 22:06:45.0541 0x2670 WinRM - ok 22:06:45.0590 0x2670 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 22:06:45.0603 0x2670 Wlansvc - ok 22:06:45.0655 0x2670 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 22:06:45.0656 0x2670 wlcrasvc - ok 22:06:45.0736 0x2670 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 22:06:45.0767 0x2670 wlidsvc - ok 22:06:45.0778 0x2670 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 22:06:45.0779 0x2670 WmiAcpi - ok 22:06:45.0803 0x2670 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 22:06:45.0806 0x2670 wmiApSrv - ok 22:06:45.0814 0x2670 WMPNetworkSvc - ok 22:06:45.0822 0x2670 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 22:06:45.0823 0x2670 WPCSvc - ok 22:06:45.0835 0x2670 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 22:06:45.0837 0x2670 WPDBusEnum - ok 22:06:45.0848 0x2670 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 22:06:45.0849 0x2670 ws2ifsl - ok 22:06:45.0852 0x2670 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 22:06:45.0855 0x2670 wscsvc - ok 22:06:45.0857 0x2670 WSearch - ok 22:06:45.0949 0x2670 [ 499034D7F1F6AF49F9EE12F8822793CB, 55D591C4861AF66C6B9201BF78808B2ECE7B79D95C6BB07FF0ED87EFE63DD99E ] wuauserv C:\Windows\system32\wuaueng.dll 22:06:45.0985 0x2670 wuauserv - ok 22:06:46.0000 0x2670 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 22:06:46.0001 0x2670 WudfPf - ok 22:06:46.0020 0x2670 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 22:06:46.0023 0x2670 WUDFRd - ok 22:06:46.0049 0x2670 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 22:06:46.0051 0x2670 wudfsvc - ok 22:06:46.0079 0x2670 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 22:06:46.0083 0x2670 WwanSvc - ok 22:06:46.0089 0x2670 ================ Scan global =============================== 22:06:46.0122 0x2670 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll 22:06:46.0162 0x2670 [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll 22:06:46.0177 0x2670 [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll 22:06:46.0203 0x2670 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 22:06:46.0246 0x2670 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe 22:06:46.0252 0x2670 [ Global ] - ok 22:06:46.0252 0x2670 ================ Scan MBR ================================== 22:06:46.0267 0x2670 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 22:06:46.0402 0x2670 \Device\Harddisk0\DR0 - ok 22:06:46.0402 0x2670 ================ Scan VBR ================================== 22:06:46.0404 0x2670 [ 37FD435BE0AA27EB3947661B19EDE7AE ] \Device\Harddisk0\DR0\Partition1 22:06:46.0468 0x2670 \Device\Harddisk0\DR0\Partition1 - ok 22:06:46.0470 0x2670 [ 953A27EC4B468FC9629B098EFA1555A8 ] \Device\Harddisk0\DR0\Partition2 22:06:46.0524 0x2670 \Device\Harddisk0\DR0\Partition2 - ok 22:06:46.0524 0x2670 ================ Scan generic autorun ====================== 22:06:46.0779 0x2670 [ 8CB8E0C93C5459B45BE1FA628FB0D761, F06830359F11515BA1CA5EC061F5B254E5A4676FBEC8AFAC23B56BB413B7E63F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 22:06:46.0924 0x2670 RtHDVCpl - ok 22:06:46.0950 0x2670 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\RunDLL32.exe 22:06:46.0952 0x2670 RunDLLEntry_THXCfg - ok 22:06:46.0954 0x2670 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\RunDLL32.exe 22:06:46.0956 0x2670 RunDLLEntry_EptMon - ok 22:06:46.0985 0x2670 [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe 22:06:46.0994 0x2670 Windows Mobile Device Center - ok 22:06:47.0021 0x2670 [ C0B97E53A0E39A48EEA2DCD500EEA07A, 111FBD91850E52E61E6A4D8065BF56C9C6B89C55BA6312F726125F1CE4B09EE1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 22:06:47.0025 0x2670 IAStorIcon - ok 22:06:47.0055 0x2670 [ 49916F80B1CCE8B80477999921ED14E4, 9AFB9F53FF642BB19F1BE7B3073EC96C59F22D50BF935846E3622D56A414211B ] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe 22:06:47.0059 0x2670 ShwiconXP9106 - ok 22:06:47.0134 0x2670 [ 2A5E8DBC310C2FB7511B9AB8E7CFB297, F9522B42BAA4A3B5D325385C8AB7BBDE549AB6420D0F430925A22C61C09FE5B2 ] C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe 22:06:47.0147 0x2670 THX Audio Control Panel - ok 22:06:47.0170 0x2670 [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\Windows\UpdReg.EXE 22:06:47.0172 0x2670 UpdReg - ok 22:06:47.0257 0x2670 [ 88FD47E3BD31BC358AD1EF14E75C7681, 0177A849A8E63122628D42AAB97F29224413B10C5E9720F7ED9E109E509EC7ED ] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe 22:06:47.0258 0x2670 RemoteControl9 - ok 22:06:47.0313 0x2670 [ A4A59E38A82781985AF76BA2038C78BE, 0E349A07EFC7FB0BB6E9CD3A6B9E72CDA4FD45001EEAB3AAC5D885E2AE0CEF77 ] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe 22:06:47.0314 0x2670 PDVD9LanguageShortcut - ok 22:06:47.0335 0x2670 [ 845BA1CEFFD99B178345E2A5A2CC435C, 7539796035A97DF9B1EEAB23ADC0F2385EBD2A5E11EE72E8DDF76CD14A24DD18 ] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe 22:06:47.0336 0x2670 BDRegion - ok 22:06:47.0417 0x2670 [ EBE1962DC5EEFC13D20543013A891ABC, E6E993B38267D17EF4FFAD8870817DA0D65405C920177D077FA3FD7B98DB4C3D ] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe 22:06:47.0432 0x2670 Dell DataSafe Online - ok 22:06:47.0487 0x2670 [ 1196380F7BC5A83193BE66594193C20B, 1CDA7C838548C8B3A92F72643A129C077E3AB0E5EBBC2112A7C22CE3E3A81007 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe 22:06:47.0487 0x2670 Adobe Reader Speed Launcher - ok 22:06:47.0522 0x2670 [ 6CE36EE8D47C825A8D0C56C846CF636F, 62611B4D1CB67E93BFEFCCE605D33A72C3AF2C362B904B571A9E671A178F73E1 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe 22:06:47.0524 0x2670 Launcher - ok 22:06:47.0589 0x2670 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 22:06:47.0605 0x2670 Sidebar - ok 22:06:47.0632 0x2670 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 22:06:47.0634 0x2670 mctadmin - ok 22:06:47.0662 0x2670 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 22:06:47.0678 0x2670 Sidebar - ok 22:06:47.0689 0x2670 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 22:06:47.0691 0x2670 mctadmin - ok 22:06:47.0774 0x2670 [ 16DEFCB5F3FAC44D5EB35B19DA337FE5, CE8531B8FBA4896D4A1AB0C5CCEFC5DF0C74063D717EC9BA386B4E25D7F93651 ] c:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe 22:06:47.0783 0x2670 CAHeadless - ok 22:06:47.0928 0x2670 [ 61E3B5BEE1C10954F53DC07282F2A61C, 9B092FE63CAECDAD165B702D45B79D5D06DC879C11FEFFCE62B431712C50A1F2 ] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe 22:06:48.0010 0x2670 Logitech Vid - ok 22:06:48.0015 0x2670 msnmsgr - ok 22:06:48.0107 0x2670 [ 35F8F5B393DBBD9A509868E2012795FA, 315BF201051FBBDA0A2A5DAC308F51E6642870B07DD514AB60B2C8B2A580E9BB ] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe 22:06:48.0121 0x2670 NokiaSuite.exe - ok 22:06:48.0180 0x2670 [ F82090054C9691B7AB7543B081BDA447, 8769BA4A6A8988B68574857A5BBFB82A5CB3BA5EDFFF7793154B19751B736E8C ] C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe 22:06:48.0190 0x2670 DataSync Outlook - ok 22:06:48.0248 0x2670 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe 22:06:48.0268 0x2670 Sidebar - ok 22:06:48.0386 0x2670 [ D8470A716BE1C02A81F5AD704D43D334, DA2E76AFB6C0F0111CC5B3A83B331D2BCA54CC78C56128D2B90B86FC89E7EAA7 ] C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe 22:06:48.0427 0x2670 Amazon Cloud Player - ok 22:06:48.0598 0x2670 [ B2BAE2D76FBE9FDC3F6E0D1F886DF367, 964EBF736891BE252C68FCE1F9EAD5E60E6E0C2119D21C6DF49FBD30FBB678EF ] C:\Program Files\CCleaner\CCleaner64.exe 22:06:48.0696 0x2670 CCleaner Monitoring - ok 22:06:48.0770 0x2670 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe 22:06:48.0783 0x2670 SpybotPostWindows10UpgradeReInstall - ok 22:06:48.0911 0x2670 [ 61E3B5BEE1C10954F53DC07282F2A61C, 9B092FE63CAECDAD165B702D45B79D5D06DC879C11FEFFCE62B431712C50A1F2 ] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe 22:06:48.0993 0x2670 Logitech Vid - ok 22:06:49.0021 0x2670 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe 22:06:49.0041 0x2670 Sidebar - ok 22:06:49.0148 0x2670 [ 61E3B5BEE1C10954F53DC07282F2A61C, 9B092FE63CAECDAD165B702D45B79D5D06DC879C11FEFFCE62B431712C50A1F2 ] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe 22:06:49.0230 0x2670 Logitech Vid - ok 22:06:49.0268 0x2670 [ F82090054C9691B7AB7543B081BDA447, 8769BA4A6A8988B68574857A5BBFB82A5CB3BA5EDFFF7793154B19751B736E8C ] C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe 22:06:49.0277 0x2670 DataSync Outlook - ok 22:06:49.0281 0x2670 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.12.402 ), 0x40000 ( disabled : updated ) 22:06:49.0282 0x2670 Win FW state via NFP2: enabled ( trusted ) 22:06:51.0629 0x2670 ============================================================ 22:06:51.0629 0x2670 Scan finished 22:06:51.0629 0x2670 ============================================================ 22:06:51.0632 0x2288 Detected object count: 0 22:06:51.0632 0x2288 Actual detected object count: 0 So viel für Heute. Gruß! günni42 |
|
17.08.2015, 14:55
| #5 |
| /// the machine /// TB-Ausbilder | Email- Konto gehackt? hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.08.2015, 15:59
| #6 |
| | Email- Konto gehackt? Hallo schrauber, bei mir dauert's immer etwas länger, nachdem ich den Schalter zum Deaktivieren von Spybot S&D nicht gefunden habe, habe ich das PGM deinstalliert. Combofix hat ca. 30 Min. gebraucht. Hier der Log Code:
ATTFilter ComboFix 15-08-17.01 - Admi_günter 17.08.2015 16:25:41.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8174.5373 [GMT 2:00]
ausgeführt von:: c:\users\G³nter\Downloads\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\3mj1ol.bat
c:\programdata\3mj1ol.pad
c:\programdata\PCDr\6664\AddOnDownloaded\2c507aa3-5c72-4011-b9e1-3928beb6f336.dll
c:\programdata\PCDr\6664\AddOnDownloaded\2ed4ce9e-0dff-4595-a0aa-f3e3b671fddc.dll
c:\programdata\PCDr\6664\AddOnDownloaded\3324fb70-b482-4ff5-9d0e-102981046ff0.dll
c:\programdata\PCDr\6664\AddOnDownloaded\459715e4-d2b9-4b1d-9abd-b72ddc2c69b1.dll
c:\programdata\PCDr\6664\AddOnDownloaded\4628ddf8-b4cb-4445-b869-56cb92eae20b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\48db0c93-e691-44fc-9c6b-a61e60525cfe.dll
c:\programdata\PCDr\6664\AddOnDownloaded\4cb05034-365d-4b59-a070-5750405458b0.dll
c:\programdata\PCDr\6664\AddOnDownloaded\4e3bd962-072e-42a0-8ffb-faf4fbf06230.dll
c:\programdata\PCDr\6664\AddOnDownloaded\526d8043-c04a-458e-b41c-9f0b037eb5ab.dll
c:\programdata\PCDr\6664\AddOnDownloaded\5d59ed02-c0da-4e0e-8811-16a3d0b6a87d.dll
c:\programdata\PCDr\6664\AddOnDownloaded\649574c7-1acb-458c-a846-1bc04bfcdb93.dll
c:\programdata\PCDr\6664\AddOnDownloaded\6b56d7e1-5ac6-46da-8615-10fbe2919ac8.dll
c:\programdata\PCDr\6664\AddOnDownloaded\6f9e83ca-5216-40db-863d-61ffff2a1563.dll
c:\programdata\PCDr\6664\AddOnDownloaded\812fed95-c1fb-4695-be1a-fd6265302cf9.dll
c:\programdata\PCDr\6664\AddOnDownloaded\873c94c8-114d-4d39-a36a-14d636c6e7f3.dll
c:\programdata\PCDr\6664\AddOnDownloaded\909c2f24-5974-42a7-a041-bbc7c1411046.dll
c:\programdata\PCDr\6664\AddOnDownloaded\943fb1bd-a66d-43d4-943d-6261ebf98050.dll
c:\programdata\PCDr\6664\AddOnDownloaded\95863b84-2a1c-4539-bd21-ffbef3ea7fd9.dll
c:\programdata\PCDr\6664\AddOnDownloaded\964840d8-cf70-45c0-a3db-802e021f9658.dll
c:\programdata\PCDr\6664\AddOnDownloaded\9afbb1e4-1951-4d6e-bd32-2e0e5254786f.dll
c:\programdata\PCDr\6664\AddOnDownloaded\9b664440-a1fb-457f-a208-c519fea54f87.dll
c:\programdata\PCDr\6664\AddOnDownloaded\9b6e4d67-f75b-40b4-bfb0-bc8d902f62eb.dll
c:\programdata\PCDr\6664\AddOnDownloaded\9bf708b5-617d-4352-8ecd-ff95912dcb95.dll
c:\programdata\PCDr\6664\AddOnDownloaded\a7a4f473-8998-4029-be3e-f4280478bd6b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ac83e4d3-2f37-4679-a3b4-b7f5aa568264.dll
c:\programdata\PCDr\6664\AddOnDownloaded\b4e7e391-8ff3-4363-bb72-f41a243749b1.dll
c:\programdata\PCDr\6664\AddOnDownloaded\b9f9154e-1581-4a2a-a195-eeb46e9e239b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\bb97e28d-bdfb-4fa4-902d-264275c5cb1b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\c6528f35-d623-4e84-a9b2-58ecb22dabd4.dll
c:\programdata\PCDr\6664\AddOnDownloaded\c746a3b1-ed0c-4bff-941c-d5e6f0583ce7.dll
c:\programdata\PCDr\6664\AddOnDownloaded\c749e834-df0f-483e-9946-33435f37c240.dll
c:\programdata\PCDr\6664\AddOnDownloaded\edb10714-8498-4679-a667-4c4c359de017.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ef32b2f9-e518-400c-8172-d1a06ae9d208.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ff34f184-7b2d-4b07-9131-b1349888b6e5.dll
c:\windows\SysWow64\csftxctl.ocx
c:\windows\wininit.ini
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-07-17 bis 2015-08-17 ))))))))))))))))))))))))))))))
.
.
2015-08-17 14:36 . 2015-08-17 14:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-08-17 14:36 . 2015-08-17 14:36 -------- d-----w- c:\users\Christine\AppData\Local\temp
2015-08-17 14:36 . 2015-08-17 14:36 -------- d-----w- c:\users\Admi_günter\AppData\Local\temp
2015-08-16 18:20 . 2015-08-16 19:27 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-08-15 16:36 . 2015-08-15 16:47 -------- d-----w- C:\FRST
2015-08-15 15:46 . 2015-08-15 15:46 -------- d-----w- c:\program files\Common Files\AV
2015-08-12 20:02 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 20:02 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 06:30 . 2015-07-28 20:05 774656 ----a-w- c:\windows\system32\invagent.dll
2015-08-12 06:30 . 2015-07-28 20:05 743424 ----a-w- c:\windows\system32\generaltel.dll
2015-08-12 06:30 . 2015-07-28 20:05 437760 ----a-w- c:\windows\system32\devinv.dll
2015-08-12 06:30 . 2015-07-28 20:05 1116672 ----a-w- c:\windows\system32\appraiser.dll
2015-08-12 06:30 . 2015-07-28 20:05 69120 ----a-w- c:\windows\system32\acmigration.dll
2015-08-12 06:30 . 2015-07-28 19:55 1148416 ----a-w- c:\windows\system32\aeinv.dll
2015-08-12 06:30 . 2015-07-28 20:09 17344 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-08-12 06:30 . 2015-07-28 20:05 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-08-12 06:27 . 2015-07-01 20:49 260096 ----a-w- c:\windows\system32\WebClnt.dll
2015-08-12 06:25 . 2015-07-09 17:57 193536 ----a-w- c:\windows\system32\notepad.exe
2015-07-25 21:36 . 2015-07-25 21:36 -------- d-----w- c:\programdata\PC-Doctor for Windows
2015-07-25 21:36 . 2015-07-25 21:36 -------- d-----w- c:\program files\Dell Support Center
2015-07-25 21:36 . 2015-07-25 21:36 -------- d-----w- c:\program files\Dell
2015-07-25 21:28 . 2015-07-25 21:28 -------- d-----w- c:\users\Günter\AppData\Local\Dell Edoc Viewer
2015-07-22 19:15 . 2015-07-22 19:15 74703 ----a-w- c:\windows\SysWow64\mfc45.dat
2015-07-22 19:15 . 2015-07-22 19:15 -------- d-----w- c:\programdata\iolo
2015-07-22 19:15 . 2015-07-22 19:15 -------- d-----w- c:\program files (x86)\iolo
2015-07-22 16:37 . 2015-07-22 16:37 2689680 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VBA\VBA7\VBE7.DLL
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-16 18:20 . 2015-03-21 19:38 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-16 18:19 . 2015-03-21 19:38 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-08-12 19:47 . 2011-06-10 20:26 132483416 ----a-w- c:\windows\system32\MRT.exe
2015-08-12 17:05 . 2012-04-09 08:39 778440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-12 17:05 . 2011-06-19 12:29 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-28 11:19 . 2015-01-24 16:21 162528 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-07-28 11:19 . 2015-01-24 16:21 141416 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-07-15 17:54 . 2015-08-12 06:28 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-07-04 18:07 . 2015-07-15 01:36 2087424 ----a-w- c:\windows\system32\ole32.dll
2015-07-04 17:48 . 2015-07-15 01:36 1414656 ----a-w- c:\windows\SysWow64\ole32.dll
2015-06-23 23:29 . 2015-06-23 23:29 1217192 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-06-18 06:41 . 2015-03-21 19:38 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-06-18 06:41 . 2015-03-21 19:38 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-06-17 17:47 . 2015-07-15 01:37 404992 ----a-w- c:\windows\system32\gdi32.dll
2015-06-17 17:37 . 2015-07-15 01:37 312320 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-06-16 22:23 . 2015-06-16 22:23 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2015-06-16 22:23 . 2015-06-16 22:23 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2015-06-15 21:50 . 2015-07-15 01:36 112064 ----a-w- c:\windows\system32\consent.exe
2015-06-15 21:45 . 2015-07-15 01:36 504320 ----a-w- c:\windows\system32\msihnd.dll
2015-06-15 21:45 . 2015-07-15 01:36 3242496 ----a-w- c:\windows\system32\msi.dll
2015-06-15 21:45 . 2015-07-15 01:36 70656 ----a-w- c:\windows\system32\appinfo.dll
2015-06-15 21:45 . 2015-07-15 01:36 1941504 ----a-w- c:\windows\system32\authui.dll
2015-06-15 21:44 . 2015-07-15 01:36 128000 ----a-w- c:\windows\system32\msiexec.exe
2015-06-15 21:43 . 2015-07-15 01:36 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2015-06-15 21:43 . 2015-07-15 01:36 2364416 ----a-w- c:\windows\SysWow64\msi.dll
2015-06-15 21:43 . 2015-07-15 01:36 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2015-06-15 21:42 . 2015-07-15 01:36 73216 ----a-w- c:\windows\SysWow64\msiexec.exe
2015-06-15 21:42 . 2015-07-15 01:36 25088 ----a-w- c:\windows\system32\msimsg.dll
2015-06-15 21:37 . 2015-07-15 01:36 25088 ----a-w- c:\windows\SysWow64\msimsg.dll
2015-06-09 18:03 . 2015-07-15 01:37 3180544 ----a-w- c:\windows\system32\rdpcorets.dll
2015-06-09 18:03 . 2015-07-15 01:37 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2015-06-02 00:07 . 2015-07-15 01:37 254976 ----a-w- c:\windows\system32\cewmdm.dll
2015-06-01 23:47 . 2015-07-15 01:37 210432 ----a-w- c:\windows\SysWow64\cewmdm.dll
2015-05-25 18:19 . 2015-06-10 05:28 1255424 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-10 05:28 879104 ----a-w- c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-10 05:28 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:18 . 2015-06-10 05:28 879104 ----a-w- c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-10 05:28 404992 ----a-w- c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-10 05:28 47104 ----a-w- c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-10 05:28 43008 ----a-w- c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-10 05:28 104448 ----a-w- c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-10 05:28 19456 ----a-w- c:\windows\system32\diskperf.exe
2015-05-25 18:01 . 2015-06-10 05:28 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-10 05:28 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-10 05:28 641536 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-05-25 18:00 . 2015-06-10 05:28 40448 ----a-w- c:\windows\SysWow64\typeperf.exe
2015-05-25 18:00 . 2015-06-10 05:28 364544 ----a-w- c:\windows\SysWow64\tracerpt.exe
2015-05-25 18:00 . 2015-06-10 05:28 37888 ----a-w- c:\windows\SysWow64\relog.exe
2015-05-25 18:00 . 2015-06-10 05:28 82944 ----a-w- c:\windows\SysWow64\logman.exe
2015-05-25 18:00 . 2015-06-10 05:28 17408 ----a-w- c:\windows\SysWow64\diskperf.exe
2015-05-25 17:00 . 2015-06-10 05:28 36864 ----a-w- c:\windows\system32\UtcResources.dll
2015-05-21 13:19 . 2015-06-05 07:40 193536 ----a-w- c:\windows\system32\aepic.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"DataSync Outlook"="c:\program files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe" [2009-12-07 720896]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-12-11 30877280]
"KSS"="c:\program files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" [2014-06-15 202080]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-12-12 7394584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ShwiconXP9106"="c:\program files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe" [2010-03-10 237568]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2009-12-01 963584]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336]
"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-17 50472]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2010-10-27 75048]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-25 1117528]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2015-06-26 40336]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-07-28 782008]
"Avira Systray"="c:\program files (x86)\Avira\Launcher\Avira.Systray.exe" [2015-07-02 134368]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2015-06-16 421888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [2010-08-11 163040]
.
c:\users\Günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
c:\users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-21 1132320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 CLKMSVC10_9EC60124;CyberLink Product - 2011/06/07 16:33;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cjusb;REINER SCT cyberJack USB Driver;c:\windows\system32\DRIVERS\cjusb.sys;c:\windows\SYSNATIVE\DRIVERS\cjusb.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\F492.tmp;c:\windows\SYSNATIVE\F492.tmp [x]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys;c:\windows\SYSNATIVE\drivers\pmxdrv.sys [x]
R3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys;c:\windows\SYSNATIVE\DRIVERS\PSKMAD.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 KSS;Kaspersky Security Scan Service;c:\program files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [x]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys;c:\windows\SYSNATIVE\drivers\HCW85BDA.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech Webcam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - CLKMDRV10_9EC60124
.
Inhalt des "geplante Tasks" Ordners
.
2015-08-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 17:05]
.
2015-08-16 c:\windows\Tasks\Defraggler Volume C Task.job
- c:\program files\Defraggler\df64.exe [2014-02-05 09:22]
.
2015-08-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-20 17:16]
.
2015-08-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-20 17:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-23 10920552]
"RunDLLEntry_THXCfg"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"RunDLLEntry_EptMon"="c:\windows\system32\EptMon64.dll" [2009-10-15 21504]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://ixquick.com/deu/?
uDefault_Search_URL = www.google.com
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = www.google.com
mDefault_Page_URL = www.google.com
mDefault_Search_URL = www.google.com
uSearchAssistant = www.google.com
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
c:\users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Versandhelfer.lnk - c:\program files (x86)\Versandhelfer\Versandhelfer.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-OpenFietsMap (BNL) - c:\garmin\Openstreetmap\OpenFietsMap\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\F492.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-08-17 16:49:34
ComboFix-quarantined-files.txt 2015-08-17 14:49
.
Vor Suchlauf: 18 Verzeichnis(se), 1.699.407.564.800 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 1.698.954.952.704 Bytes frei
.
- - End Of File - - 39B74F2D05ECF13F2A9107D56613DED6
Gruß! - günni42 |
|
18.08.2015, 09:50
| #7 |
| /// the machine /// TB-Ausbilder | Email- Konto gehackt? Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.08.2015, 18:54
| #8 |
| | Email- Konto gehackt? Hallo schrauber, heute Nacht waren wieder ein paar Mails unterwegs. Aber ich hab' meine Hausaufgaben gemacht - hoffentlich so wie Du es Dir wünscht - und dann werden wir sicher ein Stück weiter kommen. MBAM Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 18.08.2015 Suchlaufzeit: 15:58 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.08.18.04 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Admi_günter Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 564563 Abgelaufene Zeit: 16 Min., 16 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) 'Line 16270 (File "C:\...\AdwCleaner_5.001.exe"): Error: Variable used without being declared.' Aber den log konnte ich dann doch noch finden: Code:
ATTFilter # AdwCleaner v5.001 - Bericht erstellt 18/08/2015 um 16:39:06
# Aktualisiert 17/08/2015 von Xplode
# Datenbank : 2015-08-16.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Admi_günter - RECHNER_***
# Gestarted von : C:\Users\Günter\Downloads\AdwCleaner_5.001.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\ProgramData\PC Drivers HeadQuarters
[-] Ordner Gelöscht : C:\Users\Admi_günter\AppData\Local\PC_Drivers_Headquarters
[-] Ordner Gelöscht : C:\Users\Admi_günter\AppData\Roaming\pdfforge
[-] Ordner Gelöscht : C:\Users\Günter\AppData\LocalLow\weDownload Manager Pro
[-] Ordner Gelöscht : C:\Users\Günter\AppData\Roaming\pdfforge
***** [ Dateien ] *****
***** [ Verknüpfungen ] *****
[-] Verknüpfung Desinfiziert : C:\Users\Admi_günter\Desktop\WWW_Internet Explorer.lnk
[-] Verknüpfung Desinfiziert : C:\Users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Verknüpfung Desinfiziert : C:\Users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[-] Verknüpfung Desinfiziert : C:\Users\Admi_günter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Verknüpfung Desinfiziert : C:\Users\Admi_günter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E935E8C2-8F33-448E-8292-885736E481FE}
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E935E8C2-8F33-448E-8292-885736E481FE}
***** [ Internetbrowser ] *****
[-] [C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : de.ask.com
[-] [C:\Users\Günter\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : de.ask.com
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
########## EOF - \AdwCleaner[C1].txt - [6273 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 7 Home Premium x64
Ran by Admi_gnter on 18.08.2015 at 17:06:35,27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\Windows\system32\tasks\PCDEventLauncherTask
Successfully deleted: [Task] C:\Windows\system32\tasks\PCDoctorBackgroundMonitorTask
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3A2D5EBA-F86D-4BD3-A177-019765996711}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}
~~~ Files
Successfully deleted: [File] C:\Users\Admi_gnter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\search.lnk
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\esellerate
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.08.2015 at 17:08:23,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
durchgeführt von Admi_günter (Administrator) auf RECHNER_*** (18-08-2015 17:22:13)
Gestartet von C:\Users\Günter\Downloads
Geladene Profile: Günter & Admi_günter & (Verfügbare Profile: Günter & Admi_günter & Christine)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_232_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-23] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ShwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2010-10-27] (cyberlink)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-06-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-28] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-11] (Softthinks)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [CAHeadless] => c:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe [615808 2009-09-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084800 2012-04-25] (Nokia)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [Amazon Cloud Player] => C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CAHeadless] => c:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe [615808 2009-09-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084800 2012-04-25] (Nokia)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Cloud Player] => C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab ZAO)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab ZAO)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
Startup: C:\Users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2011-06-15]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-06-07]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2011-06-13]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts-x32: Gruppenrichtline erkannt <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL =
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL =
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003 -> DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL =
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {E935E8C2-8F33-448E-8292-885736E481FE} URL = hxxp://ixquick.com/do/metasearch.pl?query={searchTerms}&cat=web&pl=ie&language=deutsch
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6538/mcfscan.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{D1A003C6-1664-4416-B03E-A904900A29D8}: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-02-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-04-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-04-25] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-08-27]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [236016 2010-10-26] (CyberLink)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab ZAO)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-04] (Avira Operations GmbH & Co. KG)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir3.sys [33792 2010-06-03] (Hauppauge Computer Works, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\Windows\system32\F492.tmp [6144 2011-05-12] (Sophos Plc) [Datei ist nicht signiert]
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2014-08-06] ()
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-18 17:14 - 2015-08-18 17:14 - 00000000 ____D C:\Users\Günter\Downloads\FRST-OlderVersion
2015-08-18 17:08 - 2015-08-18 17:08 - 00001656 _____ C:\Users\Admi_günter\Desktop\JRT.txt
2015-08-18 16:57 - 2015-08-18 16:57 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Günter\Downloads\JRT.exe
2015-08-18 16:43 - 2015-08-18 16:43 - 00001201 _____ C:\Users\Günter\Downloads\Downloads - Verknüpfung (2).lnk
2015-08-18 16:39 - 2015-08-18 16:39 - 00006387 _____ C:\AdwCleaner[C1].txt
2015-08-18 16:36 - 2015-08-18 16:39 - 00000000 ____D C:\AdwCleaner
2015-08-18 16:36 - 2015-08-18 16:36 - 00006879 _____ C:\AdwCleaner[S1].txt
2015-08-18 16:31 - 2015-08-18 16:31 - 01573888 _____ C:\Users\Günter\Downloads\AdwCleaner_5.001.exe
2015-08-18 15:50 - 2015-08-18 15:50 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Günter\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-17 22:23 - 2015-08-18 07:51 - 00001951 _____ C:\Users\Günter\Desktop\Computer, Treiber, Internet - Verknüpfung.lnk
2015-08-17 20:45 - 2015-08-17 20:45 - 00000909 _____ C:\Users\Günter\Desktop\Email- Konto gehackt.url
2015-08-17 16:49 - 2015-08-17 16:49 - 00030376 _____ C:\ComboFix.txt
2015-08-17 16:23 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-17 16:23 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-17 16:23 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-17 16:14 - 2015-08-17 16:50 - 00000000 ____D C:\Qoobox
2015-08-17 16:14 - 2015-08-17 16:46 - 00000000 ____D C:\Windows\erdnt
2015-08-17 15:58 - 2015-08-17 15:58 - 05635195 ____R (Swearware) C:\Users\Günter\Downloads\ComboFix.exe
2015-08-16 22:01 - 2015-08-16 22:01 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Günter\Downloads\tdsskiller.exe
2015-08-16 20:20 - 2015-08-16 21:27 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-16 20:19 - 2015-08-16 22:48 - 00000000 ____D C:\Users\Admi_günter\Desktop\mbar
2015-08-16 18:51 - 2015-08-16 18:51 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Günter\Downloads\mbar-1.09.1.1004.exe
2015-08-15 22:21 - 2015-08-15 22:21 - 00001142 _____ C:\Users\Günter\Desktop\Avira.lnk
2015-08-15 19:02 - 2015-08-15 19:02 - 00380416 _____ C:\Users\Günter\Downloads\hz1tj6o4.exe
2015-08-15 18:57 - 2015-08-15 18:57 - 00380416 _____ C:\Users\Günter\Downloads\Gmer-19357.exe
2015-08-15 18:38 - 2015-08-15 18:39 - 00038767 _____ C:\Users\Günter\Downloads\Addition.txt
2015-08-15 18:37 - 2015-08-18 17:22 - 00024731 _____ C:\Users\Günter\Downloads\FRST.txt
2015-08-15 18:36 - 2015-08-18 17:22 - 00000000 ____D C:\FRST
2015-08-15 18:30 - 2015-08-18 17:14 - 02173440 _____ (Farbar) C:\Users\Günter\Downloads\FRST64.exe
2015-08-15 18:26 - 2015-08-15 18:26 - 00000484 _____ C:\Users\Günter\Desktop\defogger_disable.log
2015-08-15 18:26 - 2015-08-15 18:26 - 00000000 _____ C:\Users\Admi_günter\defogger_reenable
2015-08-15 18:23 - 2015-08-15 18:25 - 00050477 _____ C:\Users\Günter\Downloads\Defogger.exe
2015-08-15 17:46 - 2015-08-15 17:46 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-15 17:46 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-14 16:26 - 2015-08-14 16:26 - 00000000 ____D C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2015-08-13 07:50 - 2015-08-13 07:50 - 00001022 _____ C:\Users\Günter\Desktop\E-Mail.url
2015-08-12 22:02 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:02 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 08:30 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 08:30 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 08:30 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 08:28 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 08:28 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 08:28 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-12 08:28 - 2015-07-16 22:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-12 08:28 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 08:28 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 08:28 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 08:28 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 08:28 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 08:28 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 08:28 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 08:28 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 08:28 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 08:28 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 08:28 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 08:28 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 08:28 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-12 08:28 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 08:28 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 08:28 - 2015-07-16 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-12 08:28 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 08:28 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 08:28 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 08:28 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 08:28 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 08:28 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 08:28 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 08:28 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 08:28 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 08:28 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 08:28 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 08:28 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 08:28 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 08:28 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 08:28 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 08:28 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 08:28 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 08:28 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 08:28 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 08:28 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 08:28 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 08:28 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 08:28 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 08:28 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 08:28 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 08:28 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 08:28 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 08:28 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 08:28 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 08:28 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 08:28 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 08:28 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 08:28 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 08:28 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 08:28 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 08:28 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 08:28 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 08:28 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 08:28 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 08:28 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 08:28 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 08:28 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 08:28 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 08:28 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 08:28 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 08:28 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 08:28 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 08:28 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 08:28 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 08:28 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 08:28 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 08:28 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 08:28 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 08:28 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 08:28 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 08:28 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-12 08:27 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 08:27 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 08:27 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 08:27 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 08:27 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 08:27 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 08:27 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 08:27 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 08:27 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 08:27 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 08:27 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 08:27 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 08:27 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 08:27 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 08:27 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 08:27 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 08:27 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 08:25 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 08:25 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 08:25 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 08:25 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 08:25 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 08:25 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 08:25 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 08:25 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 08:25 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-31 22:22 - 2015-07-31 22:40 - 00000000 ____D C:\Users\Public\Documents\QV7_Data
2015-07-28 20:08 - 2015-07-28 20:28 - 3268147200 _____ C:\Users\Günter\Downloads\WIN_7_HOME_MAR_64.iso
2015-07-25 23:36 - 2015-07-25 23:36 - 00003236 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\Program Files\Dell Support Center
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\Program Files\Dell
2015-07-25 23:28 - 2015-07-25 23:28 - 00000000 ____D C:\Users\Günter\AppData\Local\Dell Edoc Viewer
2015-07-22 21:15 - 2015-07-22 21:15 - 00074703 _____ C:\Windows\SysWOW64\mfc45.dat
2015-07-22 21:15 - 2015-07-22 21:15 - 00001181 _____ C:\Users\Admi_günter\Desktop\System Checkup.lnk
2015-07-22 21:15 - 2015-07-22 21:15 - 00000000 ____D C:\ProgramData\iolo
2015-07-22 21:15 - 2015-07-22 21:15 - 00000000 ____D C:\Program Files (x86)\iolo
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-18 17:05 - 2012-08-24 00:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-18 16:47 - 2011-12-20 20:28 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-18 16:39 - 2014-08-06 11:59 - 00000981 _____ C:\Users\Admi_günter\Desktop\WWW_Internet Explorer.lnk
2015-08-18 16:39 - 2011-06-12 17:32 - 00001011 _____ C:\Users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-18 15:57 - 2015-03-21 21:38 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-18 15:56 - 2015-03-21 21:38 - 00001108 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-18 15:56 - 2015-03-21 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-08-18 15:56 - 2015-03-21 21:38 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-08-18 15:50 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-18 15:50 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-18 15:45 - 2011-06-17 14:09 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2015-08-18 10:14 - 2011-06-15 17:24 - 00000000 ____D C:\Users\Admi_günter\Documents\Outlook-Dateien
2015-08-18 10:09 - 2011-06-07 16:17 - 01889368 _____ C:\Windows\WindowsUpdate.log
2015-08-18 09:59 - 2011-06-14 15:32 - 00000000 ____D C:\Users\Günter\Documents\Outlook-Dateien
2015-08-18 09:58 - 2010-11-21 08:50 - 00702964 _____ C:\Windows\system32\perfh007.dat
2015-08-18 09:58 - 2010-11-21 08:50 - 00150604 _____ C:\Windows\system32\perfc007.dat
2015-08-18 09:58 - 2009-07-14 07:13 - 01629436 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-18 09:57 - 2011-12-20 20:28 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-18 09:51 - 2015-04-11 07:14 - 00009129 _____ C:\Windows\setupact.log
2015-08-18 09:51 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-17 21:11 - 2015-04-26 16:55 - 00027168 _____ C:\Windows\PFRO.log
2015-08-17 21:11 - 2013-04-18 22:52 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-17 16:49 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-17 16:36 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-17 16:22 - 2013-04-18 22:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-17 07:24 - 2012-05-06 17:30 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C33D8848-18DE-459E-8709-DEAC61BCC9A7}
2015-08-16 21:58 - 2014-05-28 11:16 - 00000000 ____D C:\Users\Admi_günter\AppData\Roaming\Skype
2015-08-16 20:58 - 2011-06-07 16:43 - 00000000 ____D C:\ProgramData\Sonic
2015-08-16 20:58 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 20:56 - 2011-06-12 17:32 - 00000000 ____D C:\Users\Admi_günter\AppData\Local\SoftThinks
2015-08-16 13:37 - 2015-02-16 00:27 - 00000430 _____ C:\Windows\Tasks\Defraggler Volume C Task.job
2015-08-15 18:26 - 2011-06-12 17:32 - 00000000 ____D C:\Users\Admi_günter
2015-08-14 14:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-13 15:39 - 2013-09-03 15:45 - 00000219 _____ C:\Users\Günter\Desktop\www_ixquick Suche.url
2015-08-12 23:27 - 2015-05-30 21:06 - 00000458 _____ C:\Users\Günter\Desktop\www_PayPal.url
2015-08-12 22:26 - 2009-07-14 06:45 - 00489808 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 22:24 - 2014-12-11 16:36 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 22:24 - 2014-05-06 22:34 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 22:01 - 2011-06-13 01:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 21:57 - 2013-08-15 21:53 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 21:57 - 2009-07-14 04:34 - 00000510 _____ C:\Windows\win.ini
2015-08-12 21:47 - 2011-06-10 22:26 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 19:05 - 2012-08-24 00:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 19:05 - 2012-04-09 10:39 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 19:05 - 2011-06-19 14:29 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-06 20:10 - 2011-06-16 21:23 - 00000000 ____D C:\Users\Günter\Documents\Computer, Treiber, Internet
2015-08-05 17:58 - 2011-06-16 21:28 - 00000000 ____D C:\Users\Günter\Documents\Telekom
2015-08-01 00:16 - 2013-09-08 23:50 - 00000000 ____D C:\Program Files (x86)\TTQV4
2015-07-31 22:44 - 2011-06-14 21:28 - 00000064 _____ C:\Windows\control.ini
2015-07-31 22:22 - 2015-02-28 00:50 - 00001074 _____ C:\Users\Admi_günter\Desktop\QuoVadis 7.lnk
2015-07-31 22:22 - 2015-02-28 00:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuoVadis 7
2015-07-31 22:22 - 2013-09-15 12:21 - 00000000 ____D C:\Program Files (x86)\QuoVadis7
2015-07-30 21:56 - 2015-01-24 18:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-30 21:56 - 2015-01-24 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-28 20:51 - 2011-06-10 18:54 - 00000000 ____D C:\Users\Günter\AppData\Roaming\Roxio
2015-07-28 13:19 - 2015-01-24 18:21 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-28 13:19 - 2015-01-24 18:21 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-28 08:23 - 2011-02-11 19:13 - 00000000 ____D C:\Windows\panther
2015-07-28 08:17 - 2015-07-10 19:28 - 00000000 ____D C:\$Windows.~BT
2015-07-25 23:43 - 2011-06-17 14:09 - 00099106 _____ C:\Windows\system32\lvcoinst.log
2015-07-25 23:37 - 2012-05-06 16:53 - 00000000 ____D C:\Users\Admi_günter\AppData\Roaming\PCDr
2015-07-25 23:36 - 2011-06-12 17:00 - 00000000 ____D C:\ProgramData\PCDr
2015-07-25 23:36 - 2011-06-07 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-07-25 22:34 - 2015-04-04 23:37 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-21 17:47 - 2014-12-12 08:40 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-07-21 17:47 - 2011-06-07 16:41 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-07-21 17:45 - 2015-05-17 23:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-20 17:55 - 2015-04-04 23:37 - 00000000 ___SD C:\Windows\SysWOW64\GWX
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-04-13 23:18 - 2012-04-13 23:18 - 0000361 _____ () C:\Users\Admi_günter\AppData\Roaming\dpdhl.versandhelfer_state.xml
2011-11-05 19:48 - 2011-11-30 16:16 - 0124657 _____ () C:\Users\Admi_günter\AppData\Local\ars.cache
2011-11-05 19:48 - 2011-11-30 16:16 - 0920400 _____ () C:\Users\Admi_günter\AppData\Local\census.cache
2013-07-31 10:43 - 2013-07-31 10:43 - 0003584 _____ () C:\Users\Admi_günter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-05 19:41 - 2011-11-05 19:41 - 0000036 _____ () C:\Users\Admi_günter\AppData\Local\housecall.guid.cache
2011-06-29 12:18 - 2015-05-17 23:45 - 0007646 _____ () C:\Users\Admi_günter\AppData\Local\Resmon.ResmonCfg
2013-05-02 22:40 - 2013-05-02 22:40 - 0000152 _____ () C:\ProgramData\3mj1ol.reg
2013-05-02 22:40 - 2013-05-02 22:49 - 0000000 _____ () C:\ProgramData\as98213.txt
2011-06-22 15:58 - 2011-06-22 15:58 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\3mj1ol.reg
Einige Dateien in TEMP:
====================
C:\Users\Admi_günter\AppData\Local\temp\sqlite3.dll
C:\Users\Günter\AppData\Local\temp\avgnt.exe
C:\Users\Günter\AppData\Local\temp\NOSEventMessages.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-14 14:09
==================== Ende von Ergebnis ============================
Gruß! - günni42 |
|
19.08.2015, 08:40
| #9 |
| /// the machine /// TB-Ausbilder | Email- Konto gehackt?ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.08.2015, 00:27
| #10 |
| | Email- Konto gehackt? Hallo Schrauber, heute Nacht, also vor dem ESET- Scan, wurden wieder etliche Mails verschickt, bzw. vom Mailer Daemon zurückgeschickt (wg. SPAM). Code:
ATTFilter Von Betreff Erhalten Größe Kategorien
Mail Delivery System Mail Delivery Failure Di 23:03 14 KB
Mail Delivery System Mail Delivery Failure Di 23:03 14 KB
Mail Delivery System Mail Delivery Failure Di 23:03 14 KB
Mail Delivery System Mail Delivery Failure Di 23:03 14 KB
Mail Delivery System Mail Delivery Failure Di 23:03 14 KB
Mail Delivery System Mail Delivery Failure Di 23:03 14 KB
Mail Delivery System Mail Delivery Failure Di 23:03 11 KB
*******@t-online.de *SPAM* Fw: important Di 23:03 30 KB
*******@t-online.de *SPAM* Fw: important Di 23:03 30 KB
Mail Delivery System Mail Delivery Failure Di 23:03 14 KB
Mail Delivery System Mail Delivery Failure Di 23:03 14 KB
Mail Delivery System Mail Delivery Failure Di 23:03 14 KB
Mail Delivery System Mail Delivery Failure Di 23:03 14 KB
Mail Delivery System Mail Delivery Failure Di 23:03 14 KB
Mail Delivery System Mail Delivery Failure Di 23:03 14 KB
Mail Delivery System Mail Delivery Failure Di 23:03 14 KB
Mail Delivery System Mail Delivery Failure Di 23:03 14 KB
Mail Delivery System Mail Delivery Failure Di 23:03 11 KB
*******@t-online.de *SPAM* Fw: important Di 23:03 30 KB
*******@t-online.de *SPAM* Fw: important Di 23:03 30 KB
Pauline *SPAM* Fw: important Di 23:03 10 KB
Mail Delivery System Undelivered Mail Returned to Sender Di 23:03 51 KB
*****@t-online.de *SPAM* Fw: important Di 3:13 15 KB
Mail Delivery System *SPAM* Mail konnte nicht zugestellt werden / Undelivered Mail Returned to Sender Di 3:13 64 KB
Mail Delivery Service Delivery Status Notification Di 3:11 32 KB
Mail Delivery Service Delivery Status Notification Di 3:11 38 KB
*******@t-online.de *SPAM* Fw: important Di 3:11 26 KB
Mail Delivery System Mail delivery failed: returning message to sender Di 3:08 31 KB
Pauline *SPAM* Fw: important Di 3:08 11 KB
ESET schickte beim Installationsversuch eine Fehlermeldung: 'Updates funktionieren nicht. Ist ein Proxy eingerichtet?' 'Hinweis: Eset Online Scanner wurde auf diesem Computer bereits ausgeführt. Es werden... ' --- Ach ja: Ich hatte die Internet Verbindung gekappt wg. Deaktivierung von Avira/ Firewall. Nach der Aktualisierung hab' ich wieder den Stecker gezogen. (Ist das ok?). ESET Code:
ATTFilter ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=edb04f82199e9d42a5ede181fce5c57b
# engine=23019
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-22 07:24:14
# local_time=2015-03-22 08:24:14 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4896095 178638904 0 0
# scanned=26222
# found=0
# cleaned=0
# scan_time=572
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=edb04f82199e9d42a5ede181fce5c57b
# end=init
# utc_time=2015-08-19 09:38:08
# local_time=2015-08-19 11:38:08 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=45315
Update Finalize
Updated modules version: 23019
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=45315
Update Finalize
Updated modules version: 23019
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=45315
Update Finalize
Updated modules version: 23019
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=45315
Update Finalize
Updated modules version: 23019
Update Init
Update Download
Update Finalize
Updated modules version: 25346
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=edb04f82199e9d42a5ede181fce5c57b
# end=updated
# utc_time=2015-08-19 10:05:51
# local_time=2015-08-19 12:05:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=edb04f82199e9d42a5ede181fce5c57b
# engine=25346
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-19 05:08:11
# local_time=2015-08-19 07:08:11 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 17891132 191633941 0 0
# scanned=679419
# found=30
# cleaned=0
# scan_time=25340
sh=C2CE7FE6ADA46C11A1006F7D4F9E0C4457443393 ft=1 fh=3cf6a2e5af2a0045 vn="Variante von Win32/Adware.AdvPCTweak Anwendung" ac=I fn="C:\Users\Günter\Documents\AdvancedPCTweaker_Setup.exe"
sh=39CBE0732ADA69A3D33EE0CF2D3D99CF103952CF ft=1 fh=c2f98b2cb92ce22d vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe"
sh=05B477178F0306274216373DBE85EDE1865F0B86 ft=1 fh=1abf0d6f1d510bb8 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe"
sh=6994FC133F3D99F1B1257370C9BC01BD54AF5D30 ft=1 fh=d1eb868415c0b931 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe"
sh=44E4D7AEDCA905466F69913241BCDC7A753213E1 ft=1 fh=930c7438f78acb51 vn="Variante von Win32/AdInstaller evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe"
sh=39CBE0732ADA69A3D33EE0CF2D3D99CF103952CF ft=1 fh=c2f98b2cb92ce22d vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe"
sh=05B477178F0306274216373DBE85EDE1865F0B86 ft=1 fh=1abf0d6f1d510bb8 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe"
sh=6994FC133F3D99F1B1257370C9BC01BD54AF5D30 ft=1 fh=d1eb868415c0b931 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe"
sh=44E4D7AEDCA905466F69913241BCDC7A753213E1 ft=1 fh=930c7438f78acb51 vn="Variante von Win32/AdInstaller evtl. unerwünschte Anwendung" ac=I fn="J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe"
sh=D7303D8BF9B04401D9BD5E487197290816E42FE1 ft=0 fh=0000000000000000 vn="Variante von Win32/Adware.AdvPCTweak Anwendung" ac=I fn="J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 1.zip"
sh=FC2B0293AAB3F22D4402CCC0F0805CD3381DCD64 ft=0 fh=0000000000000000 vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 50.zip"
sh=F2812205487D126E17F73B07AB0B2D2D270E41D5 ft=0 fh=0000000000000000 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 6.zip"
sh=EFFE1DE19E85CBD1C482E14CD448B8FB67974C3C ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 8.zip"
sh=E25AE9B9A55E600C7FD821B3549EF0395058B13B ft=0 fh=0000000000000000 vn="Variante von Win32/Adware.AdvPCTweak Anwendung" ac=I fn="K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 1.zip"
sh=0DB3E2BBFC2E9533D014B3C147BD4501E20E6269 ft=0 fh=0000000000000000 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 6.zip"
sh=1283A4CCC148159CD08515CC6BB87CE1884E2F5E ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 8.zip"
sh=BC73519E747B2A94B82A897D36FCF93378DB884A ft=0 fh=0000000000000000 vn="Variante von Win32/AdInstaller evtl. unerwünschte Anwendung" ac=I fn="K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 9.zip"
sh=23DB09F75970AC738A036CC31487090746ADAA1B ft=0 fh=0000000000000000 vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 50.zip"
sh=44E4D7AEDCA905466F69913241BCDC7A753213E1 ft=1 fh=930c7438f78acb51 vn="Variante von Win32/AdInstaller evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe"
sh=39CBE0732ADA69A3D33EE0CF2D3D99CF103952CF ft=1 fh=c2f98b2cb92ce22d vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe"
sh=44E4D7AEDCA905466F69913241BCDC7A753213E1 ft=1 fh=930c7438f78acb51 vn="Variante von Win32/AdInstaller evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe"
sh=39CBE0732ADA69A3D33EE0CF2D3D99CF103952CF ft=1 fh=c2f98b2cb92ce22d vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe"
sh=44E4D7AEDCA905466F69913241BCDC7A753213E1 ft=1 fh=930c7438f78acb51 vn="Variante von Win32/AdInstaller evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe"
sh=39CBE0732ADA69A3D33EE0CF2D3D99CF103952CF ft=1 fh=c2f98b2cb92ce22d vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe"
sh=44E4D7AEDCA905466F69913241BCDC7A753213E1 ft=1 fh=930c7438f78acb51 vn="Variante von Win32/AdInstaller evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe"
sh=39CBE0732ADA69A3D33EE0CF2D3D99CF103952CF ft=1 fh=c2f98b2cb92ce22d vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe"
sh=6994FC133F3D99F1B1257370C9BC01BD54AF5D30 ft=1 fh=d1eb868415c0b931 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe"
sh=44E4D7AEDCA905466F69913241BCDC7A753213E1 ft=1 fh=930c7438f78acb51 vn="Variante von Win32/AdInstaller evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe"
sh=05B477178F0306274216373DBE85EDE1865F0B86 ft=1 fh=1abf0d6f1d510bb8 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe"
sh=39CBE0732ADA69A3D33EE0CF2D3D99CF103952CF ft=1 fh=c2f98b2cb92ce22d vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe"
‘Trügerischer Absender Deutsche Telekom warnt vor gefährlichem Spam 19.08.2015, 16:02 Uhr | Deutsche Telekom, t-online.de ‘ Security Check Code:
ATTFilter Results of screen317's Security Check version 1.006
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Antivirus
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Panda Cloud Cleaner
Adobe Reader 10.1.15 Adobe Reader out of Date!
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Kaspersky Lab Kaspersky Security Scan 2.0 kss.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-08-2015
durchgeführt von Admi_günter (Administrator) auf RECHNER_**** (19-08-2015 23:47:08)
Gestartet von C:\Users\Günter\Downloads
Geladene Profile: Günter & Admi_günter (Verfügbare Profile: Günter & Admi_günter & Christine)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(O3SIS AG) C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_232_ActiveX.exe
(Microsoft Corporation) C:\Windows\winsxs\amd64_microsoft-windows-s..-downlevel.binaries_31bf3856ad364e35_6.3.9600.17959_none_5f900bc2ff54de5e\MsSpellCheckingFacility.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-23] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ShwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2010-10-27] (cyberlink)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-06-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-28] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-11] (Softthinks)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [CAHeadless] => c:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe [615808 2009-09-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084800 2012-04-25] (Nokia)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [Amazon Cloud Player] => C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab ZAO)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
Startup: C:\Users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2011-06-15]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-06-07]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2011-06-13]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts-x32: Gruppenrichtline erkannt <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL =
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003 -> DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6538/mcfscan.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{D1A003C6-1664-4416-B03E-A904900A29D8}: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-02-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-04-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-04-25] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-08-27]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [236016 2010-10-26] (CyberLink)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab ZAO)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)
R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-04] (Avira Operations GmbH & Co. KG)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
R5 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-01-31] (Microsoft Corporation)
R5 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir3.sys [33792 2010-06-03] (Hauppauge Computer Works, Inc.)
R5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)
R5 iaStor; C:\Windows\System32\drivers\iaStor.sys [437272 2010-09-14] (Intel Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-07-15] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155584 2015-07-15] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\Windows\system32\F492.tmp [6144 2011-05-12] (Sophos Plc) [Datei ist nicht signiert]
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-07-15] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2014-08-06] ()
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
R5 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55856 2010-03-19] (Sonic Solutions)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)
R5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-26] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-19 23:40 - 2015-08-19 23:47 - 00025492 _____ C:\Users\Günter\Downloads\FRST.txt
2015-08-19 23:05 - 2015-08-19 23:05 - 00852684 _____ C:\Users\Günter\Downloads\SecurityCheck.exe
2015-08-19 11:35 - 2015-08-19 11:35 - 02870984 _____ (ESET) C:\Users\Günter\Downloads\esetsmartinstaller_deu.exe
2015-08-19 07:50 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 07:50 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 07:50 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 07:50 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-18 17:14 - 2015-08-19 23:40 - 00000000 ____D C:\Users\Günter\Downloads\FRST-OlderVersion
2015-08-18 17:08 - 2015-08-18 17:08 - 00001656 _____ C:\Users\Admi_günter\Desktop\JRT.txt
2015-08-18 16:57 - 2015-08-18 16:57 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Günter\Downloads\JRT.exe
2015-08-18 16:43 - 2015-08-18 16:43 - 00001201 _____ C:\Users\Günter\Downloads\Downloads - Verknüpfung (2).lnk
2015-08-18 16:36 - 2015-08-18 16:39 - 00000000 ____D C:\AdwCleaner
2015-08-18 16:31 - 2015-08-18 16:31 - 01573888 _____ C:\Users\Günter\Downloads\AdwCleaner_5.001.exe
2015-08-18 15:50 - 2015-08-18 15:50 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Günter\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-17 22:23 - 2015-08-18 07:51 - 00001951 _____ C:\Users\Günter\Desktop\Computer, Treiber, Internet - Verknüpfung.lnk
2015-08-17 20:45 - 2015-08-17 20:45 - 00000909 _____ C:\Users\Günter\Desktop\Email- Konto gehackt.url
2015-08-17 16:49 - 2015-08-17 16:49 - 00030376 _____ C:\ComboFix.txt
2015-08-17 16:23 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-17 16:23 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-17 16:23 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-17 16:14 - 2015-08-17 16:50 - 00000000 ____D C:\Qoobox
2015-08-17 16:14 - 2015-08-17 16:46 - 00000000 ____D C:\Windows\erdnt
2015-08-17 15:58 - 2015-08-17 15:58 - 05635195 ____R (Swearware) C:\Users\Günter\Downloads\ComboFix.exe
2015-08-16 22:01 - 2015-08-16 22:01 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Günter\Downloads\tdsskiller.exe
2015-08-16 20:20 - 2015-08-16 21:27 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-16 20:19 - 2015-08-16 22:48 - 00000000 ____D C:\Users\Admi_günter\Desktop\mbar
2015-08-16 18:51 - 2015-08-16 18:51 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Günter\Downloads\mbar-1.09.1.1004.exe
2015-08-15 22:21 - 2015-08-15 22:21 - 00001142 _____ C:\Users\Günter\Desktop\Avira.lnk
2015-08-15 19:02 - 2015-08-15 19:02 - 00380416 _____ C:\Users\Günter\Downloads\hz1tj6o4.exe
2015-08-15 18:57 - 2015-08-15 18:57 - 00380416 _____ C:\Users\Günter\Downloads\Gmer-19357.exe
2015-08-15 18:38 - 2015-08-15 18:39 - 00038767 _____ C:\Users\Günter\Downloads\Addition.txt
2015-08-15 18:37 - 2015-08-18 17:22 - 00068935 _____ C:\Users\Günter\Downloads\FRST_150818.txt
2015-08-15 18:36 - 2015-08-19 23:47 - 00000000 ____D C:\FRST
2015-08-15 18:30 - 2015-08-19 23:40 - 02173952 _____ (Farbar) C:\Users\Günter\Downloads\FRST64.exe
2015-08-15 18:26 - 2015-08-15 18:26 - 00000484 _____ C:\Users\Günter\Desktop\defogger_disable.log
2015-08-15 18:26 - 2015-08-15 18:26 - 00000000 _____ C:\Users\Admi_günter\defogger_reenable
2015-08-15 18:23 - 2015-08-15 18:25 - 00050477 _____ C:\Users\Günter\Downloads\Defogger.exe
2015-08-15 17:46 - 2015-08-15 17:46 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-15 17:46 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-14 16:26 - 2015-08-14 16:26 - 00000000 ____D C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2015-08-13 07:50 - 2015-08-13 07:50 - 00001022 _____ C:\Users\Günter\Desktop\E-Mail.url
2015-08-12 22:02 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:02 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 08:30 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 08:30 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 08:30 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 08:28 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 08:28 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 08:28 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 08:28 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 08:28 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 08:28 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 08:28 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 08:28 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 08:28 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 08:28 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 08:28 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 08:28 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 08:28 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 08:28 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 08:28 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 08:28 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 08:28 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 08:28 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 08:28 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 08:28 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 08:28 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 08:28 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 08:28 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 08:28 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 08:28 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 08:28 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 08:28 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 08:28 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 08:28 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 08:28 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 08:28 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 08:28 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 08:28 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 08:28 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 08:28 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 08:28 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 08:28 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 08:28 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 08:28 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 08:28 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 08:28 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 08:28 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 08:28 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 08:28 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 08:28 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 08:28 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 08:28 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 08:28 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 08:28 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 08:28 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 08:28 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 08:28 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 08:28 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 08:28 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 08:28 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 08:28 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 08:28 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 08:28 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 08:28 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 08:28 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 08:28 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 08:28 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 08:28 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 08:28 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 08:28 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 08:28 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 08:28 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 08:28 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 08:28 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 08:28 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 08:28 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 08:28 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-12 08:27 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 08:27 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 08:27 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 08:27 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 08:27 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 08:27 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 08:27 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 08:27 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 08:27 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 08:27 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 08:27 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 08:27 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 08:27 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 08:27 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 08:27 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 08:27 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 08:27 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 08:25 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 08:25 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 08:25 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 08:25 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 08:25 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 08:25 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 08:25 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 08:25 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 08:25 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-31 22:22 - 2015-07-31 22:40 - 00000000 ____D C:\Users\Public\Documents\QV7_Data
2015-07-28 20:08 - 2015-07-28 20:28 - 3268147200 _____ C:\Users\Günter\Downloads\WIN_7_HOME_MAR_64.iso
2015-07-25 23:36 - 2015-07-25 23:36 - 00003236 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\Program Files\Dell Support Center
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\Program Files\Dell
2015-07-25 23:28 - 2015-07-25 23:28 - 00000000 ____D C:\Users\Günter\AppData\Local\Dell Edoc Viewer
2015-07-22 21:15 - 2015-07-22 21:15 - 00074703 _____ C:\Windows\SysWOW64\mfc45.dat
2015-07-22 21:15 - 2015-07-22 21:15 - 00001181 _____ C:\Users\Admi_günter\Desktop\System Checkup.lnk
2015-07-22 21:15 - 2015-07-22 21:15 - 00000000 ____D C:\ProgramData\iolo
2015-07-22 21:15 - 2015-07-22 21:15 - 00000000 ____D C:\Program Files (x86)\iolo
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-19 23:47 - 2011-12-20 20:28 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-19 23:47 - 2011-06-14 15:32 - 00000000 ____D C:\Users\Günter\Documents\Outlook-Dateien
2015-08-19 23:11 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-19 23:11 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-19 23:05 - 2012-08-24 00:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-19 22:47 - 2011-12-20 20:28 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-19 20:11 - 2011-06-07 16:17 - 01950640 _____ C:\Windows\WindowsUpdate.log
2015-08-19 13:17 - 2011-06-17 14:09 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2015-08-19 11:44 - 2011-06-15 17:24 - 00000000 ____D C:\Users\Admi_günter\Documents\Outlook-Dateien
2015-08-19 11:42 - 2010-11-21 08:50 - 00702964 _____ C:\Windows\system32\perfh007.dat
2015-08-19 11:42 - 2010-11-21 08:50 - 00150604 _____ C:\Windows\system32\perfc007.dat
2015-08-19 11:42 - 2009-07-14 07:13 - 01629436 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-19 07:52 - 2015-04-11 07:14 - 00009465 _____ C:\Windows\setupact.log
2015-08-19 07:52 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-18 21:46 - 2013-09-08 23:50 - 00000000 ____D C:\Program Files (x86)\TTQV4
2015-08-18 21:46 - 2011-06-14 21:28 - 00000063 _____ C:\Windows\control.ini
2015-08-18 16:39 - 2014-08-06 11:59 - 00000981 _____ C:\Users\Admi_günter\Desktop\WWW_Internet Explorer.lnk
2015-08-18 16:39 - 2011-06-12 17:32 - 00001011 _____ C:\Users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-18 15:57 - 2015-03-21 21:38 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-18 15:56 - 2015-03-21 21:38 - 00001108 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-18 15:56 - 2015-03-21 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-08-18 15:56 - 2015-03-21 21:38 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-08-17 21:11 - 2015-04-26 16:55 - 00027168 _____ C:\Windows\PFRO.log
2015-08-17 21:11 - 2013-04-18 22:52 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-17 16:49 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-17 16:36 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-17 16:22 - 2013-04-18 22:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-17 07:24 - 2012-05-06 17:30 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C33D8848-18DE-459E-8709-DEAC61BCC9A7}
2015-08-16 21:58 - 2014-05-28 11:16 - 00000000 ____D C:\Users\Admi_günter\AppData\Roaming\Skype
2015-08-16 20:58 - 2011-06-07 16:43 - 00000000 ____D C:\ProgramData\Sonic
2015-08-16 20:58 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 20:56 - 2011-06-12 17:32 - 00000000 ____D C:\Users\Admi_günter\AppData\Local\SoftThinks
2015-08-16 13:37 - 2015-02-16 00:27 - 00000430 _____ C:\Windows\Tasks\Defraggler Volume C Task.job
2015-08-15 18:26 - 2011-06-12 17:32 - 00000000 ____D C:\Users\Admi_günter
2015-08-14 14:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-13 15:39 - 2013-09-03 15:45 - 00000219 _____ C:\Users\Günter\Desktop\www_ixquick Suche.url
2015-08-12 23:27 - 2015-05-30 21:06 - 00000458 _____ C:\Users\Günter\Desktop\www_PayPal.url
2015-08-12 22:26 - 2009-07-14 06:45 - 00489808 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 22:24 - 2014-12-11 16:36 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 22:24 - 2014-05-06 22:34 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 22:01 - 2011-06-13 01:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 21:57 - 2013-08-15 21:53 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 21:57 - 2009-07-14 04:34 - 00000510 _____ C:\Windows\win.ini
2015-08-12 21:47 - 2011-06-10 22:26 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 19:05 - 2012-08-24 00:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 19:05 - 2012-04-09 10:39 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 19:05 - 2011-06-19 14:29 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-06 20:10 - 2011-06-16 21:23 - 00000000 ____D C:\Users\Günter\Documents\Computer, Treiber, Internet
2015-08-05 17:58 - 2011-06-16 21:28 - 00000000 ____D C:\Users\Günter\Documents\Telekom
2015-07-31 22:22 - 2015-02-28 00:50 - 00001074 _____ C:\Users\Admi_günter\Desktop\QuoVadis 7.lnk
2015-07-31 22:22 - 2015-02-28 00:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuoVadis 7
2015-07-31 22:22 - 2013-09-15 12:21 - 00000000 ____D C:\Program Files (x86)\QuoVadis7
2015-07-30 21:56 - 2015-01-24 18:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-30 21:56 - 2015-01-24 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-28 20:51 - 2011-06-10 18:54 - 00000000 ____D C:\Users\Günter\AppData\Roaming\Roxio
2015-07-28 13:19 - 2015-01-24 18:21 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-28 13:19 - 2015-01-24 18:21 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-28 08:23 - 2011-02-11 19:13 - 00000000 ____D C:\Windows\panther
2015-07-28 08:17 - 2015-07-10 19:28 - 00000000 ____D C:\$Windows.~BT
2015-07-25 23:43 - 2011-06-17 14:09 - 00099106 _____ C:\Windows\system32\lvcoinst.log
2015-07-25 23:37 - 2012-05-06 16:53 - 00000000 ____D C:\Users\Admi_günter\AppData\Roaming\PCDr
2015-07-25 23:36 - 2011-06-12 17:00 - 00000000 ____D C:\ProgramData\PCDr
2015-07-25 23:36 - 2011-06-07 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-07-25 22:34 - 2015-04-04 23:37 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-21 17:47 - 2014-12-12 08:40 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-07-21 17:47 - 2011-06-07 16:41 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-07-21 17:45 - 2015-05-17 23:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-20 17:55 - 2015-04-04 23:37 - 00000000 ___SD C:\Windows\SysWOW64\GWX
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-04-13 23:18 - 2012-04-13 23:18 - 0000361 _____ () C:\Users\Admi_günter\AppData\Roaming\dpdhl.versandhelfer_state.xml
2011-11-05 19:48 - 2011-11-30 16:16 - 0124657 _____ () C:\Users\Admi_günter\AppData\Local\ars.cache
2011-11-05 19:48 - 2011-11-30 16:16 - 0920400 _____ () C:\Users\Admi_günter\AppData\Local\census.cache
2013-07-31 10:43 - 2013-07-31 10:43 - 0003584 _____ () C:\Users\Admi_günter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-05 19:41 - 2011-11-05 19:41 - 0000036 _____ () C:\Users\Admi_günter\AppData\Local\housecall.guid.cache
2011-06-29 12:18 - 2015-05-17 23:45 - 0007646 _____ () C:\Users\Admi_günter\AppData\Local\Resmon.ResmonCfg
2013-05-02 22:40 - 2013-05-02 22:40 - 0000152 _____ () C:\ProgramData\3mj1ol.reg
2013-05-02 22:40 - 2013-05-02 22:49 - 0000000 _____ () C:\ProgramData\as98213.txt
2011-06-22 15:58 - 2011-06-22 15:58 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\3mj1ol.reg
Einige Dateien in TEMP:
====================
C:\Users\Admi_günter\AppData\Local\temp\sqlite3.dll
C:\Users\Günter\AppData\Local\temp\avgnt.exe
C:\Users\Günter\AppData\Local\temp\NOSEventMessages.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-14 14:09
==================== Ende von Ergebnis ============================
Gruß! - günni42 |
|
20.08.2015, 15:26
| #11 |
| /// the machine /// TB-Ausbilder | Email- Konto gehackt? Adobe updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Günter\Documents\AdvancedPCTweaker_Setup.exe
C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe
C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe
C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 1.zip
J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 50.zip
J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 6.zip
J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 8.zip
K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 1.zip
K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 6.zip
K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 8.zip
K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 9.zip
K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 50.zip
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Passwort zum Account geändert?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.08.2015, 10:35
| #12 |
| | Email- Konto gehackt? Hallo schrauber, ich war bis jetzt anderweitig eingespannt, dann ging mir gestern Abend auch noch der Text meiner Antwort verloren, weil ich erst geschrieben und mich dann erst eingeloggt habe. Nach unseren Bereinigungen arbeitet mein Drucker nicht mehr: die Druckaufträge bleiben in der Warteschlange hängen und kommen offenbar nicht beim Drucker an. Nach einem Neustart des PC's kann es sein, daß ein Druckauftrag ausgeführt (teilweise) wird. Beim Versuch der Aktualisierung des Adobe Reader X bekomme ich die Meldung: ‚Kein Update verfügbar. Installiert: Adobe Reader X (10.1.15) MUI‘ Kann es sein, daß man auf Adobe Acrobat Reader DC wechseln muß und Adobe Reader X nicht mehr gewartet wird? - Ich habe Adobe Reader X erst einmal deinstalliert. (zeitlich nach der Fixlog.txt) Hier Fixlog.txt Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-08-2015
durchgeführt von Admi_günter (2015-08-20 17:33:32) Run:2
Gestartet von C:\Users\Günter\Documents\Computer, Treiber, Internet\Probleme_Sicherheit\Spam_Probleme_150815
Geladene Profile: Günter & Admi_günter (Verfügbare Profile: Günter & Admi_günter & Christine)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\Users\Günter\Documents\AdvancedPCTweaker_Setup.exe
C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe
C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe
C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 1.zip
J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 50.zip
J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 6.zip
J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 8.zip
K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 1.zip
K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 6.zip
K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 8.zip
K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 9.zip
K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 50.zip
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
Emptytemp:
*****************
"C:\Users\Günter\Documents\AdvancedPCTweaker_Setup.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe" => Datei/Ordner nicht gefunden.
"J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe" => Datei/Ordner nicht gefunden.
"J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe" => Datei/Ordner nicht gefunden.
"J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe" => Datei/Ordner nicht gefunden.
"J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe" => Datei/Ordner nicht gefunden.
"J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 1.zip" => Datei/Ordner nicht gefunden.
"J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 50.zip" => Datei/Ordner nicht gefunden.
"J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 6.zip" => Datei/Ordner nicht gefunden.
"J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 8.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 1.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 6.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 8.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 9.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 50.zip" => Datei/Ordner nicht gefunden.
"K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe" => Datei/Ordner nicht gefunden.
EmptyTemp: => 320.8 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 17:33:42 ====
Das hat einige Zeit gebraucht, weil ich da erst etwas falsch gemacht habe ("Webkennwort für das Emailcenter" und "Emailpasswort" verwechselt/ vertauscht). Jetzt muß ich die Wirkung abwarten und morgen früh nach unerwünschten Emails forschen. Gruß! - günni42 Hallo schrauber, jetzt hab' ich richtig Bockmist gebaut, entschuldige vielmals: da im Fixlog immer wieder auftauchte '... Ordner nicht gefunden' hab' ich gedacht, ich hätte die Festplatten, während FRST lief, nicht angeschlossen. Deshalb habe ich die Prozedur, ohne groß nachzudenken, wiederholt. Das hätte ich nicht machen sollen und dürfen, ohne Deine Anordnung. Den daraus resultierenden Fixlog hab' ich noch gespeichert und stelle ihn bei Bedarf hier ein. Seitdem gibt's bei Word u. Outlook die Fehlermeldung: 'Die Arbeitsdatei konnte nicht erstellt werden. Überprüfen Sie die Temp- Umgebungsvariable.' In der Hoffnung, daß der Zusatz- Aufwand nicht allzu groß wird. Gruß! - Günter |
|
23.08.2015, 05:57
| #13 |
| /// the machine /// TB-Ausbilder | Email- Konto gehackt? Hi, ja Adobe Reader DC installieren. Poste mal das Fixlog sowie ein frisches FRST Log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.08.2015, 07:29
| #14 |
| | Email- Konto gehackt? Guten Tag schrauber, Adobe installieren klappt im Augenblick nicht, es kommt nichts von der Website runter. Oder liegt's an der 'Umgebungsvariable'? Hier das frische FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-08-2015
durchgeführt von Günter (ACHTUNG: der angemeldete Benutzer ist kein Administrator) auf RECHNER_RUG (23-08-2015 08:11:34)
Gestartet von C:\Users\Günter\Documents\Computer, Treiber, Internet\Probleme_Sicherheit\Spam_Probleme_150815
Geladene Profile: Günter (Verfügbare Profile: Günter & Admi_günter & Christine)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
konnte nicht auf den Prozess zugreifen -> smss.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> wininit.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> services.exe
konnte nicht auf den Prozess zugreifen -> lsass.exe
konnte nicht auf den Prozess zugreifen -> lsm.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> winlogon.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> atiesrxx.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> UMVPFSrv.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> spoolsv.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> atieclxx.exe
konnte nicht auf den Prozess zugreifen -> sched.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> PhotoshopElementsFileAgent.exe
konnte nicht auf den Prozess zugreifen -> avguard.exe
konnte nicht auf den Prozess zugreifen -> btwdins.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> kss.exe
konnte nicht auf den Prozess zugreifen -> NOBuAgent.exe
konnte nicht auf den Prozess zugreifen -> HelperService.exe
konnte nicht auf den Prozess zugreifen -> ConversionService.exe
konnte nicht auf den Prozess zugreifen -> SftService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> WLIDSVC.EXE
konnte nicht auf den Prozess zugreifen -> Avira.ServiceHost.exe
konnte nicht auf den Prozess zugreifen -> WLIDSVCM.EXE
konnte nicht auf den Prozess zugreifen -> avshadow.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> GoogleCrashHandler.exe
konnte nicht auf den Prozess zugreifen -> GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(O3SIS AG) C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
konnte nicht auf den Prozess zugreifen -> ServiceLayer.exe
() C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe
konnte nicht auf den Prozess zugreifen -> wmpnetwk.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> IAStorDataMgrSvc.exe
konnte nicht auf den Prozess zugreifen -> dllhost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> OSPPSVC.EXE
konnte nicht auf den Prozess zugreifen -> TrustedInstaller.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 8.0\PhotoshopElementsEditor.exe
konnte nicht auf den Prozess zugreifen -> FNPLicensingService.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe
konnte nicht auf den Prozess zugreifen -> NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_232_ActiveX.exe
konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe
konnte nicht auf den Prozess zugreifen -> SearchProtocolHost.exe
konnte nicht auf den Prozess zugreifen -> SearchFilterHost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-23] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ShwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2010-10-27] (cyberlink)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-28] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM\...\RunOnce: [*EmptyTemp] => cmd /c rd /q/s C:\FRST\Temp
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-11] (Softthinks)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [CAHeadless] => c:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe [615808 2009-09-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084800 2012-04-25] (Nokia)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [Amazon Cloud Player] => C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-06-07]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2011-06-13]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts-x32: Gruppenrichtline erkannt <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL =
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6538/mcfscan.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{D1A003C6-1664-4416-B03E-A904900A29D8}: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-02-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-04-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-04-25] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-08-27]
Chrome:
=======
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.95\ppGoogleNaClPluginChrome.dll Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.95\pdf.dll Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.95\gcswf32.dll Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll Keine Datei
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll Keine Datei
CHR Plugin: (Panda ActiveScan 2.0) - C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll Keine Datei
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll Keine Datei
CHR Plugin: (Default Plug-in) - default_plugin Keine Datei
CHR Profile: C:\Users\Günter\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Günter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-20]
CHR Extension: (Google Search) - C:\Users\Günter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-20]
CHR Extension: (Gmail) - C:\Users\Günter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-20]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [236016 2010-10-26] (CyberLink)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab ZAO)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)
R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-04] (Avira Operations GmbH & Co. KG)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
R5 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-01-31] (Microsoft Corporation)
R5 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir3.sys [33792 2010-06-03] (Hauppauge Computer Works, Inc.)
R5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)
R5 iaStor; C:\Windows\System32\drivers\iaStor.sys [437272 2010-09-14] (Intel Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-07-23] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155584 2015-07-23] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\Windows\system32\F492.tmp [6144 2011-05-12] (Sophos Plc) [Datei ist nicht signiert]
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-07-15] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2014-08-06] ()
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
R5 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55856 2010-03-19] (Sonic Solutions)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)
R5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-26] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-22 18:00 - 2015-08-22 18:03 - 00001146 _____ C:\Users\Günter\Desktop\Finanzamt - Verknüpfung (2).lnk
2015-08-21 23:15 - 2015-08-21 23:15 - 00001747 _____ C:\Users\Günter\Desktop\Spam_Probleme_150815 - Verknüpfung.lnk
2015-08-21 23:15 - 2015-08-21 23:15 - 00001747 _____ C:\Users\Günter\Desktop\Spam_Probleme_150815 - Verknüpfung (2).lnk
2015-08-21 21:36 - 2015-08-21 21:36 - 28754952 _____ (pdfforge GmbH) C:\Users\Günter\Downloads\PDFCreator-2_1_2-setup.exe
2015-08-21 19:46 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-21 19:46 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-21 19:46 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-21 19:46 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-21 19:46 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-21 19:46 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-21 19:46 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-21 19:46 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-21 19:46 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-21 19:46 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-21 19:46 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-21 19:46 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-21 19:46 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-21 19:46 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-21 19:46 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-21 19:46 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-21 19:46 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-21 19:46 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-21 19:46 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-21 19:46 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-21 19:46 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-21 19:46 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-21 19:46 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-21 19:46 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-21 19:46 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-21 19:46 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-21 19:46 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-08-21 19:46 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-21 19:46 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-21 19:46 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-21 19:46 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-21 19:46 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-21 19:46 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-21 19:46 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-08-21 19:46 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-08-21 19:46 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-08-21 19:46 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-08-21 19:46 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-08-21 19:46 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-08-21 19:46 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-08-21 19:46 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-08-21 19:46 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-08-21 19:46 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-08-21 11:48 - 2015-08-21 11:48 - 00001847 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-08-21 11:48 - 2015-08-21 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-08-21 11:48 - 2015-08-21 11:48 - 00000000 ____D C:\ProgramData\Apple Computer
2015-08-21 11:48 - 2015-08-21 11:48 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-08-20 17:00 - 2015-08-20 17:00 - 00000776 _____ C:\Users\Günter\Desktop\Deutsche Telekom warnt vor Spam-Welle Forum - heise online.url
2015-08-19 07:50 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 07:50 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 07:50 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 07:50 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-18 17:14 - 2015-08-19 23:40 - 00000000 ____D C:\Users\Günter\Downloads\FRST-OlderVersion
2015-08-18 17:08 - 2015-08-18 17:08 - 00001656 _____ C:\Users\Admi_günter\Desktop\JRT.txt
2015-08-18 16:36 - 2015-08-18 16:39 - 00000000 ____D C:\AdwCleaner
2015-08-17 22:23 - 2015-08-18 07:51 - 00001951 _____ C:\Users\Günter\Desktop\Computer, Treiber, Internet - Verknüpfung.lnk
2015-08-17 20:45 - 2015-08-17 20:45 - 00000909 _____ C:\Users\Günter\Desktop\Email- Konto gehackt.url
2015-08-17 16:49 - 2015-08-17 16:49 - 00030376 _____ C:\ComboFix.txt
2015-08-17 16:23 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-17 16:23 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-17 16:23 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-17 16:14 - 2015-08-17 16:50 - 00000000 ____D C:\Qoobox
2015-08-17 16:14 - 2015-08-17 16:46 - 00000000 ____D C:\Windows\erdnt
2015-08-16 20:20 - 2015-08-16 21:27 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-16 20:19 - 2015-08-16 22:48 - 00000000 ____D C:\Users\Admi_günter\Desktop\mbar
2015-08-15 22:21 - 2015-08-15 22:21 - 00001142 _____ C:\Users\Günter\Desktop\SYS_Avira.lnk
2015-08-15 18:36 - 2015-08-23 08:11 - 00000000 ____D C:\FRST
2015-08-15 18:26 - 2015-08-15 18:26 - 00000484 _____ C:\Users\Günter\Desktop\defogger_disable.log
2015-08-15 18:26 - 2015-08-15 18:26 - 00000000 _____ C:\Users\Admi_günter\defogger_reenable
2015-08-15 17:46 - 2015-08-15 17:46 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-15 17:46 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-14 16:26 - 2015-08-14 16:26 - 00000000 ____D C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2015-08-13 07:50 - 2015-08-13 07:50 - 00001022 _____ C:\Users\Günter\Desktop\E-Mail.url
2015-08-12 22:02 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:02 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 08:30 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 08:30 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 08:30 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 08:28 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 08:28 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 08:28 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 08:28 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 08:28 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 08:28 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 08:28 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 08:28 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 08:28 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 08:28 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 08:28 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 08:28 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 08:28 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 08:28 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 08:28 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 08:28 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 08:28 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 08:28 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 08:28 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 08:28 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 08:28 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 08:28 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 08:28 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 08:28 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 08:28 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 08:28 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 08:28 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 08:28 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 08:28 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 08:28 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 08:28 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 08:28 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 08:28 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 08:28 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 08:28 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 08:28 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 08:28 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 08:28 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 08:28 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 08:28 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 08:28 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 08:28 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 08:28 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 08:28 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 08:28 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 08:28 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 08:28 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 08:28 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 08:28 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 08:28 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 08:28 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 08:28 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-12 08:27 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 08:27 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 08:27 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 08:27 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 08:27 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 08:27 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 08:27 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 08:27 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 08:27 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 08:27 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 08:27 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 08:27 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 08:27 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 08:27 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 08:27 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 08:27 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 08:27 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 08:25 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 08:25 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 08:25 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 08:25 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 08:25 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 08:25 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 08:25 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 08:25 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 08:25 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-06 11:43 - 2015-08-06 11:43 - 00094208 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx
2015-08-06 11:43 - 2015-08-06 11:43 - 00069632 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts
2015-07-31 22:22 - 2015-07-31 22:40 - 00000000 ____D C:\Users\Public\Documents\QV7_Data
2015-07-28 20:08 - 2015-07-28 20:28 - 3268147200 _____ C:\Users\Günter\Downloads\WIN_7_HOME_MAR_64.iso
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\Program Files\Dell Support Center
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\Program Files\Dell
2015-07-25 23:28 - 2015-07-25 23:28 - 00000000 ____D C:\Users\Günter\AppData\Local\Dell Edoc Viewer
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-23 08:10 - 2011-06-07 16:17 - 01156334 _____ C:\Windows\WindowsUpdate.log
2015-08-23 08:05 - 2012-08-24 00:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-23 08:05 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-23 08:05 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-23 08:00 - 2011-12-20 20:28 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-23 07:59 - 2011-06-17 14:09 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2015-08-22 23:39 - 2011-06-14 15:32 - 00000000 ____D C:\Users\Günter\Documents\Outlook-Dateien
2015-08-22 22:47 - 2011-12-20 20:28 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-22 10:50 - 2011-06-15 17:24 - 00000000 ____D C:\Users\Admi_günter\Documents\Outlook-Dateien
2015-08-22 08:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-21 22:34 - 2013-09-08 23:50 - 00000000 ____D C:\Program Files (x86)\TTQV4
2015-08-21 22:34 - 2011-06-14 21:28 - 00000065 _____ C:\Windows\control.ini
2015-08-21 22:27 - 2010-11-21 08:50 - 00702964 _____ C:\Windows\system32\perfh007.dat
2015-08-21 22:27 - 2010-11-21 08:50 - 00150604 _____ C:\Windows\system32\perfc007.dat
2015-08-21 22:27 - 2009-07-14 07:13 - 01629436 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-21 22:24 - 2015-04-11 07:14 - 00010697 _____ C:\Windows\setupact.log
2015-08-21 22:22 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-21 19:14 - 2015-04-26 16:55 - 00031568 _____ C:\Windows\PFRO.log
2015-08-21 19:09 - 2011-06-07 16:24 - 00000000 ____D C:\ProgramData\Adobe
2015-08-21 19:09 - 2011-06-07 16:24 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-08-21 08:14 - 2011-06-16 21:22 - 00000000 ____D C:\Users\Günter\Documents\Adressen, Briefe, E-Mails, Etiketten
2015-08-18 16:39 - 2014-08-06 11:59 - 00000981 _____ C:\Users\Admi_günter\Desktop\WWW_Internet Explorer.lnk
2015-08-18 15:57 - 2015-03-21 21:38 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-18 15:56 - 2015-03-21 21:38 - 00001108 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-18 15:56 - 2015-03-21 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-08-18 15:56 - 2015-03-21 21:38 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-08-17 21:11 - 2013-04-18 22:52 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-17 16:49 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-17 16:36 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-17 16:22 - 2013-04-18 22:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-16 21:58 - 2014-05-28 11:16 - 00000000 ____D C:\Users\Admi_günter\AppData\Roaming\Skype
2015-08-16 20:58 - 2011-06-07 16:43 - 00000000 ____D C:\ProgramData\Sonic
2015-08-16 20:58 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 13:37 - 2015-02-16 00:27 - 00000430 _____ C:\Windows\Tasks\Defraggler Volume C Task.job
2015-08-15 18:26 - 2011-06-12 17:32 - 00000000 ____D C:\Users\Admi_günter
2015-08-13 15:39 - 2013-09-03 15:45 - 00000219 _____ C:\Users\Günter\Desktop\www_ixquick Suche.url
2015-08-12 23:27 - 2015-05-30 21:06 - 00000458 _____ C:\Users\Günter\Desktop\www_PayPal.url
2015-08-12 22:26 - 2009-07-14 06:45 - 00489808 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 22:24 - 2014-12-11 16:36 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 22:24 - 2014-05-06 22:34 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 22:01 - 2011-06-13 01:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 21:57 - 2013-08-15 21:53 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 21:57 - 2009-07-14 04:34 - 00000510 _____ C:\Windows\win.ini
2015-08-12 21:47 - 2011-06-10 22:26 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 19:05 - 2012-04-09 10:39 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 19:05 - 2011-06-19 14:29 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-06 20:10 - 2011-06-16 21:23 - 00000000 ____D C:\Users\Günter\Documents\Computer, Treiber, Internet
2015-08-05 17:58 - 2011-06-16 21:28 - 00000000 ____D C:\Users\Günter\Documents\Telekom
2015-07-31 22:22 - 2015-02-28 00:50 - 00001074 _____ C:\Users\Admi_günter\Desktop\QuoVadis 7.lnk
2015-07-31 22:22 - 2015-02-28 00:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuoVadis 7
2015-07-31 22:22 - 2013-09-15 12:21 - 00000000 ____D C:\Program Files (x86)\QuoVadis7
2015-07-30 21:56 - 2015-01-24 18:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-30 21:56 - 2015-01-24 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-28 20:51 - 2011-06-10 18:54 - 00000000 ____D C:\Users\Günter\AppData\Roaming\Roxio
2015-07-28 13:19 - 2015-01-24 18:21 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-28 13:19 - 2015-01-24 18:21 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-28 08:23 - 2011-02-11 19:13 - 00000000 ____D C:\Windows\panther
2015-07-28 08:17 - 2015-07-10 19:28 - 00000000 ____D C:\$Windows.~BT
2015-07-25 23:43 - 2011-06-17 14:09 - 00099106 _____ C:\Windows\system32\lvcoinst.log
2015-07-25 23:37 - 2012-05-06 16:53 - 00000000 ____D C:\Users\Admi_günter\AppData\Roaming\PCDr
2015-07-25 23:36 - 2011-06-12 17:00 - 00000000 ____D C:\ProgramData\PCDr
2015-07-25 23:36 - 2011-06-07 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-07-25 22:34 - 2015-04-04 23:37 - 00000000 ___SD C:\Windows\system32\GWX
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-12-18 19:48 - 2014-12-11 10:06 - 0000354 _____ () C:\Users\Günter\AppData\Roaming\dpdhl.versandhelfer_state.xml
2012-12-18 21:20 - 2014-04-23 13:15 - 0038485 _____ () C:\Users\Günter\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2012-10-19 15:35 - 2012-10-19 15:41 - 0038458 _____ () C:\Users\Günter\AppData\Roaming\Microsoft Excel 97-2003.ADR
2012-12-18 21:12 - 2012-12-18 21:12 - 0038439 _____ () C:\Users\Günter\AppData\Roaming\Tabulatorgetrennte Werte (Windows).ADR
2011-06-13 12:49 - 2013-04-15 23:43 - 0034304 _____ () C:\Users\Günter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-06-10 21:36 - 2011-06-10 21:36 - 0007602 _____ () C:\Users\Günter\AppData\Local\Resmon.ResmonCfg
2013-05-02 22:40 - 2013-05-02 22:40 - 0000152 _____ () C:\ProgramData\3mj1ol.reg
2013-05-02 22:40 - 2013-05-02 22:49 - 0000000 _____ () C:\ProgramData\as98213.txt
2011-06-22 15:58 - 2011-06-22 15:58 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\3mj1ol.reg
Einige Dateien in TEMP:
====================
C:\Users\Günter\AppData\Local\Temp\avgnt.exe
C:\Users\Günter\AppData\Local\Temp\NOSEventMessages.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. Der Benutzer ist kein Administrator.
==================== Ende von Ergebnis ============================
Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-08-2015
durchgeführt von Günter (2015-08-21 22:03:44) Run:3
Gestartet von C:\Users\Günter\Documents\Computer, Treiber, Internet\Probleme_Sicherheit\Spam_Probleme_150815
Geladene Profile: Günter (Verfügbare Profile: Günter & Admi_günter & Christine)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\Users\Günter\Documents\AdvancedPCTweaker_Setup.exe
C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe
C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe
C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 1.zip
J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 50.zip
J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 6.zip
J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 8.zip
K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 1.zip
K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 6.zip
K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 8.zip
K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 9.zip
K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 50.zip
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
Emptytemp:
*****************
"C:\Users\Günter\Documents\AdvancedPCTweaker_Setup.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe" => Datei/Ordner nicht gefunden.
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe => erfolgreich verschoben
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe => erfolgreich verschoben
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe => erfolgreich verschoben
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe => erfolgreich verschoben
"J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 1.zip" => Datei/Ordner nicht gefunden.
"J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 50.zip" => Datei/Ordner nicht gefunden.
"J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 6.zip" => Datei/Ordner nicht gefunden.
"J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 8.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 1.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 6.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 8.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 9.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 50.zip" => Datei/Ordner nicht gefunden.
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe => erfolgreich verschoben
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe => erfolgreich verschoben
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe => erfolgreich verschoben
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe => erfolgreich verschoben
K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe => erfolgreich verschoben
K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe => erfolgreich verschoben
K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe => erfolgreich verschoben
K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe => erfolgreich verschoben
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe => erfolgreich verschoben
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe => erfolgreich verschoben
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe => erfolgreich verschoben
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe => erfolgreich verschoben
EmptyTemp: => 128.4 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 22:04:42 ====
Gruß! - günni42 |
|
23.08.2015, 19:22
| #15 |
| /// the machine /// TB-Ausbilder | Email- Konto gehackt? FRST nochmal, das Programm braucht Adminrechte
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Email- Konto gehackt? |
| antivir, antivirus, bluescreen, computer, converter, desktop, dnsapi.dll, email, flash player, google, home, kaspersky, maus, programm, realtek, registry, rundll, security, services.exe, software, svchost.exe, trojaner, udp, usb, warnung, win10, windows, win_7 |
WARNUNG an die MITLESER: 
Linear-Darstellung
