| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Eventuelles ProblemWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.08.2015, 20:04
| #1 |
 |  Eventuelles Problem Hallo ihr Lieben, ich habe meine Laptop eine Zeit lang meinem Bruder ausgeliehen und ihn jetzt wiederbekommen. Ich habe das GEfühl, er ist langsamer geworden (er hat ihn auch zum spielen genutzt) und manchmal friert einfach alles ein und ich kann sekundenlang nichts machen. Könnte hier etwas nicht in Ordnung sein? Hier sind alle geforderten Logfiles: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:17 on 27/08/2015 (****)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:26-08-2015
durchgeführt von **** (2015-08-27 19:53:58)
Gestartet von C:\Users\****\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1476551734-19124195-2179231302-500 - Administrator - Disabled)
**** (S-1-5-21-1476551734-19124195-2179231302-1000 - Administrator - Enabled) => C:\Users\****
Gast (S-1-5-21-1476551734-19124195-2179231302-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1476551734-19124195-2179231302-1004 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
AFPL Ghostscript 8.54 (HKLM-x32\...\AFPL Ghostscript 8.54) (Version: - )
AFPL Ghostscript Fonts (HKLM-x32\...\AFPL Ghostscript Fonts) (Version: - )
AMD Catalyst Install Manager (HKLM\...\{D219E54B-AC0F-E3E8-AA62-DF563A20696E}) (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.17.0.1227 - Bitdefender)
Brother MFL-Pro Suite DCP-J132W (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.37.0 - Conexant)
CyberLink PowerDVD 9.6 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.6.1.5127 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Digital Delivery (HKLM-x32\...\{9DDFE322-6BA0-4F90-8689-D98382492371}) (Version: 2.1.1002.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3E90B7F4-1817-4405-B4A5-E4EA5EC0E2B3}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Stage (HKLM-x32\...\{E2F57269-065E-4B19-8CDA-AB6C401FAF1A}) (Version: 1.7.209.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\Elantech) (Version: 10.3.2.2 - ELAN Microelectronic Corp.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.3.0.2513 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Free YouTube to DVD Converter version 3.1.59.415 (HKLM-x32\...\Free YouTube to DVD Converter_is1) (Version: 3.1.59.415 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
High-Definition Video Playback (x32 Version: 7.3.10000.0.0 - Nero AG) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3090 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0191 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 40.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 de)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
PDF Blender (HKLM-x32\...\PDF Blender) (Version: - )
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PowerXpressHybrid (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.005 - Dell Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.39019 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 - SmartSound Software Inc) Hidden
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Steuer 2014 (HKLM-x32\...\{2EE860C7-4551-479F-AF01-328B8AA46051}) (Version: 22.00.8811 - Buhl Data Service GmbH)
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.16500 - Nero AG)
SyncUP (x32 Version: 1.12.11500.11.105 - Nero AG) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-01-04 21:24 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1D718F57-FE18-41E6-BC2F-E8814DDA2914} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {1F7C9C29-66DE-4140-9C68-B9F0A37E8C52} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-24] (Google Inc.)
Task: {2E7BF561-8C3E-4FF1-8413-D186B476CA64} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe [2015-07-28] (Bitdefender)
Task: {35D58EAC-E363-49B5-8E3F-246205DEFF46} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {370CB867-98CB-4AA9-86B4-59E4B22A2CF0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {65CFED4D-DE2C-40B0-B513-0A8B548A452E} - System32\Tasks\AdobeAAMUpdater-1.0-****-PC-**** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {6B0E4B89-AB9D-46DD-BD02-835EAACA3AF1} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {C8E2C2D9-5956-435E-9F56-5BB6F57FFC59} - System32\Tasks\{CF90EA32-093A-4FC5-BABA-F673ECFBD693} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {CB7B6331-F6ED-4CB0-8F92-5A6E3BB78389} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-24] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-11-21 00:51 - 2014-08-27 17:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2014-11-21 00:51 - 2013-09-03 15:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2014-11-21 00:57 - 2014-10-15 13:08 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2014-11-21 00:56 - 2012-10-29 15:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-08-18 18:48 - 2015-08-18 18:48 - 00875864 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00650_008\ashttpbr.mdl
2015-08-18 18:48 - 2015-08-18 18:48 - 00741952 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00650_008\ashttpdsp.mdl
2015-08-18 18:48 - 2015-08-18 18:48 - 02801464 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00650_008\ashttpph.mdl
2015-08-18 18:48 - 2015-08-18 18:48 - 01412512 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00650_008\ashttprbl.mdl
2015-01-08 00:15 - 2005-04-22 06:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2012-09-12 13:41 - 2012-03-19 12:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-09-12 12:36 - 2012-01-27 04:49 - 02751808 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2011-06-28 02:26 - 2011-06-28 02:26 - 02022976 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
2012-09-12 12:22 - 2012-04-05 21:55 - 00164992 _____ () C:\Program Files\Conexant\SA3\MaxxAudioWrapper.dll
2011-06-29 15:52 - 2011-06-29 15:52 - 00474176 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
2012-02-01 18:50 - 2012-02-01 18:50 - 00968048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
2012-11-30 04:06 - 2012-11-30 04:06 - 01263512 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2012-03-26 10:03 - 2012-03-26 10:03 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-04-06 17:17 - 2012-04-06 17:17 - 00016384 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-03-17 03:28 - 2010-03-17 03:28 - 01926144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
2010-03-22 22:52 - 2010-03-22 22:52 - 06776832 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
2010-03-17 03:28 - 2010-03-17 03:28 - 00635904 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
2010-03-17 03:28 - 2010-03-17 03:28 - 00326144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
2011-06-25 06:20 - 2011-06-25 06:20 - 00565968 _____ () C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
2011-06-28 02:25 - 2011-06-28 02:25 - 00058944 _____ () C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
2011-06-25 06:32 - 2011-06-25 06:32 - 00323136 _____ () C:\Program Files (x86)\Dell\Stage Remote\de-DE\UI\ManagerUI.dll
2010-03-12 02:52 - 2010-03-12 02:52 - 00028160 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
2010-03-05 22:07 - 2010-03-05 22:07 - 00031744 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
2010-03-05 22:07 - 2010-03-05 22:07 - 00125952 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
2010-03-12 02:52 - 2010-03-12 02:52 - 00225280 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
2012-02-01 18:44 - 2012-02-01 18:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
2012-02-01 18:44 - 2012-02-01 18:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
2012-11-30 04:07 - 2012-11-30 04:07 - 00100248 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-01-08 00:14 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-10-18 22:10 - 2014-10-18 22:10 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2012-09-12 12:24 - 2012-02-01 23:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-09-12 12:23 - 2012-01-21 13:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-08-13 17:14 - 2015-08-13 17:14 - 00071168 _____ () c:\users\****\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxhms1y.dll
2015-06-22 22:01 - 2015-08-05 22:49 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-06-22 22:01 - 2015-08-05 22:49 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-01 04:11 - 2015-08-05 22:49 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-22 22:01 - 2015-08-05 22:49 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-05-19 17:59 - 2015-05-19 17:59 - 03350640 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-05-19 17:59 - 2015-05-19 17:59 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-05-19 17:59 - 2015-05-19 17:59 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-11-21 00:51 - 2014-08-27 17:30 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\txmlutil.dll
2014-11-21 00:51 - 2013-09-03 15:29 - 00095088 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\bdmetrics.dll
2015-08-12 19:31 - 2015-08-12 19:31 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\****\Desktop\Defogger.exe:BDU
AlternateDataStreams: C:\Users\****\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\****\Desktop\spywareblastersetup50.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\7z920.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\BearShareV10.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\bitdefender_tsecurity.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\Citavi4Setup(1).exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\Citavi4Setup.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\DivXInstaller.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\Dropbox - CHIP-Installer.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\DropboxInstaller.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\dxwebsetup.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\Free YouTube to DVD Converter - CHIP-Installer.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\FreeYouTubeToDVDConverter.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\FW_DE_Installer_v201.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\gmer_2.1.19163.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\GoogleEarthPluginSetup.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\jxpiinstall(1).exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\jxpiinstall(2).exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\jxpiinstall.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\mbam-setup-1.75.0.1300.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\mbam-setup-2.0.4.1028.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\No23Recorder2103.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\onlineTV - CHIP-Installer.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\PDF24 Creator - CHIP-Installer.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\PSISetup10004.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\PSISetup711.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\RealPlayer_de.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\RunesOfMagic_GameforgeLiveSetup.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\TeamSpeak3-Client-win32-3.0.8.1.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\TFC.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\Thunderbird_Setup_15.0.1.exe:BDU
AlternateDataStreams: C:\Users\****\Downloads\vlc-2.0.4-win32.exe:BDU
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\1001movie.com -> 1001movie.com
Da befinden sich 6091 mehr eingeschränkte Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1476551734-19124195-2179231302-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{D478956E-9F1A-4843-8198-214FBDD60F01}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E111D6CA-2A56-4E7E-BB38-BED52D41E193}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F1600D2E-84D9-48EE-8B86-8890CFCD2793}] => (Allow) c:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [{8832DF3D-C7E8-4FC7-B767-4F79DEF26F06}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5AF899B2-A668-406E-9903-AAEEA8C3A867}] => (Allow) LPort=2869
FirewallRules: [{D94D9DD8-5218-4EC2-AEE8-7210FB4AE942}] => (Allow) LPort=1900
FirewallRules: [{BBD5EDAB-1F35-4420-B9B0-B890E883D850}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{E854F3AB-AA91-47A5-8A5A-2FD016D65F0F}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{0DBBA71A-1201-47C7-93CE-0E8F6B3F8A55}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{0298C4F4-9F4D-4242-81E2-BBD86B481759}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{8289FDF6-CB9C-4C6B-889D-87CA95ED27C9}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{59FB75E3-764B-4FA4-AA9D-E9337397C6BF}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{DCD9B3EE-7B9B-479F-840C-7650FFEBBC8C}] => (Allow) LPort=9700
FirewallRules: [{3B8BACD5-919B-40B7-B5C6-1C1A4025EF81}] => (Allow) LPort=9701
FirewallRules: [{A8979E2D-D62A-4400-83E8-CBD1D0F7306E}] => (Allow) LPort=9702
FirewallRules: [{CA04C3DF-A0D3-4677-8CB2-8422FEA7D592}] => (Allow) LPort=9700
FirewallRules: [{E4C83A27-6FF3-4810-9422-FE431D0E5014}] => (Allow) C:\Program Files\dell stage\dell stage\accuweather\accuweather.exe
FirewallRules: [{F1617678-1CFD-4B4D-BB2F-DBB3518A38F0}] => (Allow) C:\Program Files\dell stage\musicstage\musicstageengine.exe
FirewallRules: [{2E3B0022-8282-4904-A53B-1D15F5FF2FA3}] => (Allow) C:\Program Files\dell stage\dell stage\stage_primary.exe
FirewallRules: [TCP Query User{EF295B6F-E9AD-4204-A5EA-247DB990AA42}C:\program files (x86)\dell\stage remote\stageremoteservice.exe] => (Block) C:\program files (x86)\dell\stage remote\stageremoteservice.exe
FirewallRules: [UDP Query User{435EA1F9-B244-4D42-96C9-88DFDD77302F}C:\program files (x86)\dell\stage remote\stageremoteservice.exe] => (Block) C:\program files (x86)\dell\stage remote\stageremoteservice.exe
FirewallRules: [TCP Query User{AC7AAC94-B653-4271-B872-29A02A9D8686}C:\program files (x86)\dell\stage remote\stageremoteservice.exe] => (Block) C:\program files (x86)\dell\stage remote\stageremoteservice.exe
FirewallRules: [UDP Query User{832FF03F-C34E-4F7B-A5CA-50F9BC4FC101}C:\program files (x86)\dell\stage remote\stageremoteservice.exe] => (Block) C:\program files (x86)\dell\stage remote\stageremoteservice.exe
FirewallRules: [{31457A3B-0F9A-46D7-A637-1B87A5E5C786}] => (Allow) C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe
FirewallRules: [{DE26C2E2-CF4B-4126-BD5F-F4E02E0EACCC}] => (Allow) C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe
FirewallRules: [{E74BB90D-403F-4E44-A744-94DF0D0C7035}] => (Allow) C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe
FirewallRules: [{11463C82-3D6A-40D3-90D1-A6866495F5BB}] => (Allow) C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe
FirewallRules: [{9862596C-0DE8-44F0-BECE-8DFCDB5FAA74}] => (Allow) %ProgramFiles% (x86)\GameforgeLive\Games\DEU_deu\Runes Of Magic\ClientUpdate.exe
FirewallRules: [{4905B771-0BB4-4A3F-B2AF-C5280B36633F}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Runes Of Magic\launcher.exe
FirewallRules: [{A133FC0F-B74A-48BF-AC56-9790C1657D4D}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Runes Of Magic\launcher.exe
FirewallRules: [{879BE998-A62F-49B2-B70D-BFC10E540760}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Runes Of Magic\launcher.exe
FirewallRules: [{07269FC0-ACBF-4C00-8973-D7C3D8184E9C}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Runes Of Magic\launcher.exe
FirewallRules: [{D55592EF-C9B8-4DF9-B4E1-033848B77889}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Runes Of Magic\Client.exe
FirewallRules: [{972BCAA5-87C4-4F33-B8CF-8386B15B9F44}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Runes Of Magic\Client.exe
FirewallRules: [{19A3BCD2-5064-43BE-9E39-4FE971CE7FD5}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Runes Of Magic\Client.exe
FirewallRules: [{325D43B9-8B1C-419F-884E-CCE243AF160A}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Runes Of Magic\Client.exe
FirewallRules: [{645152C5-029E-4524-8B1C-A972B23551EC}] => (Allow) LPort=54925
FirewallRules: [{2D74E98D-4D8F-41FE-B382-897971824746}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{11AD927C-16E4-4AC6-922D-22477B94C125}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{51C69C5E-D79B-4B2D-B9F0-B3BBE9B8E77C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{72622B5C-AA7E-4B41-A73A-8CAD87410A77}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{00D3FAE1-862B-4CF2-B498-2A7C747AE2B2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/26/2015 05:20:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FreemakeVC.exe, Version: 4.1.4.13, Zeitstempel: 0x540ede1f
Name des fehlerhaften Moduls: libdvdnav.dll, Version: 0.0.0.0, Zeitstempel: 0x49d4f1cc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001ca09
ID des fehlerhaften Prozesses: 0x3f28
Startzeit der fehlerhaften Anwendung: 0xFreemakeVC.exe0
Pfad der fehlerhaften Anwendung: FreemakeVC.exe1
Pfad des fehlerhaften Moduls: FreemakeVC.exe2
Berichtskennung: FreemakeVC.exe3
Error: (08/25/2015 08:45:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a6a196
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000bffc2
ID des fehlerhaften Prozesses: 0xb04
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (08/18/2015 09:20:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 40.0.0.5697, Zeitstempel: 0x55c4fdca
Name des fehlerhaften Moduls: mozglue.dll, Version: 40.0.0.5697, Zeitstempel: 0x55c4ec16
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000e254
ID des fehlerhaften Prozesses: 0x3764
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (08/18/2015 09:20:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 40.0.0.5697 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1a64
Startzeit: 01d0d5da3d22b7fa
Endzeit: 865
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 246febf0-45de-11e5-b7fe-685d43e3102e
Error: (08/13/2015 05:12:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x7cc
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3
Error: (08/13/2015 05:11:41 PM) (Source: MsiInstaller) (EventID: 1024) (User: ****-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (08/13/2015 05:08:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/13/2015 06:40:54 AM) (Source: MsiInstaller) (EventID: 1024) (User: ****-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (08/13/2015 06:05:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x9b4
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3
Error: (08/13/2015 06:00:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (08/27/2015 03:35:26 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (08/24/2015 02:09:08 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (08/23/2015 08:32:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109
Error: (08/23/2015 08:32:52 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 109gupdate/comsvc{4EB61BAC-A3B6-4760-9581-655041EF4D69}
Error: (08/20/2015 10:22:09 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk4\DR51.
Error: (08/20/2015 04:56:57 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk3\DR47.
Error: (08/19/2015 06:25:54 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk2\DR43.
Error: (08/19/2015 06:11:56 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {96D1EED3-701E-4FE5-B996-A543A8465897}
Error: (08/18/2015 08:50:01 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR40 gefunden.
Error: (08/18/2015 08:50:00 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR40 gefunden.
Microsoft Office:
=========================
Error: (08/26/2015 05:20:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FreemakeVC.exe4.1.4.13540ede1flibdvdnav.dll0.0.0.049d4f1ccc00000050001ca093f2801d0de7eb7afc75dC:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVC.exeC:\Program Files (x86)\Freemake\COM\1.1\libdvdnav.dll0dae3414-4c06-11e5-b7fe-685d43e3102e
Error: (08/25/2015 08:45:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.1893355a6a196c000037400000000000bffc2b0401d0d5da1c42e569C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll675b7494-4b59-11e5-b7fe-685d43e3102e
Error: (08/18/2015 09:20:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe40.0.0.569755c4fdcamozglue.dll40.0.0.569755c4ec16800000030000e254376401d0d9ca9076dfc7C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozglue.dll38048b7d-45de-11e5-b7fe-685d43e3102e
Error: (08/18/2015 09:20:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe40.0.0.56971a6401d0d5da3d22b7fa865C:\Program Files (x86)\Mozilla Firefox\firefox.exe246febf0-45de-11e5-b7fe-685d43e3102e
Error: (08/13/2015 05:12:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a8240000015000935347cc01d0d5d9dfaec050C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exebdc53993-41cd-11e5-b7fe-685d43e3102e
Error: (08/13/2015 05:11:41 PM) (Source: MsiInstaller) (EventID: 1024) (User: ****-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011012}1625(NULL)(NULL)(NULL)
Error: (08/13/2015 05:08:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/13/2015 06:40:54 AM) (Source: MsiInstaller) (EventID: 1024) (User: ****-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011012}1625(NULL)(NULL)(NULL)
Error: (08/13/2015 06:05:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a8240000015000935349b401d0d57c9f7660daC:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exe781f0411-4170-11e5-ac74-685d43e3102e
Error: (08/13/2015 06:00:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity:
===================================
Date: 2015-01-30 20:45:54.148
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-30 20:45:44.360
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-30 20:43:07.989
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-04 20:18:01.476
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-04 20:18:01.413
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-11-12 13:55:14.983
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-12 13:52:15.539
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-12 13:48:28.531
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-12 13:48:20.127
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-12 13:44:22.346
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i7-3612QM CPU @ 2.10GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 8053.85 MB
Verfügbarer physikalischer RAM: 4475.96 MB
Summe virtueller Speicher: 16105.91 MB
Verfügbarer virtueller Speicher: 9417.42 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:911.66 GB) (Free:201.61 GB) NTFS
Drive d: (DVD_Video) (CDROM) (Total:7.3 GB) (Free:0 GB) UDF
Drive y: (RECOVERY) (Fixed) (Total:19.81 GB) (Free:6.42 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 4D916A00)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=19.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=911.7 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:26-08-2015 durchgeführt von ***** (Administrator) auf *****-PC (27-08-2015 19:52:58) Gestartet von C:\Users\*****\Desktop Geladene Profile: ***** (Verfügbare Profile: *****) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe (AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (AMD) C:\Windows\System32\atieclxx.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe () C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\SmartAudio3.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe (Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (CyberLink Corp.) C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (cyberlink) C:\Program Files (x86)\Cyberlink\Shared files\brs.exe () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Windows\System32\wimserv.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe () C:\Program Files (x86)\Mozilla Firefox\updated\firefox.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894640 2012-03-14] (ELAN Microelectronics Corp.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1654400 2012-02-22] (Conexant Systems, Inc.) HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] () HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-28] () HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1691112 2015-04-07] (Bitdefender) HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-26] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation) HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577024 2012-03-07] (Creative Technology Ltd) HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-26] (Dell, Inc.) HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.) HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-18] (CyberLink Corp.) HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [76872 2012-03-27] (cyberlink) HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [66872 2012-03-11] () HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] () HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] () HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] () HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39179912 2015-08-06] (Dropbox, Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\Run: [Bitdefender-Geldb�rse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-02-25] (Bitdefender) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-01-07] ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKU\S-1-5-21-1476551734-19124195-2179231302-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1476551734-19124195-2179231302-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1476551734-19124195-2179231302-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> {295B9C87-9E71-4AEB-8860-AAB046CDF146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox SearchScopes: HKLM-x32 -> {295B9C87-9E71-4AEB-8860-AAB046CDF146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1476551734-19124195-2179231302-1000 -> {295B9C87-9E71-4AEB-8860-AAB046CDF146} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation) Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-25] (Bitdefender) Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-25] (Bitdefender) DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1 Tcpip\..\Interfaces\{74EF4DF4-F545-4B24-97D4-53AEC75D7B98}: [DhcpNameServer] 141.53.10.4 141.53.10.5 Tcpip\..\Interfaces\{7AC580F9-788B-43B5-9282-B1715F577528}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{BAF2DFBA-5D02-4D65-B321-5EA1F317205E}: [DhcpNameServer] 192.168.2.1 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default FF SelectedSearchEngine: FF Homepage: hxxp://www.google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] () FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default\searchplugins\google-images.xml [2014-09-14] FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default\searchplugins\google-maps.xml [2014-09-14] FF Extension: Cliqz - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default\Extensions\cliqz@cliqz.com.xpi [2014-11-20] FF Extension: YouTube Video and Audio Downloader - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2015-01-10] FF Extension: Media Converter and Muxer - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default\Extensions\jid1-kps5PrGBNtzSLQ@jetpack.xpi [2015-01-10] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014-11-21] FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-01-05] FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-11-21] FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext FF HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default\extensions\cliqz@cliqz.com Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2015-01-29] (Bitdefender) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert] S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [242448 2012-03-27] (CyberLink) R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2012-05-18] (Conexant Systems, Inc.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.) S2 DellDigitalDelivery; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [166912 2012-04-10] (Dell Products, LP.) [Datei ist nicht signiert] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] () S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender) S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-12-12] (Bitdefender) R2 vsserv; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-04-07] (Bitdefender) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation) S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [32896 2012-03-20] (Advanced Micro Devices, Inc.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-02-25] (BitDefender) R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [262544 2015-02-25] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-02-25] (BitDefender) R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2015-02-25] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC) S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL) S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2015-02-25] (BitDefender SRL) R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-04-07] (BitDefender LLC) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-27] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia) R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-12-12] (BitDefender S.R.L.) S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-27 19:52 - 2015-08-27 19:53 - 00028611 _____ C:\Users\*****\Desktop\FRST.txt 2015-08-27 19:52 - 2015-08-27 19:53 - 00000000 ____D C:\FRST 2015-08-27 19:51 - 2015-08-27 19:52 - 02186752 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe 2015-08-27 19:49 - 2015-08-27 19:49 - 00000474 _____ C:\Users\*****\Desktop\defogger_disable.log 2015-08-27 19:49 - 2015-08-27 19:49 - 00000000 _____ C:\Users\*****\defogger_reenable 2015-08-27 19:48 - 2015-08-27 19:48 - 00050477 _____ C:\Users\*****\Desktop\Defogger.exe 2015-08-19 20:00 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-08-19 20:00 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-08-19 20:00 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-08-19 20:00 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-08-17 19:14 - 2015-08-18 21:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-13 17:14 - 2015-08-13 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-08-12 20:20 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-08-12 20:20 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-08-12 20:03 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-08-12 20:03 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-08-12 20:03 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-08-12 20:03 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-08-12 20:03 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-08-12 20:03 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-08-12 20:03 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-08-12 20:03 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-08-12 20:03 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-08-12 20:03 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-08-12 20:03 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-08-12 20:03 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-08-12 20:03 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-08-12 20:03 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-08-12 20:03 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-08-12 20:03 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-08-12 20:03 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-08-12 20:03 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-08-12 20:03 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-08-12 20:03 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-08-12 20:03 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-08-12 20:03 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-08-12 20:03 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-08-12 20:03 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-08-12 20:03 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-08-12 20:03 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-08-12 20:03 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-08-12 20:03 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-08-12 20:03 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-08-12 20:03 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-08-12 20:03 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-08-12 20:03 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-08-12 20:03 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-08-12 20:03 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-08-12 20:03 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-08-12 20:03 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-08-12 20:03 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-08-12 20:03 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-08-12 20:03 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-08-12 20:03 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-08-12 20:03 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-08-12 20:03 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-08-12 20:03 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-08-12 20:03 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-08-12 20:03 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-08-12 20:03 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-08-12 20:03 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-08-12 20:03 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-08-12 20:03 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-08-12 20:03 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-08-12 20:03 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-08-12 20:03 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-08-12 20:03 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-08-12 20:03 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-08-12 20:03 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-08-12 20:03 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-08-12 19:55 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-08-12 19:55 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-08-12 19:55 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-08-12 19:55 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-08-12 19:55 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-08-12 19:55 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-08-12 19:55 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-08-12 19:55 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-08-12 19:55 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-08-12 19:55 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-08-12 19:55 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-08-12 19:55 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-08-12 19:55 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-08-12 19:55 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-08-12 19:55 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-08-12 19:55 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-08-12 19:55 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-08-12 19:55 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-08-12 19:55 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-08-12 19:55 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-08-12 19:55 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-08-12 19:55 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-08-12 19:55 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-08-12 19:55 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-08-12 19:55 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-08-12 19:55 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-08-12 19:55 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-08-12 19:55 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-08-12 19:55 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-08-12 19:55 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-08-12 19:55 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-08-12 19:55 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-08-12 19:55 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-08-12 19:55 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-08-12 19:55 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-08-12 19:55 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-08-12 19:55 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2015-08-12 19:55 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-08-12 19:55 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-08-12 19:55 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-08-12 19:55 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-08-12 19:55 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-08-12 19:55 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-08-12 19:55 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-08-12 19:55 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-08-12 19:55 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-08-12 19:55 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-08-12 19:55 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-08-12 19:55 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-08-12 19:55 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-08-12 19:55 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-08-12 19:55 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-08-12 19:55 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-08-12 19:55 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2015-08-12 19:55 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-08-12 19:55 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2015-08-12 19:55 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2015-08-12 19:55 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-08-12 19:55 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2015-08-12 19:55 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2015-08-12 19:53 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-08-12 19:53 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-08-12 19:53 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-08-12 19:53 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-08-12 19:53 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-08-12 19:53 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-08-12 19:53 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-08-12 19:53 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-08-12 19:53 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2015-08-12 19:53 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-08-12 19:53 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-08-12 19:53 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-08-12 19:53 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2015-08-12 19:53 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2015-08-12 19:53 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2015-08-12 19:53 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2015-08-12 19:53 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2015-08-12 19:53 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2015-08-12 19:52 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2015-08-12 19:52 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-08-12 19:52 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-08-12 19:52 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-08-12 19:52 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-08-12 19:52 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2015-08-12 19:52 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-08-12 19:52 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-08-12 19:52 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-08-12 19:52 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-08-12 19:52 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-08-12 19:52 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-08-12 19:52 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-08-12 19:52 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-08-12 19:52 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-08-12 19:52 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-08-12 19:52 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-08-12 19:52 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-08-12 19:52 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-08-12 19:52 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-08-12 19:52 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-08-12 19:52 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-08-12 19:52 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-08-12 19:52 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-08-12 19:52 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-08-12 19:52 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-08-12 19:52 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-08-12 19:52 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-08-12 19:52 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe 2015-08-12 19:52 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2015-08-12 19:52 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe 2015-08-12 19:52 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2015-08-11 20:55 - 2015-08-18 21:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak 2015-08-10 19:37 - 2015-08-10 19:38 - 01062832 _____ C:\Windows\Minidump\081015-25708-01.dmp 2015-07-28 18:40 - 2015-07-28 18:40 - 00003518 _____ C:\Windows\System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 2015-07-28 18:40 - 2015-07-28 18:40 - 00000000 ____D C:\Program Files\Common Files\AV ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-27 19:49 - 2012-09-19 12:49 - 00000000 ____D C:\Users\***** 2015-08-27 19:44 - 2015-05-19 17:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2015-08-27 19:40 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-27 19:40 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-08-27 19:31 - 2012-09-12 12:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-08-27 19:17 - 2015-06-22 21:57 - 00001214 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2015-08-27 19:17 - 2014-12-24 09:42 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-27 19:16 - 2014-05-26 22:40 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-08-27 06:04 - 2014-12-24 09:42 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-27 02:50 - 2012-09-12 12:04 - 01419268 _____ C:\Windows\WindowsUpdate.log 2015-08-26 22:16 - 2012-11-24 03:59 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc 2015-08-26 20:16 - 2015-06-22 21:57 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2015-08-26 17:16 - 2012-09-12 12:35 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup 2015-08-26 17:14 - 2010-11-21 08:50 - 00699666 _____ C:\Windows\system32\perfh007.dat 2015-08-26 17:14 - 2010-11-21 08:50 - 00149774 _____ C:\Windows\system32\perfc007.dat 2015-08-26 17:14 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-18 21:21 - 2012-09-19 13:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-08-15 23:21 - 2011-02-11 19:13 - 00000000 ____D C:\Windows\panther 2015-08-15 23:17 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT 2015-08-15 20:24 - 2009-07-14 06:51 - 00081327 _____ C:\Windows\setupact.log 2015-08-13 18:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2015-08-13 17:14 - 2015-06-22 22:30 - 00000000 ___RD C:\Users\*****\Dropbox 2015-08-13 17:14 - 2015-06-22 21:57 - 00000000 ____D C:\Users\*****\AppData\Local\Dropbox 2015-08-13 17:14 - 2015-06-22 21:57 - 00000000 ____D C:\Program Files (x86)\Dropbox 2015-08-13 17:10 - 2012-09-12 12:43 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks 2015-08-13 17:10 - 2012-09-12 12:43 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks 2015-08-13 17:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-13 17:06 - 2010-11-21 05:47 - 01290020 _____ C:\Windows\PFRO.log 2015-08-13 05:59 - 2013-03-16 09:25 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-08-13 05:59 - 2013-03-16 09:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-08-13 05:59 - 2009-07-14 06:45 - 00415752 _____ C:\Windows\system32\FNTCACHE.DAT 2015-08-13 00:42 - 2014-12-24 08:36 - 00000000 ____D C:\Windows\system32\appraiser 2015-08-13 00:42 - 2014-05-06 20:00 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-08-12 22:58 - 2012-12-30 18:12 - 00000000 ____D C:\Users\*****\AppData\Roaming\dvdcss 2015-08-12 20:20 - 2013-03-16 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-08-12 20:17 - 2012-09-29 15:06 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-08-12 20:12 - 2009-07-14 04:34 - 00000510 _____ C:\Windows\win.ini 2015-08-12 20:11 - 2013-08-10 17:15 - 00000000 ____D C:\Windows\system32\MRT 2015-08-12 20:02 - 2012-09-27 17:56 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-08-12 19:31 - 2012-09-12 12:07 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-08-12 19:31 - 2012-09-12 12:07 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-08-12 19:31 - 2012-09-12 12:07 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-08-10 19:37 - 2015-05-13 11:13 - 928242780 _____ C:\Windows\MEMORY.DMP 2015-08-10 19:37 - 2014-07-08 19:14 - 00000000 ____D C:\Windows\Minidump ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2006-12-11 20:13 - 2006-12-11 20:13 - 0097336 _____ (Un4seen Developments) C:\Users\*****\AppData\Local\bass.dll 2006-12-11 20:13 - 2006-12-11 20:13 - 0013872 _____ (Un4seen Developments) C:\Users\*****\AppData\Local\basscd.dll 2007-08-13 18:46 - 2007-08-13 18:46 - 0102912 _____ (Albert L Faber) C:\Users\*****\AppData\Local\CDRip.dll 2012-09-22 22:49 - 2014-04-06 15:19 - 0035328 _____ () C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2007-01-18 22:09 - 2007-01-18 22:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\*****\AppData\Local\No23 Recorder.exe 2013-02-14 20:29 - 2015-01-31 09:52 - 0001473 _____ () C:\Users\*****\AppData\Local\RecConfig.xml Einige Dateien in TEMP: ==================== C:\Users\*****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxhms1y.dll C:\Users\*****\AppData\Local\Temp\jre-8u40-windows-au.exe C:\Users\*****\AppData\Local\Temp\vlc-2.2.1-win32.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-08-22 00:44 ==================== Ende von FRST.txt ============================ |
|
27.08.2015, 20:07
| #2 |
| | Eventuelles ProblemCode:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net Rootkit scan 2015-08-27 20:31:35 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD10 rev.01.0 931,51GB Running: Gmer-19357.exe; Driver: C:\Users\***\AppData\Local\Temp\kwdiipow.sys ---- User code sections - GMER 2.1 ---- .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1852] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000757d1401 2 bytes JMP 756fb20b C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1852] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000757d1419 2 bytes JMP 756fb336 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1852] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000757d1431 2 bytes JMP 75778f39 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1852] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000757d144a 2 bytes CALL 756d4885 C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1852] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000757d14dd 2 bytes JMP 75778832 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1852] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000757d14f5 2 bytes JMP 75778a08 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1852] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000757d150d 2 bytes JMP 75778728 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1852] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000757d1525 2 bytes JMP 75778af2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1852] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000757d153d 2 bytes JMP 756efc98 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1852] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000757d1555 2 bytes JMP 756f68df C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1852] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000757d156d 2 bytes JMP 75778ff1 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1852] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000757d1585 2 bytes JMP 75778b52 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1852] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000757d159d 2 bytes JMP 757786ec C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1852] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000757d15b5 2 bytes JMP 756efd31 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1852] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000757d15cd 2 bytes JMP 756fb2cc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1852] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000757d16b2 2 bytes JMP 75778eb4 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1852] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000757d16bd 2 bytes JMP 75778681 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000757d1401 2 bytes JMP 756fb20b C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2096] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000757d1419 2 bytes JMP 756fb336 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000757d1431 2 bytes JMP 75778f39 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000757d144a 2 bytes CALL 756d4885 C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2096] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000757d14dd 2 bytes JMP 75778832 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000757d14f5 2 bytes JMP 75778a08 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2096] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000757d150d 2 bytes JMP 75778728 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000757d1525 2 bytes JMP 75778af2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000757d153d 2 bytes JMP 756efc98 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2096] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000757d1555 2 bytes JMP 756f68df C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000757d156d 2 bytes JMP 75778ff1 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000757d1585 2 bytes JMP 75778b52 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2096] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000757d159d 2 bytes JMP 757786ec C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000757d15b5 2 bytes JMP 756efd31 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000757d15cd 2 bytes JMP 756fb2cc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000757d16b2 2 bytes JMP 75778eb4 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000757d16bd 2 bytes JMP 75778681 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2396] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000757d1401 2 bytes JMP 756fb20b C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2396] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000757d1419 2 bytes JMP 756fb336 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2396] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000757d1431 2 bytes JMP 75778f39 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2396] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000757d144a 2 bytes CALL 756d4885 C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2396] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000757d14dd 2 bytes JMP 75778832 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2396] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000757d14f5 2 bytes JMP 75778a08 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2396] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000757d150d 2 bytes JMP 75778728 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2396] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000757d1525 2 bytes JMP 75778af2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2396] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000757d153d 2 bytes JMP 756efc98 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2396] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000757d1555 2 bytes JMP 756f68df C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2396] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000757d156d 2 bytes JMP 75778ff1 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2396] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000757d1585 2 bytes JMP 75778b52 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2396] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000757d159d 2 bytes JMP 757786ec C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2396] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000757d15b5 2 bytes JMP 756efd31 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2396] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000757d15cd 2 bytes JMP 756fb2cc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2396] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000757d16b2 2 bytes JMP 75778eb4 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2396] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000757d16bd 2 bytes JMP 75778681 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[2596] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000757d1401 2 bytes JMP 756fb20b C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[2596] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000757d1419 2 bytes JMP 756fb336 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[2596] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000757d1431 2 bytes JMP 75778f39 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[2596] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000757d144a 2 bytes CALL 756d4885 C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[2596] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000757d14dd 2 bytes JMP 75778832 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[2596] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000757d14f5 2 bytes JMP 75778a08 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[2596] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000757d150d 2 bytes JMP 75778728 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[2596] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000757d1525 2 bytes JMP 75778af2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[2596] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000757d153d 2 bytes JMP 756efc98 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[2596] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000757d1555 2 bytes JMP 756f68df C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[2596] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000757d156d 2 bytes JMP 75778ff1 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[2596] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000757d1585 2 bytes JMP 75778b52 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[2596] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000757d159d 2 bytes JMP 757786ec C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[2596] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000757d15b5 2 bytes JMP 756efd31 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[2596] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000757d15cd 2 bytes JMP 756fb2cc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[2596] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000757d16b2 2 bytes JMP 75778eb4 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[2596] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000757d16bd 2 bytes JMP 75778681 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4008] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000757d1401 2 bytes JMP 756fb20b C:\Windows\syswow64\KERNEL32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4008] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000757d1419 2 bytes JMP 756fb336 C:\Windows\syswow64\KERNEL32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4008] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000757d1431 2 bytes JMP 75778f39 C:\Windows\syswow64\KERNEL32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4008] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000757d144a 2 bytes CALL 756d4885 C:\Windows\syswow64\KERNEL32.dll .text ... * 9 .text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4008] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000757d14dd 2 bytes JMP 75778832 C:\Windows\syswow64\KERNEL32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4008] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000757d14f5 2 bytes JMP 75778a08 C:\Windows\syswow64\KERNEL32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4008] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000757d150d 2 bytes JMP 75778728 C:\Windows\syswow64\KERNEL32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4008] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000757d1525 2 bytes JMP 75778af2 C:\Windows\syswow64\KERNEL32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4008] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000757d153d 2 bytes JMP 756efc98 C:\Windows\syswow64\KERNEL32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4008] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000757d1555 2 bytes JMP 756f68df C:\Windows\syswow64\KERNEL32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4008] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000757d156d 2 bytes JMP 75778ff1 C:\Windows\syswow64\KERNEL32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4008] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000757d1585 2 bytes JMP 75778b52 C:\Windows\syswow64\KERNEL32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4008] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000757d159d 2 bytes JMP 757786ec C:\Windows\syswow64\KERNEL32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4008] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000757d15b5 2 bytes JMP 756efd31 C:\Windows\syswow64\KERNEL32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4008] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000757d15cd 2 bytes JMP 756fb2cc C:\Windows\syswow64\KERNEL32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4008] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000757d16b2 2 bytes JMP 75778eb4 C:\Windows\syswow64\KERNEL32.dll .text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4008] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000757d16bd 2 bytes JMP 75778681 C:\Windows\syswow64\KERNEL32.dll .text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4976] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000757d1401 2 bytes JMP 756fb20b C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4976] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000757d1419 2 bytes JMP 756fb336 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4976] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000757d1431 2 bytes JMP 75778f39 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4976] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000757d144a 2 bytes CALL 756d4885 C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4976] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000757d14dd 2 bytes JMP 75778832 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4976] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000757d14f5 2 bytes JMP 75778a08 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4976] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000757d150d 2 bytes JMP 75778728 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4976] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000757d1525 2 bytes JMP 75778af2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4976] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000757d153d 2 bytes JMP 756efc98 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4976] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000757d1555 2 bytes JMP 756f68df C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4976] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000757d156d 2 bytes JMP 75778ff1 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4976] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000757d1585 2 bytes JMP 75778b52 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4976] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000757d159d 2 bytes JMP 757786ec C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4976] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000757d15b5 2 bytes JMP 756efd31 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4976] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000757d15cd 2 bytes JMP 756fb2cc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4976] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000757d16b2 2 bytes JMP 75778eb4 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4976] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000757d16bd 2 bytes JMP 75778681 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4080] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000757d1401 2 bytes JMP 756fb20b C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4080] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000757d1419 2 bytes JMP 756fb336 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4080] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000757d1431 2 bytes JMP 75778f39 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4080] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000757d144a 2 bytes CALL 756d4885 C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4080] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000757d14dd 2 bytes JMP 75778832 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4080] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000757d14f5 2 bytes JMP 75778a08 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4080] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000757d150d 2 bytes JMP 75778728 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4080] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000757d1525 2 bytes JMP 75778af2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4080] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000757d153d 2 bytes JMP 756efc98 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4080] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000757d1555 2 bytes JMP 756f68df C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4080] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000757d156d 2 bytes JMP 75778ff1 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4080] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000757d1585 2 bytes JMP 75778b52 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4080] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000757d159d 2 bytes JMP 757786ec C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4080] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000757d15b5 2 bytes JMP 756efd31 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4080] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000757d15cd 2 bytes JMP 756fb2cc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4080] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000757d16b2 2 bytes JMP 75778eb4 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4080] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000757d16bd 2 bytes JMP 75778681 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000757d1401 2 bytes JMP 756fb20b C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3972] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000757d1419 2 bytes JMP 756fb336 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000757d1431 2 bytes JMP 75778f39 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000757d144a 2 bytes CALL 756d4885 C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3972] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000757d14dd 2 bytes JMP 75778832 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000757d14f5 2 bytes JMP 75778a08 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3972] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000757d150d 2 bytes JMP 75778728 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000757d1525 2 bytes JMP 75778af2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000757d153d 2 bytes JMP 756efc98 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3972] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000757d1555 2 bytes JMP 756f68df C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000757d156d 2 bytes JMP 75778ff1 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000757d1585 2 bytes JMP 75778b52 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3972] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000757d159d 2 bytes JMP 757786ec C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000757d15b5 2 bytes JMP 756efd31 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000757d15cd 2 bytes JMP 756fb2cc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000757d16b2 2 bytes JMP 75778eb4 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000757d16bd 2 bytes JMP 75778681 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4924] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000757d1401 2 bytes JMP 756fb20b C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4924] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000757d1419 2 bytes JMP 756fb336 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4924] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000757d1431 2 bytes JMP 75778f39 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4924] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000757d144a 2 bytes CALL 756d4885 C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4924] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000757d14dd 2 bytes JMP 75778832 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4924] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000757d14f5 2 bytes JMP 75778a08 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4924] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000757d150d 2 bytes JMP 75778728 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4924] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000757d1525 2 bytes JMP 75778af2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4924] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000757d153d 2 bytes JMP 756efc98 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4924] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000757d1555 2 bytes JMP 756f68df C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4924] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000757d156d 2 bytes JMP 75778ff1 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4924] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000757d1585 2 bytes JMP 75778b52 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4924] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000757d159d 2 bytes JMP 757786ec C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4924] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000757d15b5 2 bytes JMP 756efd31 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4924] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000757d15cd 2 bytes JMP 756fb2cc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4924] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000757d16b2 2 bytes JMP 75778eb4 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4924] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000757d16bd 2 bytes JMP 75778681 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[5168] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExW + 17 00000000757d1401 2 bytes JMP 756fb20b C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[5168] C:\Windows\syswow64\Psapi.dll!EnumProcessModules + 17 00000000757d1419 2 bytes JMP 756fb336 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[5168] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 17 00000000757d1431 2 bytes JMP 75778f39 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[5168] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 42 00000000757d144a 2 bytes CALL 756d4885 C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[5168] C:\Windows\syswow64\Psapi.dll!EnumDeviceDrivers + 17 00000000757d14dd 2 bytes JMP 75778832 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[5168] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameA + 17 00000000757d14f5 2 bytes JMP 75778a08 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[5168] C:\Windows\syswow64\Psapi.dll!QueryWorkingSetEx + 17 00000000757d150d 2 bytes JMP 75778728 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[5168] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameW + 17 00000000757d1525 2 bytes JMP 75778af2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[5168] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameW + 17 00000000757d153d 2 bytes JMP 756efc98 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[5168] C:\Windows\syswow64\Psapi.dll!EnumProcesses + 17 00000000757d1555 2 bytes JMP 756f68df C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[5168] C:\Windows\syswow64\Psapi.dll!GetProcessMemoryInfo + 17 00000000757d156d 2 bytes JMP 75778ff1 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[5168] C:\Windows\syswow64\Psapi.dll!GetPerformanceInfo + 17 00000000757d1585 2 bytes JMP 75778b52 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[5168] C:\Windows\syswow64\Psapi.dll!QueryWorkingSet + 17 00000000757d159d 2 bytes JMP 757786ec C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[5168] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameA + 17 00000000757d15b5 2 bytes JMP 756efd31 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[5168] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExA + 17 00000000757d15cd 2 bytes JMP 756fb2cc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[5168] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 20 00000000757d16b2 2 bytes JMP 75778eb4 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[5168] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 31 00000000757d16bd 2 bytes JMP 75778681 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Browny02\BrYNSvc.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000757d1401 2 bytes JMP 756fb20b C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Browny02\BrYNSvc.exe[5400] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000757d1419 2 bytes JMP 756fb336 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Browny02\BrYNSvc.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000757d1431 2 bytes JMP 75778f39 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Browny02\BrYNSvc.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000757d144a 2 bytes CALL 756d4885 C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\Browny02\BrYNSvc.exe[5400] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000757d14dd 2 bytes JMP 75778832 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Browny02\BrYNSvc.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000757d14f5 2 bytes JMP 75778a08 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Browny02\BrYNSvc.exe[5400] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000757d150d 2 bytes JMP 75778728 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Browny02\BrYNSvc.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000757d1525 2 bytes JMP 75778af2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Browny02\BrYNSvc.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000757d153d 2 bytes JMP 756efc98 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Browny02\BrYNSvc.exe[5400] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000757d1555 2 bytes JMP 756f68df C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Browny02\BrYNSvc.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000757d156d 2 bytes JMP 75778ff1 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Browny02\BrYNSvc.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000757d1585 2 bytes JMP 75778b52 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Browny02\BrYNSvc.exe[5400] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000757d159d 2 bytes JMP 757786ec C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Browny02\BrYNSvc.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000757d15b5 2 bytes JMP 756efd31 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Browny02\BrYNSvc.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000757d15cd 2 bytes JMP 756fb2cc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Browny02\BrYNSvc.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000757d16b2 2 bytes JMP 75778eb4 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Browny02\BrYNSvc.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000757d16bd 2 bytes JMP 75778681 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\sua.exe[5760] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000757d1401 2 bytes JMP 756fb20b C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\sua.exe[5760] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000757d1419 2 bytes JMP 756fb336 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\sua.exe[5760] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000757d1431 2 bytes JMP 75778f39 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\sua.exe[5760] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000757d144a 2 bytes CALL 756d4885 C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\Secunia\PSI\sua.exe[5760] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000757d14dd 2 bytes JMP 75778832 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\sua.exe[5760] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000757d14f5 2 bytes JMP 75778a08 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\sua.exe[5760] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000757d150d 2 bytes JMP 75778728 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\sua.exe[5760] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000757d1525 2 bytes JMP 75778af2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\sua.exe[5760] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000757d153d 2 bytes JMP 756efc98 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\sua.exe[5760] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000757d1555 2 bytes JMP 756f68df C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\sua.exe[5760] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000757d156d 2 bytes JMP 75778ff1 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\sua.exe[5760] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000757d1585 2 bytes JMP 75778b52 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\sua.exe[5760] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000757d159d 2 bytes JMP 757786ec C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\sua.exe[5760] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000757d15b5 2 bytes JMP 756efd31 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\sua.exe[5760] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000757d15cd 2 bytes JMP 756fb2cc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\sua.exe[5760] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000757d16b2 2 bytes JMP 75778eb4 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Secunia\PSI\sua.exe[5760] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000757d16bd 2 bytes JMP 75778681 C:\Windows\syswow64\kernel32.dll ---- Processes - GMER 2.1 ---- Library c:\users\***\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkzovoc.dll (*** suspicious ***) @ C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5168](2015-08-27 18:16:47) 0000000070b00000 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\685d43e3102e Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\685d43e3102e (not active ControlSet) ---- EOF - GMER 2.1 ---- Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Update, 27.08.2015 00:33, SYSTEM, ****-PC, Scheduler, Malware Database, 2015.8.26.8, 2015.8.26.9, Protection, 27.08.2015 00:33, SYSTEM, ****-PC, Protection, Refresh, Starting, Protection, 27.08.2015 00:33, SYSTEM, ****-PC, Protection, Malicious Website Protection, Stopping, Protection, 27.08.2015 00:33, SYSTEM, ****-PC, Protection, Malicious Website Protection, Stopped, Protection, 27.08.2015 00:34, SYSTEM, ****-PC, Protection, Refresh, Success, Protection, 27.08.2015 00:34, SYSTEM, ****-PC, Protection, Malicious Website Protection, Starting, Protection, 27.08.2015 00:34, SYSTEM, ****-PC, Protection, Malicious Website Protection, Started, Update, 27.08.2015 01:37, SYSTEM, ****-PC, Scheduler, AKA IP Database, 2015.8.25.1, 2015.8.26.1, Update, 27.08.2015 01:37, SYSTEM, ****-PC, Scheduler, AKA Domain Database, 2015.8.26.1, 2015.8.26.2, Protection, 27.08.2015 01:37, SYSTEM, ****-PC, Protection, Refresh, Starting, Protection, 27.08.2015 01:37, SYSTEM, ****-PC, Protection, Malicious Website Protection, Stopping, Protection, 27.08.2015 01:37, SYSTEM, ****-PC, Protection, Malicious Website Protection, Stopped, Protection, 27.08.2015 01:38, SYSTEM, ****-PC, Protection, Refresh, Success, Protection, 27.08.2015 01:38, SYSTEM, ****-PC, Protection, Malicious Website Protection, Starting, Protection, 27.08.2015 01:38, SYSTEM, ****-PC, Protection, Malicious Website Protection, Started, Update, 27.08.2015 05:36, SYSTEM, ****-PC, Scheduler, AKA Domain Database, 2015.8.26.2, 2015.8.27.1, Protection, 27.08.2015 05:36, SYSTEM, ****-PC, Protection, Refresh, Starting, Protection, 27.08.2015 05:36, SYSTEM, ****-PC, Protection, Malicious Website Protection, Stopping, Protection, 27.08.2015 05:36, SYSTEM, ****-PC, Protection, Malicious Website Protection, Stopped, Protection, 27.08.2015 05:36, SYSTEM, ****-PC, Protection, Refresh, Success, Protection, 27.08.2015 05:36, SYSTEM, ****-PC, Protection, Malicious Website Protection, Starting, Protection, 27.08.2015 05:36, SYSTEM, ****-PC, Protection, Malicious Website Protection, Started, Update, 27.08.2015 06:21, SYSTEM, ****-PC, Scheduler, Malware Database, 2015.8.26.9, 2015.8.27.1, Protection, 27.08.2015 06:21, SYSTEM, ****-PC, Protection, Refresh, Starting, Protection, 27.08.2015 06:21, SYSTEM, ****-PC, Protection, Malicious Website Protection, Stopping, Protection, 27.08.2015 06:21, SYSTEM, ****-PC, Protection, Malicious Website Protection, Stopped, Protection, 27.08.2015 06:21, SYSTEM, ****-PC, Protection, Refresh, Success, Update, 27.08.2015 19:16, SYSTEM, ****-PC, Scheduler, Malware Database, 2015.8.27.1, 2015.8.27.4, Protection, 27.08.2015 19:16, SYSTEM, ****-PC, Protection, Refresh, Starting, Protection, 27.08.2015 19:18, SYSTEM, ****-PC, Protection, Refresh, Success, Protection, 27.08.2015 19:18, SYSTEM, ****-PC, Protection, Malicious Website Protection, Starting, Protection, 27.08.2015 19:18, SYSTEM, ****-PC, Protection, Malicious Website Protection, Started, Protection, 27.08.2015 20:05, SYSTEM, ****-PC, Protection, Malicious Website Protection, Stopping, Protection, 27.08.2015 20:05, SYSTEM, ****-PC, Protection, Malicious Website Protection, Stopped, Protection, 27.08.2015 20:05, SYSTEM, ****-PC, Protection, Malware Protection, Stopping, Protection, 27.08.2015 20:05, SYSTEM, ****-PC, Protection, Malware Protection, Stopped, Protection, 27.08.2015 20:16, SYSTEM, ****-PC, Protection, Malware Protection, Starting, Protection, 27.08.2015 20:16, SYSTEM, ****-PC, Protection, Malware Protection, Started, Protection, 27.08.2015 20:16, SYSTEM, ****-PC, Protection, Malicious Website Protection, Starting, Protection, 27.08.2015 20:16, SYSTEM, ****-PC, Protection, Malicious Website Protection, Started, (end) Ich danke euch für eure Unterstützung  Sandra |
|
28.08.2015, 06:25
| #3 |
| /// the machine /// TB-Ausbilder    | Eventuelles Problem hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
28.08.2015, 17:24
| #4 |
| | Eventuelles Problem Hallo Schrauber, mbar funktioniert nicht  Ich bekommen folgende Fehlermeldung:DDA driver was not installed which may be caused by rootkit activity. Do you want to reboot the computer to install DDA driver (Scan will continue after reboot)? Wenn ich ja drücke kommt: Could not install driver on boot. Scan can´t continue. Was kann ich da machen um den Scan zum Laufen zu kriegen? LG Sandra |
|
29.08.2015, 10:15
| #5 |
| /// the machine /// TB-Ausbilder | Eventuelles Problem Lass MBAR weg und mach direkt TDSSKiller
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.08.2015, 17:32
| #6 |
| | Eventuelles Problem Hallo, hier das Ergebnis: Code:
ATTFilter 18:19:58.0990 0x29ec TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
18:20:06.0505 0x29ec ============================================================
18:20:06.0505 0x29ec Current date / time: 2015/08/30 18:20:06.0505
18:20:06.0505 0x29ec SystemInfo:
18:20:06.0505 0x29ec
18:20:06.0506 0x29ec OS Version: 6.1.7601 ServicePack: 1.0
18:20:06.0506 0x29ec Product type: Workstation
18:20:06.0506 0x29ec ComputerName: ****-PC
18:20:06.0506 0x29ec UserName: ****
18:20:06.0506 0x29ec Windows directory: C:\Windows
18:20:06.0506 0x29ec System windows directory: C:\Windows
18:20:06.0506 0x29ec Running under WOW64
18:20:06.0506 0x29ec Processor architecture: Intel x64
18:20:06.0506 0x29ec Number of processors: 8
18:20:06.0506 0x29ec Page size: 0x1000
18:20:06.0506 0x29ec Boot type: Normal boot
18:20:06.0506 0x29ec ============================================================
18:20:07.0298 0x29ec KLMD registered as C:\Windows\system32\drivers\56156673.sys
18:20:08.0055 0x29ec System UUID: {AD1C37D6-215F-5791-5F61-82C075B5F914}
18:20:08.0935 0x29ec Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:20:08.0939 0x29ec ============================================================
18:20:08.0939 0x29ec \Device\Harddisk0\DR0:
18:20:08.0939 0x29ec MBR partitions:
18:20:08.0939 0x29ec \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x279F000
18:20:08.0940 0x29ec \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x27B3000, BlocksNum 0x71F53000
18:20:08.0940 0x29ec ============================================================
18:20:08.0974 0x29ec C: <-> \Device\Harddisk0\DR0\Partition2
18:20:08.0975 0x29ec ============================================================
18:20:08.0975 0x29ec Initialize success
18:20:08.0975 0x29ec ============================================================
18:21:07.0726 0x2940 ============================================================
18:21:07.0727 0x2940 Scan started
18:21:07.0727 0x2940 Mode: Manual; SigCheck; TDLFS;
18:21:07.0727 0x2940 ============================================================
18:21:07.0727 0x2940 KSN ping started
18:21:10.0630 0x2940 KSN ping finished: true
18:21:12.0244 0x2940 ================ Scan system memory ========================
18:21:12.0244 0x2940 System memory - ok
18:21:12.0244 0x2940 ================ Scan services =============================
18:21:12.0512 0x2940 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:21:12.0915 0x2940 1394ohci - ok
18:21:12.0974 0x2940 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:21:12.0992 0x2940 ACPI - ok
18:21:13.0014 0x2940 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:21:13.0077 0x2940 AcpiPmi - ok
18:21:13.0248 0x2940 [ 1474F121C3DF1232D3E7239C03691EE6, 26D0F55010CB7C51269D94ECB5C5AA94802607685B9E9791A78B643C6227214F ] AdobeActiveFileMonitor9.0 c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
18:21:13.0274 0x2940 AdobeActiveFileMonitor9.0 - ok
18:21:13.0493 0x2940 [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:21:13.0502 0x2940 AdobeARMservice - ok
18:21:13.0664 0x2940 [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:21:13.0679 0x2940 AdobeFlashPlayerUpdateSvc - ok
18:21:13.0720 0x2940 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:21:13.0737 0x2940 adp94xx - ok
18:21:13.0771 0x2940 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:21:13.0784 0x2940 adpahci - ok
18:21:13.0828 0x2940 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:21:13.0839 0x2940 adpu320 - ok
18:21:13.0873 0x2940 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:21:13.0898 0x2940 AeLookupSvc - ok
18:21:14.0060 0x2940 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
18:21:14.0125 0x2940 AFD - ok
18:21:14.0150 0x2940 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
18:21:14.0159 0x2940 agp440 - ok
18:21:14.0203 0x2940 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:21:14.0290 0x2940 ALG - ok
18:21:14.0343 0x2940 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
18:21:14.0360 0x2940 aliide - ok
18:21:14.0437 0x2940 [ 6B86F165C7D518CDB70804D82AC3ACD5, AB267026E9141B37133527ED5D2E0A5A344C5DD1785E29377EE4F1BF733F6AE6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:21:14.0559 0x2940 AMD External Events Utility - ok
18:21:14.0596 0x2940 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
18:21:14.0606 0x2940 amdide - ok
18:21:14.0639 0x2940 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:21:14.0656 0x2940 AmdK8 - ok
18:21:15.0128 0x2940 [ 116176D9B55DDA2C5494DF5611E246A7, 423963967787EFFDA585F8F299E57178B55CCCDCFFE727CB499F5F54538CB398 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:21:15.0420 0x2940 amdkmdag - ok
18:21:15.0530 0x2940 [ 29A5ACBF46308BD283A5F0D93C4686B5, D10B662A22C89F95E84E156C07ABAF175F8A71F4EC2DC7FAE4B41D18F30C8BD5 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:21:15.0587 0x2940 amdkmdap - ok
18:21:15.0634 0x2940 [ FFCB1F4FEAC8AB77887031F8AD0D7C06, 59C95E0B6560A0A5B90090152814A996CBDE11DD461328BDB3ECD4F8D6BFA8E5 ] amdkmpfd C:\Windows\system32\DRIVERS\amdkmpfd.sys
18:21:15.0675 0x2940 amdkmpfd - ok
18:21:15.0704 0x2940 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:21:15.0733 0x2940 AmdPPM - ok
18:21:15.0751 0x2940 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:21:15.0761 0x2940 amdsata - ok
18:21:15.0792 0x2940 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:21:15.0803 0x2940 amdsbs - ok
18:21:15.0817 0x2940 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:21:15.0825 0x2940 amdxata - ok
18:21:15.0868 0x2940 [ 449D90F1FB6402773C2F1ECCEAE15F74, D432D3F9D9AD14C70324B13C0A82A5BADC0EA4927B2E49B8BC31A5DEE6440374 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
18:21:15.0914 0x2940 AMPPAL - ok
18:21:15.0946 0x2940 [ 449D90F1FB6402773C2F1ECCEAE15F74, D432D3F9D9AD14C70324B13C0A82A5BADC0EA4927B2E49B8BC31A5DEE6440374 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
18:21:15.0966 0x2940 AMPPALP - ok
18:21:16.0135 0x2940 [ AB6E5B9333101E414D8F04BC570064F1, 4BB20C0ECE2C655B8E3A40E8C69A7B6974B73D3585AEDF47A0C52582D17BDAF6 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
18:21:16.0162 0x2940 AMPPALR3 - ok
18:21:16.0231 0x2940 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
18:21:16.0271 0x2940 AppID - ok
18:21:16.0315 0x2940 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:21:16.0340 0x2940 AppIDSvc - ok
18:21:16.0387 0x2940 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
18:21:16.0431 0x2940 Appinfo - ok
18:21:16.0501 0x2940 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
18:21:16.0511 0x2940 arc - ok
18:21:16.0540 0x2940 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:21:16.0549 0x2940 arcsas - ok
18:21:16.0663 0x2940 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:21:16.0673 0x2940 aspnet_state - ok
18:21:16.0691 0x2940 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:21:16.0885 0x2940 AsyncMac - ok
18:21:16.0974 0x2940 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
18:21:16.0993 0x2940 atapi - ok
18:21:17.0183 0x2940 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:21:17.0233 0x2940 AudioEndpointBuilder - ok
18:21:17.0248 0x2940 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:21:17.0269 0x2940 AudioSrv - ok
18:21:17.0377 0x2940 [ 9845EF176613C9E325A1CA4B40925F69, B37EDAA45B5767F45CEA128799570B6F2084BA84E672B6FCEAF920296FD3AED6 ] avc3 C:\Windows\system32\DRIVERS\avc3.sys
18:21:17.0411 0x2940 avc3 - ok
18:21:17.0474 0x2940 [ A692B4E9773CD0BDCE99DEEB0AB5D3AC, 7DE2D61857E98D319D6BF66B12C6450E6C5F299EEB781AFA29473471E9ED504C ] avchv C:\Windows\system32\DRIVERS\avchv.sys
18:21:17.0487 0x2940 avchv - ok
18:21:17.0574 0x2940 [ 1B25E559C0AE349206641C9DED74D02F, 8E5210A98B2950C0B7086EF08E0E49D4F05933F5FB98F852614E5E5083731438 ] avckf C:\Windows\system32\DRIVERS\avckf.sys
18:21:17.0596 0x2940 avckf - ok
18:21:17.0877 0x2940 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:21:17.0931 0x2940 AxInstSV - ok
18:21:18.0005 0x2940 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:21:18.0065 0x2940 b06bdrv - ok
18:21:18.0089 0x2940 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:21:18.0113 0x2940 b57nd60a - ok
18:21:18.0372 0x2940 [ E0C17C5C39FD44DFA677C0A117C65E5C, 474EB9398E7FBA70FF6BA47B102EDF0862D9B8991AC8ABAB2AA98A94F2302C52 ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe
18:21:18.0422 0x2940 BdDesktopParental - ok
18:21:18.0449 0x2940 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:21:18.0483 0x2940 BDESVC - ok
18:21:18.0582 0x2940 [ 9A9A632AA25D4B33BFA9D3202DEA0E87, 438FFDD092197BAFE86609D545E9218103F1BE25A49BF30C62E546BE3360C2CA ] BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
18:21:18.0592 0x2940 BdfNdisf - ok
18:21:18.0663 0x2940 [ EC80614A72BC7039D2B22E3DD6C15895, 932260AB126523428B884034162E3619E1B7FA13720F830783B592AAE825AC86 ] bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
18:21:18.0684 0x2940 bdfwfpf - ok
18:21:18.0733 0x2940 [ C0247341C1BCD7FF2742821D0AD7AFBC, EC2B246F3233302DB540394AC0F11F294CA16FB9E44110126CC9807BAC20EA35 ] bdfwfpf_pc C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys
18:21:18.0742 0x2940 bdfwfpf_pc - ok
18:21:18.0794 0x2940 [ 50F796CB1E8C80F3D19435CB50C3DAB5, 20CE5C1242F8D0DFEE13C8D07EF1A67F670A078BA44E810A3A042C6A060FACC9 ] BDVEDISK C:\Windows\system32\DRIVERS\bdvedisk.sys
18:21:18.0803 0x2940 BDVEDISK - ok
18:21:18.0845 0x2940 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:21:18.0885 0x2940 Beep - ok
18:21:18.0948 0x2940 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
18:21:18.0992 0x2940 BFE - ok
18:21:19.0064 0x2940 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
18:21:19.0593 0x2940 BITS - ok
18:21:19.0624 0x2940 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:21:19.0660 0x2940 blbdrive - ok
18:21:19.0828 0x2940 [ BC7E8D3CC0B41B027495E7ECF83D6C87, 62BB4B93CCBBF24E65182C3EE674E8D44166D4E6958909CE4539DD1E3BBFF690 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
18:21:19.0852 0x2940 Bluetooth Device Monitor - ok
18:21:19.0973 0x2940 [ EA1412DE64832ED9D920E88A9464196E, C60C9F44644AD44D713E56C3137DFE21349CFFDB92A72379E14098BAC132F31B ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
18:21:20.0003 0x2940 Bluetooth Media Service - ok
18:21:20.0129 0x2940 [ 0D14E1675A8C34229E6162558487D65B, 246C420D7575D419CA1E9DD651D3E55C5C0AE3C8319C1A1E7C5FBB6240AC34CE ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
18:21:20.0154 0x2940 Bluetooth OBEX Service - ok
18:21:20.0196 0x2940 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:21:20.0242 0x2940 bowser - ok
18:21:20.0310 0x2940 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:21:20.0335 0x2940 BrFiltLo - ok
18:21:20.0354 0x2940 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:21:20.0375 0x2940 BrFiltUp - ok
18:21:20.0476 0x2940 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
18:21:20.0505 0x2940 BridgeMP - ok
18:21:20.0556 0x2940 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
18:21:20.0596 0x2940 Browser - ok
18:21:20.0666 0x2940 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:21:20.0792 0x2940 Brserid - ok
18:21:20.0834 0x2940 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:21:20.0872 0x2940 BrSerWdm - ok
18:21:20.0889 0x2940 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:21:20.0904 0x2940 BrUsbMdm - ok
18:21:20.0924 0x2940 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:21:20.0946 0x2940 BrUsbSer - ok
18:21:21.0079 0x2940 [ 065818B8A2CD7F08D6DC8C598191548C, 08982EB22484ECCA1A7FD0C6A10E6D0BB09F624CEBC397C9B241C2D75C984C70 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
18:21:21.0108 0x2940 BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
18:21:23.0806 0x2940 Detect skipped due to KSN trusted
18:21:23.0806 0x2940 BrYNSvc - ok
18:21:23.0865 0x2940 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:21:23.0899 0x2940 BthEnum - ok
18:21:23.0920 0x2940 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:21:23.0952 0x2940 BTHMODEM - ok
18:21:23.0992 0x2940 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:21:24.0028 0x2940 BthPan - ok
18:21:24.0067 0x2940 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:21:24.0097 0x2940 BTHPORT - ok
18:21:24.0121 0x2940 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:21:24.0164 0x2940 bthserv - ok
18:21:24.0178 0x2940 [ 588762F716C2B7A2054AFBC3D58E5C21, CD44B0200B2E0A81073563BE84ECF9C092F4B5E9DC166A8F0690D6272913CCB7 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
18:21:24.0187 0x2940 BTHSSecurityMgr - ok
18:21:24.0222 0x2940 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:21:24.0251 0x2940 BTHUSB - ok
18:21:24.0320 0x2940 [ 3676BEAA7D842047D30E95D59B241F22, 615C42D93C8D2A682C067AB6894042C2BB6EC3F75CC2FF2C3A1E2BB7E8B327EA ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
18:21:24.0398 0x2940 btmaux - ok
18:21:24.0428 0x2940 [ FA0E7B5AFB8FD335234916764A2D6CF9, 6BEEB2130FD4B6A13870A0360D46173784F9E22E5A7A1F232FEBCE68B34B956F ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
18:21:24.0489 0x2940 btmhsf - ok
18:21:24.0511 0x2940 catchme - ok
18:21:24.0542 0x2940 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:21:24.0582 0x2940 cdfs - ok
18:21:24.0620 0x2940 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:21:24.0664 0x2940 cdrom - ok
18:21:24.0689 0x2940 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
18:21:24.0742 0x2940 CertPropSvc - ok
18:21:24.0749 0x2940 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
18:21:24.0771 0x2940 circlass - ok
18:21:24.0831 0x2940 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
18:21:24.0846 0x2940 CLFS - ok
18:21:24.0962 0x2940 [ FC9946B9121978E38943C2D20F129377, D64D2346CA840B76A50E126F98B6281A12499735712B134148FDA9BE33F8205D ] CLKMSVC10_9EC60124 C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe
18:21:24.0974 0x2940 CLKMSVC10_9EC60124 - ok
18:21:25.0062 0x2940 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:21:25.0076 0x2940 clr_optimization_v2.0.50727_32 - ok
18:21:25.0144 0x2940 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:21:25.0153 0x2940 clr_optimization_v2.0.50727_64 - ok
18:21:25.0223 0x2940 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:21:25.0249 0x2940 clr_optimization_v4.0.30319_32 - ok
18:21:25.0329 0x2940 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:21:25.0346 0x2940 clr_optimization_v4.0.30319_64 - ok
18:21:25.0404 0x2940 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:21:25.0433 0x2940 CmBatt - ok
18:21:25.0468 0x2940 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:21:25.0486 0x2940 cmdide - ok
18:21:25.0584 0x2940 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
18:21:25.0627 0x2940 CNG - ok
18:21:25.0741 0x2940 [ C563394A9E4F6A666CC663FDF03A7B05, 374E945C72AE6086CEA98794E5585C8837003C59AF73892F4102D9B1649C3752 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
18:21:25.0776 0x2940 CnxtHdAudService - ok
18:21:25.0825 0x2940 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:21:25.0834 0x2940 Compbatt - ok
18:21:25.0847 0x2940 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:21:25.0867 0x2940 CompositeBus - ok
18:21:25.0869 0x2940 COMSysApp - ok
18:21:26.0011 0x2940 [ F08C6020E57F5E5BF2FD034DB10BEDFB, 288EA64A57057EAD135685F2C46CA53BA0319EA28B7B7A2ECBE29E50ED807FCA ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
18:21:26.0024 0x2940 cphs - ok
18:21:26.0102 0x2940 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:21:26.0110 0x2940 crcdisk - ok
18:21:26.0197 0x2940 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:21:26.0242 0x2940 CryptSvc - ok
18:21:26.0285 0x2940 [ DF214BFF646880D0EB31BDC86136B29B, A641AB1FB7E8A5453584B5577587FF43E0C1F9EEAA2A931A1D8B8FAB3913414D ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
18:21:26.0322 0x2940 CtClsFlt - ok
18:21:26.0452 0x2940 [ 9A59DF2CA690019FEA3B265D5A7EB619, F15D51B3C78A213BA6D6FF7CEA58549673CEAFE97C0A6C90C93591637CE4D5B2 ] CxUtilSvc C:\Program Files\Conexant\SA3\CxUtilSvc.exe
18:21:26.0460 0x2940 CxUtilSvc - ok
18:21:26.0525 0x2940 dbupdate - ok
18:21:26.0527 0x2940 dbupdatem - ok
18:21:26.0575 0x2940 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:21:26.0619 0x2940 DcomLaunch - ok
18:21:26.0658 0x2940 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:21:26.0707 0x2940 defragsvc - ok
18:21:26.0778 0x2940 [ A97BD43C2628D7274C88A3B4CE785EFB, F85B074A291BC3D63DFD81EC39FBDB1EECDF86A33A1AB7580624EEAF6337DE63 ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
18:21:26.0800 0x2940 DellDigitalDelivery - detected UnsignedFile.Multi.Generic ( 1 )
18:21:29.0530 0x2940 Detect skipped due to KSN trusted
18:21:29.0530 0x2940 DellDigitalDelivery - ok
18:21:29.0558 0x2940 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:21:29.0584 0x2940 DfsC - ok
18:21:29.0650 0x2940 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
18:21:29.0659 0x2940 dg_ssudbus - ok
18:21:29.0747 0x2940 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:21:29.0788 0x2940 Dhcp - ok
18:21:30.0034 0x2940 [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
18:21:30.0107 0x2940 DiagTrack - ok
18:21:30.0167 0x2940 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:21:30.0210 0x2940 discache - ok
18:21:30.0245 0x2940 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
18:21:30.0254 0x2940 Disk - ok
18:21:30.0330 0x2940 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:21:30.0430 0x2940 Dnscache - ok
18:21:30.0482 0x2940 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
18:21:30.0518 0x2940 dot3svc - ok
18:21:30.0583 0x2940 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
18:21:30.0614 0x2940 DPS - ok
18:21:30.0775 0x2940 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:21:30.0844 0x2940 drmkaud - ok
18:21:30.0903 0x2940 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:21:30.0928 0x2940 DXGKrnl - ok
18:21:30.0969 0x2940 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:21:30.0997 0x2940 EapHost - ok
18:21:31.0166 0x2940 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:21:31.0279 0x2940 ebdrv - ok
18:21:31.0344 0x2940 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] EFS C:\Windows\System32\lsass.exe
18:21:31.0418 0x2940 EFS - ok
18:21:31.0551 0x2940 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:21:31.0732 0x2940 ehRecvr - ok
18:21:31.0785 0x2940 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
18:21:31.0807 0x2940 ehSched - ok
18:21:31.0925 0x2940 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:21:31.0949 0x2940 elxstor - ok
18:21:31.0974 0x2940 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:21:31.0999 0x2940 ErrDev - ok
18:21:32.0150 0x2940 [ 3B1F66A4E400D7ACF90D233D47DE6C7E, 90F6AE39FF0798AEFAF26DAD44EF06CB59BD6A0FAD0599FC60A7F8F938E9137F ] ETD C:\Windows\system32\DRIVERS\ETD.sys
18:21:32.0160 0x2940 ETD - ok
18:21:32.0205 0x2940 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:21:32.0245 0x2940 EventSystem - ok
18:21:32.0544 0x2940 [ 64D25284A4E9D11CA0722AF3F30FD970, C7C40CA8AC444F7B0F88086396C17316348480EBA09109222897B5A42AD655DF ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:21:32.0570 0x2940 EvtEng - ok
18:21:32.0726 0x2940 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:21:32.0779 0x2940 exfat - ok
18:21:32.0810 0x2940 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:21:32.0855 0x2940 fastfat - ok
18:21:32.0892 0x2940 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
18:21:32.0998 0x2940 Fax - ok
18:21:33.0026 0x2940 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
18:21:33.0057 0x2940 fdc - ok
18:21:33.0119 0x2940 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:21:33.0145 0x2940 fdPHost - ok
18:21:33.0193 0x2940 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:21:33.0259 0x2940 FDResPub - ok
18:21:33.0268 0x2940 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:21:33.0278 0x2940 FileInfo - ok
18:21:33.0288 0x2940 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:21:33.0323 0x2940 Filetrace - ok
18:21:33.0384 0x2940 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:21:33.0400 0x2940 flpydisk - ok
18:21:33.0422 0x2940 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:21:33.0435 0x2940 FltMgr - ok
18:21:33.0574 0x2940 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
18:21:33.0741 0x2940 FontCache - ok
18:21:33.0791 0x2940 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:21:33.0799 0x2940 FontCache3.0.0.0 - ok
18:21:33.0919 0x2940 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:21:33.0929 0x2940 FsDepends - ok
18:21:33.0943 0x2940 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:21:33.0952 0x2940 Fs_Rec - ok
18:21:34.0018 0x2940 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:21:34.0032 0x2940 fvevol - ok
18:21:34.0105 0x2940 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:21:34.0122 0x2940 gagp30kx - ok
18:21:34.0344 0x2940 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
18:21:34.0383 0x2940 gpsvc - ok
18:21:34.0530 0x2940 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:21:34.0539 0x2940 gupdate - ok
18:21:34.0597 0x2940 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:21:34.0613 0x2940 gupdatem - ok
18:21:34.0761 0x2940 [ 4250E0978FBC9B3C0D115CD26C5BA9F4, 5674E267D9053BDF185A73C689CB125EE70AE14C7F2D0E37718379F425EBDC01 ] gzflt C:\Windows\system32\DRIVERS\gzflt.sys
18:21:34.0771 0x2940 gzflt - ok
18:21:34.0793 0x2940 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:21:34.0808 0x2940 hcw85cir - ok
18:21:34.0922 0x2940 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:21:34.0961 0x2940 HdAudAddService - ok
18:21:34.0995 0x2940 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:21:35.0034 0x2940 HDAudBus - ok
18:21:35.0095 0x2940 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:21:35.0117 0x2940 HidBatt - ok
18:21:35.0128 0x2940 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:21:35.0150 0x2940 HidBth - ok
18:21:35.0165 0x2940 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
18:21:35.0179 0x2940 HidIr - ok
18:21:35.0270 0x2940 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
18:21:35.0319 0x2940 hidserv - ok
18:21:35.0369 0x2940 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:21:35.0411 0x2940 HidUsb - ok
18:21:35.0462 0x2940 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:21:35.0495 0x2940 hkmsvc - ok
18:21:35.0571 0x2940 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:21:35.0603 0x2940 HomeGroupListener - ok
18:21:35.0657 0x2940 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:21:35.0721 0x2940 HomeGroupProvider - ok
18:21:35.0771 0x2940 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:21:35.0780 0x2940 HpSAMD - ok
18:21:35.0872 0x2940 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:21:35.0923 0x2940 HTTP - ok
18:21:35.0957 0x2940 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:21:35.0965 0x2940 hwpolicy - ok
18:21:35.0994 0x2940 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:21:36.0005 0x2940 i8042prt - ok
18:21:36.0055 0x2940 [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor C:\Windows\system32\drivers\iaStor.sys
18:21:36.0072 0x2940 iaStor - ok
18:21:36.0206 0x2940 [ 545462D0DBE24AF379BA869B7C185CCD, 056F9D0D5FD4FEF37665A35A4029722FF60D02A69854E952DC361CC0E5CD26F9 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:21:36.0213 0x2940 IAStorDataMgrSvc - ok
18:21:36.0294 0x2940 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:21:36.0309 0x2940 iaStorV - ok
18:21:36.0400 0x2940 [ 653A38B868A5F20BB506AB57AC41B936, 041DDE862826586CE30F28F4BAE43CCF2079375767B3BA77543FEC5772E5644A ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
18:21:36.0478 0x2940 ibtfltcoex - ok
18:21:36.0584 0x2940 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:21:36.0607 0x2940 idsvc - ok
18:21:36.0622 0x2940 IEEtwCollectorService - ok
18:21:36.0642 0x2940 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:21:36.0650 0x2940 iirsp - ok
18:21:36.0784 0x2940 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
18:21:36.0879 0x2940 IKEEXT - ok
18:21:36.0959 0x2940 [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
18:21:36.0983 0x2940 IntcDAud - ok
18:21:37.0128 0x2940 [ 7C76466F4E0F76CE259C6005D161E9E8, 19F3CCC3A86B68DB70B7608F9ED33746518F5B2450E5BAF9581127CE7A9AA5D2 ] Intel(R) Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
18:21:37.0169 0x2940 Intel(R) Capability Licensing Service Interface - ok
18:21:37.0234 0x2940 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
18:21:37.0251 0x2940 intelide - ok
18:21:37.0906 0x2940 [ 371D7F91C0D2314EB984A4A6CBEABC92, DD4B04308596C1E6C75B8772D4421137F3A83285DBCFD4DF54166D2B0B45A317 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
18:21:38.0190 0x2940 intelkmd - ok
18:21:38.0225 0x2940 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:21:38.0248 0x2940 intelppm - ok
18:21:38.0267 0x2940 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:21:38.0294 0x2940 IPBusEnum - ok
18:21:38.0302 0x2940 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:21:38.0365 0x2940 IpFilterDriver - ok
18:21:38.0425 0x2940 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:21:38.0463 0x2940 iphlpsvc - ok
18:21:38.0477 0x2940 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:21:38.0488 0x2940 IPMIDRV - ok
18:21:38.0510 0x2940 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:21:38.0542 0x2940 IPNAT - ok
18:21:38.0562 0x2940 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:21:38.0592 0x2940 IRENUM - ok
18:21:38.0606 0x2940 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:21:38.0614 0x2940 isapnp - ok
18:21:38.0659 0x2940 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:21:38.0687 0x2940 iScsiPrt - ok
18:21:38.0768 0x2940 [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
18:21:38.0784 0x2940 iusb3hcs - ok
18:21:38.0823 0x2940 [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
18:21:38.0836 0x2940 iusb3hub - ok
18:21:38.0871 0x2940 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
18:21:38.0892 0x2940 iusb3xhc - ok
18:21:38.0958 0x2940 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:21:38.0980 0x2940 kbdclass - ok
18:21:38.0999 0x2940 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:21:39.0023 0x2940 kbdhid - ok
18:21:39.0038 0x2940 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] KeyIso C:\Windows\system32\lsass.exe
18:21:39.0048 0x2940 KeyIso - ok
18:21:39.0090 0x2940 [ 67A1743377EBB5D9A370A8C2086CFDCC, 2F0FD6C1969B1EEEEFFC1A8F972E1E90F1AD9558FF00EC159BC19ED927FD4BF5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:21:39.0099 0x2940 KSecDD - ok
18:21:39.0111 0x2940 [ 522A1595D5701800DD41B2D472F5AAED, B62924AE94A5AC454AD6057BC133D717BB1C6445BE36D6BECAB76E1600F60C33 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:21:39.0121 0x2940 KSecPkg - ok
18:21:39.0137 0x2940 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:21:39.0162 0x2940 ksthunk - ok
18:21:39.0207 0x2940 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:21:39.0249 0x2940 KtmRm - ok
18:21:39.0282 0x2940 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
18:21:39.0337 0x2940 LanmanServer - ok
18:21:39.0415 0x2940 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:21:39.0457 0x2940 LanmanWorkstation - ok
18:21:39.0503 0x2940 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:21:39.0569 0x2940 lltdio - ok
18:21:39.0636 0x2940 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:21:39.0689 0x2940 lltdsvc - ok
18:21:39.0701 0x2940 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:21:39.0727 0x2940 lmhosts - ok
18:21:39.0875 0x2940 [ 5C08357C65F658E29B5DDC2EF18D575C, 80802787D7CD07BFB4F2EEE463837FB0CBB3626A2D5451B32794DB66A3CC3D98 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:21:39.0899 0x2940 LMS - ok
18:21:39.0915 0x2940 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:21:39.0932 0x2940 LSI_FC - ok
18:21:39.0960 0x2940 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:21:39.0970 0x2940 LSI_SAS - ok
18:21:39.0997 0x2940 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:21:40.0007 0x2940 LSI_SAS2 - ok
18:21:40.0029 0x2940 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:21:40.0039 0x2940 LSI_SCSI - ok
18:21:40.0049 0x2940 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:21:40.0103 0x2940 luafv - ok
18:21:40.0152 0x2940 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:21:40.0160 0x2940 MBAMProtector - ok
18:21:40.0345 0x2940 [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
18:21:40.0474 0x2940 MBAMScheduler - ok
18:21:40.0578 0x2940 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
18:21:40.0609 0x2940 MBAMService - ok
18:21:40.0705 0x2940 [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
18:21:40.0725 0x2940 MBAMSwissArmy - ok
18:21:40.0772 0x2940 [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
18:21:40.0790 0x2940 MBAMWebAccessControl - ok
18:21:40.0816 0x2940 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:21:40.0828 0x2940 Mcx2Svc - ok
18:21:40.0851 0x2940 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
18:21:40.0859 0x2940 megasas - ok
18:21:40.0897 0x2940 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:21:40.0909 0x2940 MegaSR - ok
18:21:40.0965 0x2940 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:21:40.0975 0x2940 MEIx64 - ok
18:21:41.0013 0x2940 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:21:41.0050 0x2940 MMCSS - ok
18:21:41.0074 0x2940 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:21:41.0100 0x2940 Modem - ok
18:21:41.0117 0x2940 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:21:41.0143 0x2940 monitor - ok
18:21:41.0174 0x2940 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:21:41.0182 0x2940 mouclass - ok
18:21:41.0214 0x2940 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:21:41.0261 0x2940 mouhid - ok
18:21:41.0287 0x2940 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:21:41.0296 0x2940 mountmgr - ok
18:21:41.0347 0x2940 [ 2E1F005987F6C31ADE25B67C2D172DF6, 7DDEA05F80158FECCF37A31F056D04E8E76115B178557450056DEC516D3027C8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:21:41.0362 0x2940 MozillaMaintenance - ok
18:21:41.0410 0x2940 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:21:41.0420 0x2940 mpio - ok
18:21:41.0436 0x2940 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:21:41.0471 0x2940 mpsdrv - ok
18:21:41.0513 0x2940 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:21:41.0568 0x2940 MpsSvc - ok
18:21:41.0620 0x2940 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:21:41.0656 0x2940 MRxDAV - ok
18:21:41.0700 0x2940 [ B2081803D510DCE174992BA880EDCA70, 37DB53C9756EC03EB7165DEB58251615D70B7C86DF32A54DE25ADAF30A04D792 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:21:41.0745 0x2940 mrxsmb - ok
18:21:41.0813 0x2940 [ 552FA62B0EFECD22D8D52499324BCA4F, C3A02C9C30C36928AC7B1025496544967187A05BEF5D100B54F2C0155E47145C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:21:41.0832 0x2940 mrxsmb10 - ok
18:21:41.0882 0x2940 [ 97687971F9CB30E2633DE0F1296B9F61, 865DA87523E4C32D65D55D5475A5CDDFA10699780DA500E6D606384FB3BEB1BE ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:21:41.0903 0x2940 mrxsmb20 - ok
18:21:41.0944 0x2940 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
18:21:41.0953 0x2940 msahci - ok
18:21:42.0000 0x2940 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:21:42.0021 0x2940 msdsm - ok
18:21:42.0040 0x2940 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:21:42.0068 0x2940 MSDTC - ok
18:21:42.0114 0x2940 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:21:42.0172 0x2940 Msfs - ok
18:21:42.0189 0x2940 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:21:42.0241 0x2940 mshidkmdf - ok
18:21:42.0287 0x2940 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:21:42.0303 0x2940 msisadrv - ok
18:21:42.0333 0x2940 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:21:42.0375 0x2940 MSiSCSI - ok
18:21:42.0378 0x2940 msiserver - ok
18:21:42.0438 0x2940 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:21:42.0501 0x2940 MSKSSRV - ok
18:21:42.0537 0x2940 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:21:42.0591 0x2940 MSPCLOCK - ok
18:21:42.0631 0x2940 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:21:42.0672 0x2940 MSPQM - ok
18:21:42.0719 0x2940 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:21:42.0752 0x2940 MsRPC - ok
18:21:42.0829 0x2940 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:21:42.0847 0x2940 mssmbios - ok
18:21:42.0857 0x2940 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:21:42.0890 0x2940 MSTEE - ok
18:21:42.0907 0x2940 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:21:42.0916 0x2940 MTConfig - ok
18:21:42.0937 0x2940 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:21:42.0946 0x2940 Mup - ok
18:21:43.0014 0x2940 [ E3B58E3011B207C5289D11173B30E298, 68BDF7DE4FD5E38D33DBAD2A2E05E32BABA8BBD85DBC4364AF7CD62C54C6B539 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
18:21:43.0029 0x2940 MyWiFiDHCPDNS - ok
18:21:43.0128 0x2940 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
18:21:43.0193 0x2940 napagent - ok
18:21:43.0225 0x2940 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:21:43.0244 0x2940 NativeWifiP - ok
18:21:43.0349 0x2940 [ 9D1CCE440552500DED3A62F9D779CDB4, C6B3B1C891A8BA3F91CC1EC21919C4F80F4C9CAF88971AB6CA11F09820601EBD ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
18:21:43.0365 0x2940 NAUpdate - ok
18:21:43.0438 0x2940 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
18:21:43.0462 0x2940 NDIS - ok
18:21:43.0485 0x2940 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:21:43.0521 0x2940 NdisCap - ok
18:21:43.0531 0x2940 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:21:43.0556 0x2940 NdisTapi - ok
18:21:43.0586 0x2940 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:21:43.0612 0x2940 Ndisuio - ok
18:21:43.0640 0x2940 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:21:43.0674 0x2940 NdisWan - ok
18:21:43.0702 0x2940 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:21:43.0742 0x2940 NDProxy - ok
18:21:43.0762 0x2940 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:21:43.0809 0x2940 NetBIOS - ok
18:21:43.0892 0x2940 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:21:43.0958 0x2940 NetBT - ok
18:21:43.0975 0x2940 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] Netlogon C:\Windows\system32\lsass.exe
18:21:43.0997 0x2940 Netlogon - ok
18:21:44.0026 0x2940 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:21:44.0058 0x2940 Netman - ok
18:21:44.0142 0x2940 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:21:44.0159 0x2940 NetMsmqActivator - ok
18:21:44.0174 0x2940 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:21:44.0189 0x2940 NetPipeActivator - ok
18:21:44.0234 0x2940 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:21:44.0283 0x2940 netprofm - ok
18:21:44.0308 0x2940 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:21:44.0320 0x2940 NetTcpActivator - ok
18:21:44.0408 0x2940 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:21:44.0430 0x2940 NetTcpPortSharing - ok
18:21:44.0882 0x2940 [ B51E9AD4F4E4F8DBE0AB882756BC5DAB, 74E975F3BF39B360C466A0CEEEF545D1B814EE1AEFF6B2FCDD81A33FA276FBF3 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
18:21:45.0108 0x2940 NETwNs64 - ok
18:21:45.0163 0x2940 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:21:45.0171 0x2940 nfrd960 - ok
18:21:45.0234 0x2940 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:21:45.0275 0x2940 NlaSvc - ok
18:21:45.0478 0x2940 [ B9B72FAAAA41D59B73B88FE3DD737ED1, 050E741FB5313523340B19C9C168611222C4AE9A6084FE3E2F908A49EA909A29 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
18:21:45.0545 0x2940 NOBU - ok
18:21:45.0557 0x2940 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:21:45.0583 0x2940 Npfs - ok
18:21:45.0656 0x2940 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:21:45.0698 0x2940 nsi - ok
18:21:45.0725 0x2940 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:21:45.0751 0x2940 nsiproxy - ok
18:21:45.0848 0x2940 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:21:45.0893 0x2940 Ntfs - ok
18:21:45.0911 0x2940 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:21:45.0955 0x2940 Null - ok
18:21:45.0969 0x2940 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:21:45.0980 0x2940 nvraid - ok
18:21:46.0037 0x2940 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:21:46.0057 0x2940 nvstor - ok
18:21:46.0073 0x2940 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:21:46.0083 0x2940 nv_agp - ok
18:21:46.0134 0x2940 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:21:46.0145 0x2940 ohci1394 - ok
18:21:46.0225 0x2940 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:21:46.0246 0x2940 ose - ok
18:21:46.0552 0x2940 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:21:46.0646 0x2940 osppsvc - ok
18:21:46.0719 0x2940 OverwolfUpdaterService - ok
18:21:46.0766 0x2940 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:21:46.0805 0x2940 p2pimsvc - ok
18:21:46.0886 0x2940 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:21:46.0917 0x2940 p2psvc - ok
18:21:46.0944 0x2940 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
18:21:46.0975 0x2940 Parport - ok
18:21:46.0999 0x2940 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:21:47.0008 0x2940 partmgr - ok
18:21:47.0043 0x2940 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:21:47.0080 0x2940 PcaSvc - ok
18:21:47.0145 0x2940 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
18:21:47.0170 0x2940 pci - ok
18:21:47.0224 0x2940 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
18:21:47.0242 0x2940 pciide - ok
18:21:47.0275 0x2940 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:21:47.0286 0x2940 pcmcia - ok
18:21:47.0309 0x2940 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:21:47.0318 0x2940 pcw - ok
18:21:47.0414 0x2940 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:21:47.0461 0x2940 PEAUTH - ok
18:21:47.0622 0x2940 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:21:47.0654 0x2940 PerfHost - ok
18:21:47.0735 0x2940 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
18:21:47.0808 0x2940 pla - ok
18:21:47.0885 0x2940 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:21:47.0923 0x2940 PlugPlay - ok
18:21:47.0937 0x2940 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:21:47.0967 0x2940 PNRPAutoReg - ok
18:21:47.0985 0x2940 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:21:48.0002 0x2940 PNRPsvc - ok
18:21:48.0055 0x2940 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:21:48.0089 0x2940 PolicyAgent - ok
18:21:48.0123 0x2940 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll
18:21:48.0158 0x2940 Power - ok
18:21:48.0179 0x2940 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:21:48.0220 0x2940 PptpMiniport - ok
18:21:48.0232 0x2940 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
18:21:48.0249 0x2940 Processor - ok
18:21:48.0312 0x2940 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
18:21:48.0382 0x2940 ProfSvc - ok
18:21:48.0403 0x2940 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:21:48.0419 0x2940 ProtectedStorage - ok
18:21:48.0440 0x2940 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:21:48.0466 0x2940 Psched - ok
18:21:48.0516 0x2940 [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
18:21:48.0523 0x2940 PSI - ok
18:21:48.0562 0x2940 [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
18:21:48.0570 0x2940 PxHlpa64 - ok
18:21:48.0723 0x2940 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:21:48.0758 0x2940 ql2300 - ok
18:21:48.0792 0x2940 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:21:48.0802 0x2940 ql40xx - ok
18:21:48.0845 0x2940 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:21:48.0871 0x2940 QWAVE - ok
18:21:48.0904 0x2940 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:21:48.0974 0x2940 QWAVEdrv - ok
18:21:49.0010 0x2940 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:21:49.0035 0x2940 RasAcd - ok
18:21:49.0136 0x2940 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:21:49.0192 0x2940 RasAgileVpn - ok
18:21:49.0226 0x2940 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:21:49.0287 0x2940 RasAuto - ok
18:21:49.0321 0x2940 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:21:49.0445 0x2940 Rasl2tp - ok
18:21:49.0470 0x2940 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
18:21:49.0509 0x2940 RasMan - ok
18:21:49.0525 0x2940 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:21:49.0567 0x2940 RasPppoe - ok
18:21:49.0583 0x2940 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:21:49.0639 0x2940 RasSstp - ok
18:21:49.0663 0x2940 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:21:49.0693 0x2940 rdbss - ok
18:21:49.0714 0x2940 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:21:49.0731 0x2940 rdpbus - ok
18:21:49.0745 0x2940 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:21:49.0786 0x2940 RDPCDD - ok
18:21:49.0807 0x2940 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:21:49.0833 0x2940 RDPENCDD - ok
18:21:49.0853 0x2940 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:21:49.0879 0x2940 RDPREFMP - ok
18:21:49.0928 0x2940 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:21:49.0988 0x2940 RDPWD - ok
18:21:50.0003 0x2940 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:21:50.0015 0x2940 rdyboost - ok
18:21:50.0110 0x2940 [ F3AF2B43F35DBB3A0EB9FEEEC7D62217, 5BFB97BFE94F52CE02DFB2B7E8A9AD34AE489B77BA689F63D733EFB65548D734 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:21:50.0163 0x2940 RegSrvc - ok
18:21:50.0224 0x2940 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:21:50.0253 0x2940 RemoteAccess - ok
18:21:50.0358 0x2940 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:21:50.0433 0x2940 RemoteRegistry - ok
18:21:50.0578 0x2940 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:21:50.0593 0x2940 RFCOMM - ok
18:21:50.0636 0x2940 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:21:50.0706 0x2940 RpcEptMapper - ok
18:21:50.0720 0x2940 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:21:50.0730 0x2940 RpcLocator - ok
18:21:50.0772 0x2940 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
18:21:50.0806 0x2940 RpcSs - ok
18:21:50.0874 0x2940 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:21:50.0905 0x2940 rspndr - ok
18:21:50.0945 0x2940 [ 40817D2DA49866C55781DB7601ABCEC1, 6E92573A4CFA701C5359849BD7502D2716165A154B2FC3BE0EDD1CF7D9452ABB ] RSUSBVSTOR C:\Windows\system32\Drivers\RTSUVSTOR.sys
18:21:50.0958 0x2940 RSUSBVSTOR - ok
18:21:51.0014 0x2940 [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:21:51.0034 0x2940 RTL8167 - ok
18:21:51.0049 0x2940 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] SamSs C:\Windows\system32\lsass.exe
18:21:51.0071 0x2940 SamSs - ok
18:21:51.0089 0x2940 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:21:51.0099 0x2940 sbp2port - ok
18:21:51.0120 0x2940 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:21:51.0150 0x2940 SCardSvr - ok
18:21:51.0177 0x2940 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:21:51.0222 0x2940 scfilter - ok
18:21:51.0262 0x2940 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
18:21:51.0307 0x2940 Schedule - ok
18:21:51.0423 0x2940 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:21:51.0449 0x2940 SCPolicySvc - ok
18:21:51.0471 0x2940 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:21:51.0494 0x2940 SDRSVC - ok
18:21:51.0541 0x2940 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:21:51.0567 0x2940 secdrv - ok
18:21:51.0594 0x2940 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
18:21:51.0628 0x2940 seclogon - ok
18:21:51.0755 0x2940 [ 5E0E975998BF1612E18B898E5D17838B, 76C11C62DB8055F03F868685E8E2016D99D3FC48313CB51C69E7CEA589D80890 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
18:21:51.0786 0x2940 Secunia PSI Agent - ok
18:21:52.0014 0x2940 [ 508DD2E1D5F272B2D3196335DEA2BC26, 2BDC828DB9D9766445C345E82751FA7EF94A089EC84565675EDADE3EC7EB5748 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
18:21:52.0066 0x2940 Secunia Update Agent - ok
18:21:52.0097 0x2940 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
18:21:52.0164 0x2940 SENS - ok
18:21:52.0251 0x2940 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:21:52.0289 0x2940 SensrSvc - ok
18:21:52.0305 0x2940 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:21:52.0324 0x2940 Serenum - ok
18:21:52.0360 0x2940 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
18:21:52.0391 0x2940 Serial - ok
18:21:52.0411 0x2940 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:21:52.0420 0x2940 sermouse - ok
18:21:52.0541 0x2940 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
18:21:52.0573 0x2940 SessionEnv - ok
18:21:52.0613 0x2940 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:21:52.0643 0x2940 sffdisk - ok
18:21:52.0658 0x2940 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:21:52.0669 0x2940 sffp_mmc - ok
18:21:52.0689 0x2940 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:21:52.0700 0x2940 sffp_sd - ok
18:21:52.0728 0x2940 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:21:52.0755 0x2940 sfloppy - ok
18:21:52.0918 0x2940 [ 4215C271D6E6898C3F4DABAB4F387DC9, 10D845466AC239E18A381FA3BCF1DA1CDCF7CC4363D3A6B4695D6562B3EF7541 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
18:21:52.0986 0x2940 SftService - ok
18:21:53.0054 0x2940 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:21:53.0114 0x2940 SharedAccess - ok
18:21:53.0207 0x2940 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:21:53.0241 0x2940 ShellHWDetection - ok
18:21:53.0267 0x2940 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:21:53.0284 0x2940 SiSRaid2 - ok
18:21:53.0316 0x2940 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:21:53.0325 0x2940 SiSRaid4 - ok
18:21:53.0453 0x2940 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:21:53.0497 0x2940 Smb - ok
18:21:53.0550 0x2940 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:21:53.0597 0x2940 SNMPTRAP - ok
18:21:53.0638 0x2940 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:21:53.0657 0x2940 spldr - ok
18:21:53.0712 0x2940 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
18:21:53.0759 0x2940 Spooler - ok
18:21:53.0889 0x2940 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
18:21:53.0994 0x2940 sppsvc - ok
18:21:54.0043 0x2940 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:21:54.0097 0x2940 sppuinotify - ok
18:21:54.0138 0x2940 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:21:54.0178 0x2940 srv - ok
18:21:54.0253 0x2940 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:21:54.0285 0x2940 srv2 - ok
18:21:54.0352 0x2940 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:21:54.0387 0x2940 srvnet - ok
18:21:54.0436 0x2940 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:21:54.0477 0x2940 SSDPSRV - ok
18:21:54.0522 0x2940 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:21:54.0572 0x2940 SstpSvc - ok
18:21:54.0644 0x2940 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
18:21:54.0655 0x2940 ssudmdm - ok
18:21:54.0678 0x2940 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:21:54.0694 0x2940 stexstor - ok
18:21:54.0785 0x2940 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
18:21:54.0805 0x2940 StillCam - ok
18:21:54.0897 0x2940 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
18:21:54.0934 0x2940 stisvc - ok
18:21:54.0974 0x2940 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:21:54.0982 0x2940 swenum - ok
18:21:55.0012 0x2940 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:21:55.0048 0x2940 swprv - ok
18:21:55.0263 0x2940 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
18:21:55.0320 0x2940 SysMain - ok
18:21:55.0346 0x2940 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:21:55.0377 0x2940 TabletInputService - ok
18:21:55.0452 0x2940 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
18:21:55.0533 0x2940 TapiSrv - ok
18:21:55.0653 0x2940 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
18:21:55.0710 0x2940 TBS - ok
18:21:55.0921 0x2940 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:21:55.0962 0x2940 Tcpip - ok
18:21:56.0013 0x2940 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:21:56.0059 0x2940 TCPIP6 - ok
18:21:56.0102 0x2940 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:21:56.0128 0x2940 tcpipreg - ok
18:21:56.0142 0x2940 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:21:56.0163 0x2940 TDPIPE - ok
18:21:56.0195 0x2940 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:21:56.0223 0x2940 TDTCP - ok
18:21:56.0265 0x2940 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:21:56.0290 0x2940 tdx - ok
18:21:56.0317 0x2940 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:21:56.0335 0x2940 TermDD - ok
18:21:56.0479 0x2940 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
18:21:56.0602 0x2940 TermService - ok
18:21:56.0621 0x2940 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:21:56.0649 0x2940 Themes - ok
18:21:56.0666 0x2940 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:21:56.0693 0x2940 THREADORDER - ok
18:21:56.0709 0x2940 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:21:56.0736 0x2940 TrkWks - ok
18:21:56.0857 0x2940 [ 3E75A47D2DEFD2683DCA409572FBE8B2, 33964B1A05E045D3B878CDFD9F52A9086B4FA54D6D4D1DC38062D2874CACD4A0 ] trufos C:\Windows\system32\DRIVERS\trufos.sys
18:21:56.0879 0x2940 trufos - ok
18:21:56.0942 0x2940 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:21:56.0980 0x2940 TrustedInstaller - ok
18:21:57.0009 0x2940 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:21:57.0033 0x2940 tssecsrv - ok
18:21:57.0056 0x2940 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:21:57.0092 0x2940 TsUsbFlt - ok
18:21:57.0106 0x2940 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:21:57.0131 0x2940 TsUsbGD - ok
18:21:57.0151 0x2940 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:21:57.0177 0x2940 tunnel - ok
18:21:57.0200 0x2940 [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
18:21:57.0208 0x2940 TurboB - ok
18:21:57.0283 0x2940 [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
18:21:57.0296 0x2940 TurboBoost - ok
18:21:57.0345 0x2940 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:21:57.0354 0x2940 uagp35 - ok
18:21:57.0386 0x2940 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:21:57.0428 0x2940 udfs - ok
18:21:57.0466 0x2940 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:21:57.0479 0x2940 UI0Detect - ok
18:21:57.0517 0x2940 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:21:57.0528 0x2940 uliagpkx - ok
18:21:57.0541 0x2940 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:21:57.0577 0x2940 umbus - ok
18:21:57.0613 0x2940 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
18:21:57.0630 0x2940 UmPass - ok
18:21:57.0728 0x2940 [ 0DFC9713D117B349E41A2A477448107A, 0C7B2162C2FA0BA46C2D3D9986CB542926C1802532E0785A49AC9B18284267AC ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:21:57.0743 0x2940 UNS - ok
18:21:57.0996 0x2940 [ 358696C459C8FFC30770448977014F5A, A2D612E826AB65B7EDB3629C55875F67814E86ABD3B27C7BE1760D2103DF18FA ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
18:21:58.0005 0x2940 UPDATESRV - ok
18:21:58.0073 0x2940 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:21:58.0119 0x2940 upnphost - ok
18:21:58.0132 0x2940 [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:21:58.0175 0x2940 usbccgp - ok
18:21:58.0197 0x2940 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:21:58.0221 0x2940 usbcir - ok
18:21:58.0234 0x2940 [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:21:58.0265 0x2940 usbehci - ok
18:21:58.0319 0x2940 [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:21:58.0346 0x2940 usbhub - ok
18:21:58.0430 0x2940 [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:21:58.0462 0x2940 usbohci - ok
18:21:58.0481 0x2940 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
18:21:58.0507 0x2940 usbprint - ok
18:21:58.0532 0x2940 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:21:58.0554 0x2940 USBSTOR - ok
18:21:58.0587 0x2940 [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:21:58.0596 0x2940 usbuhci - ok
18:21:58.0667 0x2940 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:21:58.0724 0x2940 usbvideo - ok
18:21:58.0767 0x2940 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
18:21:58.0800 0x2940 usb_rndisx - ok
18:21:58.0831 0x2940 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:21:58.0859 0x2940 UxSms - ok
18:21:58.0875 0x2940 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] VaultSvc C:\Windows\system32\lsass.exe
18:21:58.0887 0x2940 VaultSvc - ok
18:21:58.0900 0x2940 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:21:58.0909 0x2940 vdrvroot - ok
18:21:58.0933 0x2940 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
18:21:58.0969 0x2940 vds - ok
18:21:59.0000 0x2940 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:21:59.0037 0x2940 vga - ok
18:21:59.0040 0x2940 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:21:59.0071 0x2940 VgaSave - ok
18:21:59.0112 0x2940 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:21:59.0124 0x2940 vhdmp - ok
18:21:59.0158 0x2940 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
18:21:59.0166 0x2940 viaide - ok
18:21:59.0200 0x2940 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:21:59.0209 0x2940 volmgr - ok
18:21:59.0242 0x2940 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:21:59.0256 0x2940 volmgrx - ok
18:21:59.0341 0x2940 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:21:59.0366 0x2940 volsnap - ok
18:21:59.0459 0x2940 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:21:59.0483 0x2940 vsmraid - ok
18:21:59.0642 0x2940 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
18:21:59.0707 0x2940 VSS - ok
18:21:59.0798 0x2940 [ EA0C3B02445CD6B4394C347C8D989491, 1948C54AEE5D4C0D8E54B790A47CA4194669DBF4DEDCE87F0CA5E7933E5CB6D2 ] VSSERV C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
18:21:59.0834 0x2940 VSSERV - ok
18:21:59.0846 0x2940 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:21:59.0868 0x2940 vwifibus - ok
18:21:59.0897 0x2940 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:21:59.0924 0x2940 vwififlt - ok
18:21:59.0946 0x2940 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:21:59.0982 0x2940 vwifimp - ok
18:22:00.0044 0x2940 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:22:00.0141 0x2940 W32Time - ok
18:22:00.0236 0x2940 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:22:00.0247 0x2940 WacomPen - ok
18:22:00.0270 0x2940 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:22:00.0318 0x2940 WANARP - ok
18:22:00.0322 0x2940 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:22:00.0348 0x2940 Wanarpv6 - ok
18:22:00.0429 0x2940 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
18:22:00.0536 0x2940 wbengine - ok
18:22:00.0558 0x2940 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:22:00.0575 0x2940 WbioSrvc - ok
18:22:00.0666 0x2940 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:22:00.0695 0x2940 wcncsvc - ok
18:22:00.0728 0x2940 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:22:00.0773 0x2940 WcsPlugInService - ok
18:22:00.0796 0x2940 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
18:22:00.0806 0x2940 Wd - ok
18:22:00.0876 0x2940 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:22:00.0899 0x2940 Wdf01000 - ok
18:22:00.0968 0x2940 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:22:00.0999 0x2940 WdiServiceHost - ok
18:22:01.0003 0x2940 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:22:01.0015 0x2940 WdiSystemHost - ok
18:22:01.0059 0x2940 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
18:22:01.0081 0x2940 WebClient - ok
18:22:01.0125 0x2940 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:22:01.0172 0x2940 Wecsvc - ok
18:22:01.0185 0x2940 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:22:01.0257 0x2940 wercplsupport - ok
18:22:01.0282 0x2940 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:22:01.0358 0x2940 WerSvc - ok
18:22:01.0420 0x2940 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:22:01.0451 0x2940 WfpLwf - ok
18:22:01.0533 0x2940 [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
18:22:01.0553 0x2940 WimFltr - ok
18:22:01.0560 0x2940 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:22:01.0568 0x2940 WIMMount - ok
18:22:01.0578 0x2940 WinDefend - ok
18:22:01.0600 0x2940 WinHttpAutoProxySvc - ok
18:22:01.0698 0x2940 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:22:01.0764 0x2940 Winmgmt - ok
18:22:01.0927 0x2940 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
18:22:02.0034 0x2940 WinRM - ok
18:22:02.0133 0x2940 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:22:02.0155 0x2940 WinUsb - ok
18:22:02.0318 0x2940 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:22:02.0360 0x2940 Wlansvc - ok
18:22:02.0406 0x2940 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:22:02.0414 0x2940 wlcrasvc - ok
18:22:02.0522 0x2940 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:22:02.0585 0x2940 wlidsvc - ok
18:22:02.0619 0x2940 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:22:02.0639 0x2940 WmiAcpi - ok
18:22:02.0666 0x2940 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:22:02.0679 0x2940 wmiApSrv - ok
18:22:02.0718 0x2940 WMPNetworkSvc - ok
18:22:02.0750 0x2940 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:22:02.0783 0x2940 WPCSvc - ok
18:22:02.0796 0x2940 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:22:02.0872 0x2940 WPDBusEnum - ok
18:22:02.0954 0x2940 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:22:02.0999 0x2940 ws2ifsl - ok
18:22:03.0024 0x2940 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
18:22:03.0049 0x2940 wscsvc - ok
18:22:03.0104 0x2940 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
18:22:03.0147 0x2940 WSDPrintDevice - ok
18:22:03.0181 0x2940 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
18:22:03.0205 0x2940 WSDScan - ok
18:22:03.0208 0x2940 WSearch - ok
18:22:03.0373 0x2940 [ 499034D7F1F6AF49F9EE12F8822793CB, 55D591C4861AF66C6B9201BF78808B2ECE7B79D95C6BB07FF0ED87EFE63DD99E ] wuauserv C:\Windows\system32\wuaueng.dll
18:22:03.0444 0x2940 wuauserv - ok
18:22:03.0503 0x2940 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:22:03.0542 0x2940 WudfPf - ok
18:22:03.0557 0x2940 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:22:03.0575 0x2940 WUDFRd - ok
18:22:03.0616 0x2940 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:22:03.0643 0x2940 wudfsvc - ok
18:22:03.0687 0x2940 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:22:03.0780 0x2940 WwanSvc - ok
18:22:03.0937 0x2940 [ 74713CB32792F9C7632DAA7DA22CA974, 1B1D907F8F18AE22E36F371EE6417D068C01FB4F9413571444AF3845A27F3C4D ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
18:22:03.0987 0x2940 ZeroConfigService - ok
18:22:04.0017 0x2940 ================ Scan global ===============================
18:22:04.0075 0x2940 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
18:22:04.0113 0x2940 [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
18:22:04.0143 0x2940 [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
18:22:04.0186 0x2940 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:22:04.0244 0x2940 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
18:22:04.0251 0x2940 [ Global ] - ok
18:22:04.0251 0x2940 ================ Scan MBR ==================================
18:22:04.0262 0x2940 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
18:22:06.0137 0x2940 \Device\Harddisk0\DR0 - ok
18:22:06.0138 0x2940 ================ Scan VBR ==================================
18:22:06.0172 0x2940 [ 8F05D2755DEC4AF8EEFED217995FD0D8 ] \Device\Harddisk0\DR0\Partition1
18:22:06.0299 0x2940 \Device\Harddisk0\DR0\Partition1 - ok
18:22:06.0317 0x2940 [ FDFB32D62513A19C9C57DA8CC94F6289 ] \Device\Harddisk0\DR0\Partition2
18:22:06.0341 0x2940 \Device\Harddisk0\DR0\Partition2 - ok
18:22:06.0342 0x2940 ================ Scan generic autorun ======================
18:22:06.0518 0x2940 [ FD5FFBA42E2D6D7F04B6ECC34D75A4C2, 7FE048BD3BE43F7BCE39207F02FD9AE624EA5AE639590E4844F355FB4CED54EF ] C:\Program Files\Elantech\ETDCtrl.exe
18:22:06.0627 0x2940 ETDCtrl - ok
18:22:06.0651 0x2940 [ ABAEEE966953092F013902849495E588, C1760F10AFCDF9F510A35508DD7DFB52FAE4BEB1C2F422C714E2587917CB8312 ] C:\Windows\system32\igfxtray.exe
18:22:06.0662 0x2940 IgfxTray - ok
18:22:06.0678 0x2940 [ 6200A37004340CBC2BA7BD585285513D, 44102F31F0223DA8633A9E44C4C15780D0CFDD9FD7D33F23F128C523087AB330 ] C:\Windows\system32\hkcmd.exe
18:22:06.0694 0x2940 HotKeysCmds - ok
18:22:06.0735 0x2940 [ C0798E90F54A10E37001CE26E51D3793, 58FCA9D3562138CF177E000DB1839FAF479F3A40139ABD366F4328F8D51FB917 ] C:\Windows\system32\igfxpers.exe
18:22:06.0752 0x2940 Persistence - ok
18:22:06.0923 0x2940 [ 994A482A5E1A1BFE0331A73D85C8FE49, BED1635D833A6DFA2AF9B15BA2C5D11B8D451B4897C2123FE645D43F470DE533 ] C:\Program Files\CONEXANT\SA3\SACpl.exe
18:22:06.0958 0x2940 SmartAudio - ok
18:22:06.0961 0x2940 IntelTBRunOnce - ok
18:22:07.0021 0x2940 [ 2D7CF7A1A4871FB7054306026DA49DAE, 011D17445ABBAEBB921015CF8D8C65CA8814BE3633668A0560BF947F4D0D3069 ] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
18:22:07.0042 0x2940 BLEServicesCtrl - ok
18:22:07.0043 0x2940 BTMTrayAgent - ok
18:22:07.0175 0x2940 [ 812DD9FBA5EF2136AEF738CAA499D47C, 239BF6A71916512FD3979DB334491C4FF399F5E95BE02F25A1DF81C171D17C42 ] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
18:22:07.0220 0x2940 DellStage - ok
18:22:07.0376 0x2940 [ 1136B11FB4B6A598051BD9648A798F7C, 9019F8479325959F8DC7415E5607AE7B90B6755F435D4E3D0E90D44CD25C2BCD ] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
18:22:07.0642 0x2940 Stage Remote - ok
18:22:07.0790 0x2940 [ BB7481A1306823D1B6592263F1AB8DD7, 2D48A5DD217D81E99D134580721A1BC65EEFFB22FE9D2C03EAA3D9879F86A5D5 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
18:22:07.0805 0x2940 AdobeAAMUpdater-1.0 - ok
18:22:07.0902 0x2940 [ 3707200C0C00FB0A36C3DF2A8D605214, 6CC9BBED17BCFEFF3659269110E25309275ECD606F716A3B3A2E5B27F533B214 ] C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
18:22:07.0940 0x2940 Bdagent - ok
18:22:08.0063 0x2940 [ 40ED1FA770518AEFC765D01EB572BDE8, CF01CBC72D1305043F246028E9C701948A1AEAC821632DBF1ECC746CB375FD31 ] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
18:22:08.0082 0x2940 StartCCC - ok
18:22:08.0192 0x2940 [ 5514B64F7F2D25E09E2FDAF5D62B688C, 43263715ADC49250762A01E41DB2832C6A8B63CE4F66CDD8FC0B51DCA031DF27 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
18:22:08.0210 0x2940 IAStorIcon - ok
18:22:08.0320 0x2940 [ 13F44960416C1D24DAAC3CBBBAE49D35, 358C6DF2BDF54851D8407327B7D6215AF35AA0DDC6A0837F9BD6CCF28A7B4C80 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
18:22:08.0482 0x2940 Dell Webcam Central - detected UnsignedFile.Multi.Generic ( 1 )
18:22:11.0371 0x2940 Dell Webcam Central ( UnsignedFile.Multi.Generic ) - warning
18:22:11.0371 0x2940 Force sending object to P2P due to detect: C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
18:22:14.0208 0x2940 Object send P2P result: true
18:22:17.0014 0x2940 [ EBE1962DC5EEFC13D20543013A891ABC, E6E993B38267D17EF4FFAD8870817DA0D65405C920177D077FA3FD7B98DB4C3D ] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
18:22:17.0039 0x2940 Dell DataSafe Online - ok
18:22:17.0070 0x2940 [ 88FD47E3BD31BC358AD1EF14E75C7681, 0177A849A8E63122628D42AAB97F29224413B10C5E9720F7ED9E109E509EC7ED ] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
18:22:17.0079 0x2940 RemoteControl9 - ok
18:22:17.0117 0x2940 [ A4A59E38A82781985AF76BA2038C78BE, 0E349A07EFC7FB0BB6E9CD3A6B9E72CDA4FD45001EEAB3AAC5D885E2AE0CEF77 ] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe
18:22:17.0128 0x2940 PDVD9LanguageShortcut - ok
18:22:17.0147 0x2940 [ 67B4D1F274CD02027A07DE1556110114, 438B685BDAD49175B54FC246FB1D69EFA619FC5943EDAA831B19B51E45C9E91C ] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
18:22:17.0156 0x2940 BDRegion - ok
18:22:17.0274 0x2940 [ 1FAE02B91A43603B8DE4D668576AFC9C, 943C4004A656E4D01BEF0B1958893950AD3412E722DDC02BB1B5B3C74AF3D9A6 ] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe
18:22:17.0288 0x2940 NeroLauncher - ok
18:22:17.0420 0x2940 [ 53EDBE9C1D6B0CEC11A573852B5B6DAD, E4A6B00AA93F2E8BBA7149601A37D7388E0A5EC48CD95A0BD94939FD96726811 ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
18:22:17.0443 0x2940 AccuWeatherWidget - ok
18:22:17.0587 0x2940 [ 07A37CB5C5A01E73FB69F138FAE2DB0E, 9E8B5D78D7EAB8FA35133763EDA91AFE5CDEE275D604F02CDB56FB00A0D5AA0F ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:22:17.0621 0x2940 Adobe ARM - ok
18:22:17.0688 0x2940 [ 363C29784A259D60B44596CD5B0091D7, 76CE77B1F0AA710693324DDF8BD84343834F7DF225763FB0D24DF8D2A0D85555 ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
18:22:17.0700 0x2940 DivXMediaServer - detected UnsignedFile.Multi.Generic ( 1 )
18:22:20.0419 0x2940 Detect skipped due to KSN trusted
18:22:20.0419 0x2940 DivXMediaServer - ok
18:22:20.0483 0x2940 [ F773D2886EDF879860F220EB59C4552B, 93F6A56144DFA62CD3C49C6D8C92AA9024598B50EDBB8248965EBB7CB0F98209 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
18:22:20.0526 0x2940 DivXUpdate - ok
18:22:20.0686 0x2940 [ 40754D93AEB60577897FADEE6941B2B1, 150D74C7EFE5C06CDE603E1A9C6DBA89FC83B86F2E94BBEA92C3D9CEC9373142 ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
18:22:20.0705 0x2940 ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
18:22:23.0424 0x2940 Detect skipped due to KSN trusted
18:22:23.0424 0x2940 ControlCenter4 - ok
18:22:23.0641 0x2940 [ 22310E2C6AE375142ABBB9EF384ECD40, A8673DF56546E4CDD7A0099D8CCB889415125089F786D0637E8D9B21CE53AB4D ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
18:22:23.0762 0x2940 BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
18:22:26.0468 0x2940 Detect skipped due to KSN trusted
18:22:26.0469 0x2940 BrStsMon00 - ok
18:22:26.0594 0x2940 [ 0C0DD390CF53D506414AC2CAA68E7F34, C64A9BAF0FDA5161B9361FC454CA36E7595E6BC969A6FA03993C5949373D8A00 ] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
18:22:26.0661 0x2940 BrHelp - detected UnsignedFile.Multi.Generic ( 1 )
18:22:29.0364 0x2940 Detect skipped due to KSN trusted
18:22:29.0364 0x2940 BrHelp - ok
18:22:29.0449 0x2940 [ 2199723879C9F75A709680E2935C052F, DDD5B5CC86463284D9137372CB8541D1258AC020EA811F1AD3735809F314B086 ] C:\Program Files (x86)\PDF24\pdf24.exe
18:22:29.0462 0x2940 PDFPrint - ok
18:22:29.0563 0x2940 Dropbox - ok
18:22:29.0730 0x2940 [ 48F63FA958EBD9535A4096421BD56A82, F870BBB70F350308CB00555AB8698566B422BD0C1FE10569331F9696F70863FB ] C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
18:22:29.0764 0x2940 Bitdefender-Geldbörse-Agent - ok
18:22:29.0766 0x2940 Adobe Speed Launcher - ok
18:22:29.0766 0x2940 Waiting for KSN requests completion. In queue: 2
18:22:30.0766 0x2940 Waiting for KSN requests completion. In queue: 2
18:22:31.0766 0x2940 Waiting for KSN requests completion. In queue: 2
18:22:33.0100 0x2940 AV detected via SS2: Bitdefender-Virenschutz, C:\Program Files\Bitdefender\Bitdefender 2015\wscfix.exe ( 19.1.0.33 ), 0x41000 ( enabled : updated )
18:22:33.0104 0x2940 FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2015\wscfix.exe ( 19.1.0.33 ), 0x41010 ( enabled )
18:22:35.0878 0x2940 ============================================================
18:22:35.0878 0x2940 Scan finished
18:22:35.0878 0x2940 ============================================================
18:22:35.0884 0x2754 Detected object count: 1
18:22:35.0884 0x2754 Actual detected object count: 1
18:23:30.0053 0x2754 Dell Webcam Central ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:30.0053 0x2754 Dell Webcam Central ( UnsignedFile.Multi.Generic ) - User select action: Skip
Ich habe jetzt auch noch ein weiteres Problem: Bei Malwarebytes wird angezeigt, dass mein System nicht vollständig geschützt ist. Und zwar steht beim Echtzeitschutz, dass der Schutz vor bösartigen Websites deaktiviert ist, der Malware-Schutz wäre aber aktiv. Bei Bitdefender wird angezeigt, dass mein Echtzeitschutz für Dateien deaktiviert ist und ich kann es nicht beheben Das habe ich jetzt aber erst seit ich die obigen Scans habe laufen lassen. Hab ich was falsch gemacht?LG Sandra |
|
31.08.2015, 07:17
| #7 |
| /// the machine /// TB-Ausbilder | Eventuelles Problem Nö. Ich wüsste auch nicht warum sich MBAM selbst abschiessen sollte. Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.08.2015, 17:05
| #8 |
| | Eventuelles Problem Hallo, folgendes kam raus: Code:
ATTFilter ComboFix 15-08-31.01 - **** 31.08.2015 17:45:57.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8054.5457 [GMT 2:00]
ausgeführt von:: c:\users\****\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1441035480.10356.bin
c:\programdata\1441035480.10940.bin
c:\programdata\1441035480.8256.bin
c:\programdata\1441035480.8396.bin
c:\users\****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkzovoc.dll
c:\windows\security\logs\scecomp.log
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-07-28 bis 2015-08-31 ))))))))))))))))))))))))))))))
.
.
2015-08-27 19:21 . 2015-05-29 07:50 271272 ----a-w- c:\windows\system32\drivers\avchv.sys
2015-08-27 19:15 . 2015-08-27 19:27 -------- d-----w- c:\users\****\AppData\Roaming\Bitdefender
2015-08-27 19:11 . 2015-08-27 19:27 -------- d-----w- c:\programdata\Bitdefender
2015-08-27 17:52 . 2015-08-27 17:54 -------- d-----w- C:\FRST
2015-08-27 17:44 . 2015-08-27 18:34 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2015-08-27 00:51 . 2015-08-27 00:51 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{80E6E9A3-5311-4F87-9BAD-24403860E960}\offreg.2996.dll
2015-08-25 18:07 . 2015-07-31 09:21 11745192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{80E6E9A3-5311-4F87-9BAD-24403860E960}\mpengine.dll
2015-08-19 18:00 . 2015-08-11 01:20 25191936 ----a-w- c:\windows\system32\mshtml.dll
2015-08-19 18:00 . 2015-08-11 01:14 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2015-08-19 18:00 . 2015-08-11 00:33 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2015-08-12 18:20 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 18:20 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 17:55 . 2015-07-28 20:05 774656 ----a-w- c:\windows\system32\invagent.dll
2015-08-12 17:53 . 2015-07-01 20:49 260096 ----a-w- c:\windows\system32\WebClnt.dll
2015-08-12 17:52 . 2015-07-30 18:06 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-31 15:52 . 2014-05-26 20:40 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-28 16:17 . 2014-05-26 19:31 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-08-12 18:02 . 2012-09-27 15:56 132483416 ----a-w- c:\windows\system32\MRT.exe
2015-08-12 17:31 . 2012-09-12 10:07 778440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-12 17:31 . 2012-09-12 10:07 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-15 17:54 . 2015-08-12 17:55 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-07-04 18:07 . 2015-07-15 18:37 2087424 ----a-w- c:\windows\system32\ole32.dll
2015-07-04 17:48 . 2015-07-15 18:37 1414656 ----a-w- c:\windows\SysWow64\ole32.dll
2015-06-23 23:29 . 2015-06-23 23:29 1217192 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-06-23 11:30 . 2010-11-21 03:27 300704 ------w- c:\windows\system32\MpSigStub.exe
2015-06-18 06:41 . 2014-05-26 19:31 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-06-18 06:41 . 2013-07-03 12:57 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-06-17 17:47 . 2015-07-15 18:39 404992 ----a-w- c:\windows\system32\gdi32.dll
2015-06-17 17:37 . 2015-07-15 18:39 312320 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-06-15 21:50 . 2015-07-15 18:36 112064 ----a-w- c:\windows\system32\consent.exe
2015-06-15 21:45 . 2015-07-15 18:36 504320 ----a-w- c:\windows\system32\msihnd.dll
2015-06-15 21:45 . 2015-07-15 18:36 3242496 ----a-w- c:\windows\system32\msi.dll
2015-06-15 21:45 . 2015-07-15 18:36 70656 ----a-w- c:\windows\system32\appinfo.dll
2015-06-15 21:45 . 2015-07-15 18:36 1941504 ----a-w- c:\windows\system32\authui.dll
2015-06-15 21:44 . 2015-07-15 18:36 128000 ----a-w- c:\windows\system32\msiexec.exe
2015-06-15 21:43 . 2015-07-15 18:36 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2015-06-15 21:43 . 2015-07-15 18:36 2364416 ----a-w- c:\windows\SysWow64\msi.dll
2015-06-15 21:43 . 2015-07-15 18:36 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2015-06-15 21:42 . 2015-07-15 18:36 73216 ----a-w- c:\windows\SysWow64\msiexec.exe
2015-06-15 21:42 . 2015-07-15 18:36 25088 ----a-w- c:\windows\system32\msimsg.dll
2015-06-15 21:37 . 2015-07-15 18:36 25088 ----a-w- c:\windows\SysWow64\msimsg.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53 189464 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53 189464 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53 189464 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53 189464 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53 189464 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53 189464 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53 189464 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53 189464 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-03-26 636032]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2012-03-06 577024]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336]
"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-17 50472]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2012-03-27 76872]
"NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2012-03-10 66872]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2012-02-01 968048]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-11-20 1021128]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2012-11-13 450560]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2012-11-30 1263512]
"ControlCenter4"="c:\program files (x86)\ControlCenter4\BrCcBoot.exe" [2013-05-14 139264]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2012-12-27 4522496]
"BrHelp"="c:\program files (x86)\Brother\Brother Help\BrotherHelp.exe" [2013-01-18 2009088]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2014-11-28 193568]
"Dropbox"="c:\program files (x86)\Dropbox\Client\Dropbox.exe" [2015-08-05 39179912]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2014-11-28 591576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 CLKMSVC10_9EC60124;CyberLink Product - 2012/09/12 05:50;c:\program files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe;c:\program files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dbupdate;Dropbox-Update-Service (dbupdate);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
R3 dbupdatem;Dropbox-Update-Service (dbupdatem);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 CxUtilSvc;CxUtilSvc;c:\program files\Conexant\SA3\CxUtilSvc.exe;c:\program files\Conexant\SA3\CxUtilSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed - Virtueller Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 ETD;Dell Touchpad;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys;c:\windows\SYSNATIVE\Drivers\RTSUVSTOR.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - CLKMDRV10_9EC60124
.
Inhalt des "geplante Tasks" Ordners
.
2015-08-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-12 17:31]
.
2015-08-31 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-22 19:57]
.
2015-08-31 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-22 19:57]
.
2015-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-24 15:59]
.
2015-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-24 15:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53 226328 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53 226328 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53 226328 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53 226328 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53 226328 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53 226328 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53 226328 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53 226328 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"="c:\program files\Elantech\ETDCtrl.exe" [2012-03-14 2894640]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
"SmartAudio"="c:\program files\CONEXANT\SA3\SACpl.exe" [2012-02-21 1654400]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-03-15 178960]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-05-15 11406608]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2012-02-01 2195824]
"Stage Remote"="c:\program files (x86)\Dell\Stage Remote\StageRemote.exe" [2011-06-28 2022976]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mDefault_Page_URL = hxxp://www.google.com
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\users\****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ Malwarebytes Anti-Malware \mbam.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-08-31 17:58:54 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-08-31 15:58
.
Vor Suchlauf: 14 Verzeichnis(se), 262.979.944.448 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 263.209.897.984 Bytes frei
.
- - End Of File - - F7E4D3CCB431184EE78FA21420E6D744
Exception EAccessViolation in module ERUNT.3XE at 00003A38. Access violation at address 00403A38 in module ERUNT.3XE. Read of address 0076005D. LG Sandra |
|
01.09.2015, 06:33
| #9 |
| /// the machine /// TB-Ausbilder | Eventuelles Problem Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.09.2015, 17:38
| #10 |
| | Eventuelles Problem Hallo schrauber, hier die Logs: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 01.09.2015 Suchlaufzeit: 17:34 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.09.01.04 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Premium-Version Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: **** Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 377853 Abgelaufene Zeit: 14 Min., 52 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 2 PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunAsStandardUserF1D784E83F034B9C98DDEF0877F219F7, Löschen bei Neustart, [6850f634a2e9d66029b2a3ff62a27789], PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunOnce49024DD6018D45EE8F336FA56661951C, Löschen bei Neustart, [4c6cc96147442e08ac2f871b13f160a0], Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.005 - Bericht erstellt am 01/09/2015 um 18:28:38
# Aktualisiert am 31/08/2015 von Xplode
# Datenbank : 2015-08-31.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : **** - ****-PC
# Gestartet von : C:\Users\****\Desktop\AdwCleaner_5.005.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Program Files (x86)\Free FLV Converter
***** [ Dateien ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
***** [ Internetbrowser ] *****
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [958 Bytes] ##########
|
|
02.09.2015, 17:25
| #11 |
| /// the machine /// TB-Ausbilder | Eventuelles Problem fehlt noch was
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.09.2015, 18:12
| #12 |
| | Eventuelles Problem Oha das hab ich komplett übersehen Hier bitteschön: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 7 Home Premium x64
Ran by **** on 03.09.2015 at 18:47:32,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\esellerate
~~~ FireFox
Emptied folder: C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\v3y2x47w.default\minidumps [6 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.09.2015 at 18:50:42,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
durchgeführt von **** (Administrator) auf ****-PC (03-09-2015 18:59:30)
Gestartet von C:\Users\****\Desktop
Geladene Profile: **** (Verfügbare Profile: ****)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894640 2012-03-14] (ELAN Microelectronics Corp.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1654400 2012-02-22] (Conexant Systems, Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-28] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577024 2012-03-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-26] (Dell, Inc.)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-18] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [76872 2012-03-27] (cyberlink)
HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [66872 2012-03-11] ()
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39179912 2015-08-06] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\RunOnce: [Adobe Speed Launcher] => 1441125082
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-01-07]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{74EF4DF4-F545-4B24-97D4-53AEC75D7B98}: [DhcpNameServer] 141.53.10.4 141.53.10.5
Tcpip\..\Interfaces\{7AC580F9-788B-43B5-9282-B1715F577528}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{BAF2DFBA-5D02-4D65-B321-5EA1F317205E}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1476551734-19124195-2179231302-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1476551734-19124195-2179231302-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {295B9C87-9E71-4AEB-8860-AAB046CDF146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {295B9C87-9E71-4AEB-8860-AAB046CDF146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1476551734-19124195-2179231302-1000 -> {295B9C87-9E71-4AEB-8860-AAB046CDF146} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default
FF SelectedSearchEngine:
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default\searchplugins\google-images.xml [2014-09-14]
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default\searchplugins\google-maps.xml [2014-09-14]
FF Extension: Cliqz - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default\Extensions\cliqz@cliqz.com.xpi [2014-11-20]
FF Extension: YouTube Video and Audio Downloader - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2015-01-10]
FF Extension: Media Converter and Muxer - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default\Extensions\jid1-kps5PrGBNtzSLQ@jetpack.xpi [2015-01-10]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-01-05]
FF HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default\extensions\cliqz@cliqz.com
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [242448 2012-03-27] (CyberLink)
S2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2012-05-18] (Conexant Systems, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
S2 DellDigitalDelivery; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [166912 2012-04-10] (Dell Products, LP.) [Datei ist nicht signiert]
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [32896 2012-03-20] (Advanced Micro Devices, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-03 18:58 - 2015-09-03 18:58 - 00000000 ____D C:\Users\****\Desktop\FRST-OlderVersion
2015-09-03 18:50 - 2015-09-03 18:50 - 00000902 _____ C:\Users\****\Desktop\JRT.txt
2015-09-03 18:46 - 2015-09-03 18:46 - 01799392 _____ (Malwarebytes Corporation) C:\Users\****\Desktop\JRT_7600.exe
2015-09-01 18:33 - 2015-09-01 18:33 - 00001034 _____ C:\Users\****\Desktop\AdwCleaner[C1].txt
2015-09-01 18:17 - 2015-09-01 18:28 - 00000000 ____D C:\AdwCleaner
2015-09-01 18:12 - 2015-09-01 18:12 - 01654272 _____ C:\Users\****\Desktop\AdwCleaner_5.005.exe
2015-09-01 18:07 - 2015-09-01 18:07 - 00001602 _____ C:\Users\****\Desktop\mbam.txt
2015-09-01 17:23 - 2015-09-01 17:23 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\****\Desktop\mbam-setup-2.1.8.1057.exe
2015-08-31 17:58 - 2015-08-31 17:58 - 00030822 _____ C:\ComboFix.txt
2015-08-31 17:44 - 2015-08-31 17:58 - 00000000 ____D C:\Qoobox
2015-08-31 17:44 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-31 17:44 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-31 17:44 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-31 17:44 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-31 17:44 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-31 17:44 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-31 17:44 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-31 17:44 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-31 17:35 - 2015-08-31 17:36 - 05635666 ____R (Swearware) C:\Users\****\Desktop\ComboFix.exe
2015-08-31 17:34 - 2015-08-31 17:34 - 00114146 _____ C:\Users\****\Desktop\zeug.txt
2015-08-30 18:18 - 2015-08-30 18:18 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\****\Desktop\tdsskiller.exe
2015-08-28 18:34 - 2015-08-31 17:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-28 18:08 - 2015-08-28 18:17 - 00000000 ____D C:\Users\****\Desktop\mbar
2015-08-28 18:06 - 2015-08-28 18:06 - 16563304 _____ (Malwarebytes Corp.) C:\Users\****\Desktop\mbar-1.09.2.1008.exe
2015-08-27 21:21 - 2015-05-29 09:50 - 00271272 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-08-27 21:15 - 2015-08-27 21:27 - 00000000 ____D C:\Users\****\AppData\Roaming\Bitdefender
2015-08-27 21:11 - 2015-08-27 21:27 - 00000000 ____D C:\ProgramData\Bitdefender
2015-08-27 21:10 - 2015-08-27 21:10 - 02868496 _____ C:\Users\****\Downloads\bitdefender_tsecurity(1).exe
2015-08-27 21:05 - 2015-08-27 21:06 - 00003832 _____ C:\Users\****\Desktop\ Malwarebytes Anti-Malware .txt
2015-08-27 20:31 - 2015-08-27 20:57 - 00062936 _____ C:\Users\****\Desktop\GMER.txt
2015-08-27 19:56 - 2015-08-27 19:56 - 00380416 _____ C:\Users\****\Desktop\Gmer-19357.exe
2015-08-27 19:53 - 2015-08-27 20:50 - 00046897 _____ C:\Users\****\Desktop\Addition.txt
2015-08-27 19:52 - 2015-08-27 19:53 - 00028611 _____ C:\Users\*****\Desktop\FRST.txt
2015-08-27 19:52 - 2015-08-27 19:53 - 00000000 ____D C:\FRST
2015-08-27 19:51 - 2015-08-27 19:52 - 02186752 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2015-08-27 19:49 - 2015-08-27 19:49 - 00000474 _____ C:\Users\*****\Desktop\defogger_disable.log
2015-08-27 19:49 - 2015-08-27 19:49 - 00000000 _____ C:\Users\*****\defogger_reenable
2015-08-27 19:48 - 2015-08-27 19:48 - 00050477 _____ C:\Users\*****\Desktop\Defogger.exe
2015-08-19 20:00 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 20:00 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 20:00 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 20:00 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-17 19:14 - 2015-08-18 21:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-13 17:14 - 2015-08-13 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-12 20:20 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 20:20 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 20:03 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 20:03 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 20:03 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 20:03 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 20:03 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 20:03 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 20:03 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 20:03 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 20:03 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 20:03 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 20:03 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 20:03 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 20:03 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 20:03 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 20:03 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 20:03 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 20:03 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 20:03 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 20:03 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 20:03 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 20:03 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 20:03 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 20:03 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 20:03 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 20:03 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 20:03 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 20:03 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 20:03 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 20:03 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 20:03 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 20:03 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 20:03 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 20:03 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 20:03 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 20:03 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 20:03 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 20:03 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 20:03 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 20:03 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 20:03 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 20:03 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 20:03 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 20:03 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 20:03 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 20:03 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 20:03 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 20:03 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 20:03 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 20:03 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 20:03 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 20:03 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 20:03 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 20:03 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 20:03 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 20:03 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 20:03 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 19:55 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 19:55 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 19:55 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 19:55 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 19:55 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 19:55 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 19:55 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 19:55 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 19:55 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 19:55 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 19:55 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 19:55 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 19:55 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 19:55 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 19:55 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 19:55 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 19:55 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 19:55 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 19:55 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 19:55 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 19:55 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 19:55 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 19:55 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 19:55 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 19:55 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 19:55 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 19:55 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 19:55 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 19:55 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 19:55 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 19:55 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 19:55 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 19:55 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 19:55 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 19:55 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 19:55 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 19:55 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 19:55 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 19:55 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 19:55 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 19:55 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 19:55 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 19:55 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 19:55 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 19:55 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 19:55 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 19:55 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 19:55 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 19:55 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 19:55 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 19:55 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 19:55 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 19:55 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 19:55 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 19:55 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 19:55 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 19:55 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 19:55 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 19:53 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 19:53 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 19:53 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 19:53 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 19:53 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 19:53 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 19:53 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 19:53 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 19:53 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 19:53 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 19:53 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 19:53 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 19:53 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 19:53 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 19:53 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 19:53 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 19:53 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 19:53 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 19:52 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 19:52 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 19:52 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 19:52 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 19:52 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 19:52 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 19:52 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 19:52 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 19:52 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 19:52 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 19:52 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 19:52 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 19:52 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 19:52 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 19:52 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 19:52 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 19:52 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 19:52 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 19:52 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 19:52 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 19:52 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 19:52 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 19:52 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 19:52 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 19:52 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 19:52 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 19:52 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 19:52 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 19:52 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 19:52 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 19:52 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 19:52 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-11 20:55 - 2015-08-18 21:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2015-08-10 19:37 - 2015-08-10 19:38 - 01062832 _____ C:\Windows\Minidump\081015-25708-01.dmp
2015-07-28 18:40 - 2015-07-28 18:40 - 00003518 _____ C:\Windows\System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8
2015-07-28 18:40 - 2015-07-28 18:40 - 00000000 ____D C:\Program Files\Common Files\AV
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-03 18:55 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-03 18:55 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-03 18:53 - 2012-09-12 12:04 - 01938334 _____ C:\Windows\WindowsUpdate.log
2015-09-03 18:43 - 2015-06-22 21:57 - 00001214 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-09-03 18:43 - 2014-12-24 09:42 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-03 18:43 - 2014-12-24 09:42 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-03 18:42 - 2014-05-26 22:40 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-03 18:42 - 2012-09-12 12:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-02 20:18 - 2015-06-22 21:57 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-01 18:31 - 2015-06-22 22:30 - 00000000 ___RD C:\Users\****\Dropbox
2015-09-01 18:31 - 2015-06-22 21:57 - 00000000 ____D C:\Users\****\AppData\Local\Dropbox
2015-09-01 18:31 - 2012-09-12 12:43 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2015-09-01 18:31 - 2012-09-12 12:43 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2015-09-01 18:31 - 2012-09-12 12:35 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2015-09-01 18:29 - 2010-11-21 05:47 - 01297644 _____ C:\Windows\PFRO.log
2015-09-01 18:29 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-01 18:29 - 2009-07-14 06:51 - 00081850 _____ C:\Windows\setupact.log
2015-09-01 17:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PLA
2015-09-01 17:31 - 2014-05-26 21:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-01 17:31 - 2014-05-26 21:31 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-01 17:31 - 2013-07-03 14:57 - 00001104 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-31 17:53 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-31 17:52 - 2012-09-19 13:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-31 17:51 - 2015-01-04 21:07 - 00000000 ____D C:\Windows\erdnt
2015-08-30 22:42 - 2010-11-21 08:50 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-08-30 22:42 - 2010-11-21 08:50 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-08-30 22:42 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-30 22:39 - 2012-11-24 03:59 - 00000000 ____D C:\Users\****\AppData\Roaming\vlc
2015-08-30 22:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-28 18:00 - 2014-12-24 09:42 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-28 18:00 - 2014-12-24 09:42 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-27 21:11 - 2014-11-20 21:59 - 00000000 ____D C:\Program Files\Bitdefender
2015-08-27 21:11 - 2012-09-19 13:12 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-08-27 21:10 - 2015-01-07 21:43 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2015-08-27 19:49 - 2012-09-19 12:49 - 00000000 ____D C:\Users\****
2015-08-15 23:21 - 2011-02-11 19:13 - 00000000 ____D C:\Windows\panther
2015-08-15 23:17 - 2015-07-10 19:28 - 00000000 ____D C:\$Windows.~BT
2015-08-13 18:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-13 17:14 - 2015-06-22 21:57 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-08-13 05:59 - 2013-03-16 09:25 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 05:59 - 2013-03-16 09:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 05:59 - 2009-07-14 06:45 - 00415752 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 00:42 - 2014-12-24 08:36 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-13 00:42 - 2014-05-06 20:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 22:58 - 2012-12-30 18:12 - 00000000 ____D C:\Users\****\AppData\Roaming\dvdcss
2015-08-12 20:20 - 2013-03-16 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 20:17 - 2012-09-29 15:06 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 20:12 - 2009-07-14 04:34 - 00000510 _____ C:\Windows\win.ini
2015-08-12 20:11 - 2013-08-10 17:15 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 20:02 - 2012-09-27 17:56 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 19:31 - 2012-09-12 12:07 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 19:31 - 2012-09-12 12:07 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-12 19:31 - 2012-09-12 12:07 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-10 19:37 - 2015-05-13 11:13 - 928242780 _____ C:\Windows\MEMORY.DMP
2015-08-10 19:37 - 2014-07-08 19:14 - 00000000 ____D C:\Windows\Minidump
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2006-12-11 20:13 - 2006-12-11 20:13 - 0097336 _____ (Un4seen Developments) C:\Users\****\AppData\Local\bass.dll
2006-12-11 20:13 - 2006-12-11 20:13 - 0013872 _____ (Un4seen Developments) C:\Users\****\AppData\Local\basscd.dll
2007-08-13 18:46 - 2007-08-13 18:46 - 0102912 _____ (Albert L Faber) C:\Users\****\AppData\Local\CDRip.dll
2012-09-22 22:49 - 2014-04-06 15:19 - 0035328 _____ () C:\Users\****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-01-18 22:09 - 2007-01-18 22:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\****\AppData\Local\No23 Recorder.exe
2013-02-14 20:29 - 2015-01-31 09:52 - 0001473 _____ () C:\Users\****\AppData\Local\RecConfig.xml
Einige Dateien in TEMP:
====================
C:\Users\****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn4ms22.dll
C:\Users\****\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-01 00:12
==================== Ende von FRST.txt ============================
|
|
04.09.2015, 17:33
| #13 |
| /// the machine /// TB-Ausbilder | Eventuelles ProblemESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.09.2015, 09:04
| #14 |
| | Eventuelles Problem Hallo, hier die Logs: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=15ca1f8955077548bcbb817ef7dad6c9
# end=init
# utc_time=2015-09-05 06:17:38
# local_time=2015-09-05 08:17:38 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25613
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=15ca1f8955077548bcbb817ef7dad6c9
# end=updated
# utc_time=2015-09-05 06:21:57
# local_time=2015-09-05 08:21:57 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=15ca1f8955077548bcbb817ef7dad6c9
# engine=25613
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-09-05 07:37:11
# local_time=2015-09-05 09:37:11 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 193068481 0 0
# scanned=276701
# found=6
# cleaned=0
# scan_time=4513
sh=7CCC11171F527DA865CE0FAE88C80539168CF518 ft=1 fh=e8dde50c5d3624b5 vn="Variante von Win32/Toolbar.SearchSuite.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Users\****\Downloads\BearShareV10.exe"
sh=03DA21B74F83A9FE9A67FD0CF757DC872AFB57FD ft=1 fh=9222a910f39c3089 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\****\Downloads\Dropbox - CHIP-Installer.exe"
sh=26E5F2D470E8D052B16F1159FDEC5ED6C90D8C58 ft=1 fh=f0fdb427319b39ef vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\****\Downloads\Free YouTube to DVD Converter - CHIP-Installer.exe"
sh=D8541E72714576FDE7B329CDFE30879A33C31DC0 ft=1 fh=81f1da0b8abccefb vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\****\Downloads\onlineTV - CHIP-Installer.exe"
sh=F570500BDAB2A26A0B1818F09728A15C39E88463 ft=1 fh=63963b0a43431bae vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\****\Downloads\PDF24 Creator - CHIP-Installer.exe"
sh=B49883F9F0353B15AEE87E3BFA81E3055C3B2363 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\****\Downloads\wz175-64gev.msi"
Code:
ATTFilter Results of screen317's Security Check version 1.008
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Secunia PSI (3.0.0.10004)
Java 8 Update 45
Java version 32-bit out of Date!
Adobe Flash Player 18.0.0.232
Adobe Reader XI
Mozilla Firefox (40.0.3)
Mozilla Thunderbird (38.2.0)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
durchgeführt von ***** (Administrator) auf *****-PC (05-09-2015 10:01:34)
Gestartet von C:\Users\*****\Desktop
Geladene Profile: ***** (Verfügbare Profile: *****)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\*****\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894640 2012-03-14] (ELAN Microelectronics Corp.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1654400 2012-02-22] (Conexant Systems, Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-28] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577024 2012-03-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-26] (Dell, Inc.)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-18] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [76872 2012-03-27] (cyberlink)
HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [66872 2012-03-11] ()
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39175960 2015-08-14] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\RunOnce: [Adobe Speed Launcher] => 1441125082
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-01-07]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{74EF4DF4-F545-4B24-97D4-53AEC75D7B98}: [DhcpNameServer] 141.53.10.4 141.53.10.5
Tcpip\..\Interfaces\{7AC580F9-788B-43B5-9282-B1715F577528}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{BAF2DFBA-5D02-4D65-B321-5EA1F317205E}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1476551734-19124195-2179231302-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1476551734-19124195-2179231302-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {295B9C87-9E71-4AEB-8860-AAB046CDF146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {295B9C87-9E71-4AEB-8860-AAB046CDF146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1476551734-19124195-2179231302-1000 -> {295B9C87-9E71-4AEB-8860-AAB046CDF146} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default
FF SelectedSearchEngine:
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default\searchplugins\google-images.xml [2014-09-14]
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default\searchplugins\google-maps.xml [2014-09-14]
FF Extension: Cliqz - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default\Extensions\cliqz@cliqz.com.xpi [2014-11-20]
FF Extension: YouTube Video and Audio Downloader - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2015-01-10]
FF Extension: Media Converter and Muxer - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default\Extensions\jid1-kps5PrGBNtzSLQ@jetpack.xpi [2015-01-10]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-01-05]
FF HKU\S-1-5-21-1476551734-19124195-2179231302-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\v3y2x47w.default\extensions\cliqz@cliqz.com
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [242448 2012-03-27] (CyberLink)
S2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2012-05-18] (Conexant Systems, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
S2 DellDigitalDelivery; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [166912 2012-04-10] (Dell Products, LP.) [Datei ist nicht signiert]
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [32896 2012-03-20] (Advanced Micro Devices, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-05 09:57 - 2015-09-05 09:57 - 00852704 _____ C:\Users\*****\Desktop\SecurityCheck.exe
2015-09-05 08:17 - 2015-09-05 08:17 - 00000000 ____D C:\Program Files (x86)\ESET
2015-09-05 08:14 - 2015-09-05 08:14 - 00000606 _____ C:\Users\*****\Desktop\JRT.txt
2015-09-05 08:07 - 2015-09-05 08:07 - 02870984 _____ (ESET) C:\Users\*****\Desktop\esetsmartinstaller_deu.exe
2015-09-05 03:10 - 2015-09-05 03:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-03 19:01 - 2015-09-03 19:10 - 00061583 _____ C:\Users\*****\Desktop\FRST2.txt
2015-09-03 18:58 - 2015-09-03 18:58 - 00000000 ____D C:\Users\*****\Desktop\FRST-OlderVersion
2015-09-03 18:46 - 2015-09-03 18:46 - 01799392 _____ (Malwarebytes Corporation) C:\Users\*****\Desktop\JRT_7600.exe
2015-09-01 18:33 - 2015-09-01 18:33 - 00001034 _____ C:\Users\*****\Desktop\AdwCleaner[C1].txt
2015-09-01 18:17 - 2015-09-01 18:28 - 00000000 ____D C:\AdwCleaner
2015-09-01 18:12 - 2015-09-01 18:12 - 01654272 _____ C:\Users\*****\Desktop\AdwCleaner_5.005.exe
2015-09-01 18:07 - 2015-09-01 18:07 - 00001602 _____ C:\Users\*****\Desktop\mbam.txt
2015-09-01 17:23 - 2015-09-01 17:23 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\*****\Desktop\mbam-setup-2.1.8.1057.exe
2015-09-01 06:08 - 2015-09-01 06:08 - 05738637 _____ C:\Users\*****\Desktop\Such a Surge - Jetzt is Gut.mp4
2015-09-01 06:08 - 2015-09-01 06:08 - 02391594 _____ C:\Users\*****\Desktop\Such a Surge - Jetzt is Gut.m4a
2015-08-31 17:58 - 2015-08-31 17:58 - 00030822 _____ C:\ComboFix.txt
2015-08-31 17:44 - 2015-08-31 17:58 - 00000000 ____D C:\Qoobox
2015-08-31 17:44 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-31 17:44 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-31 17:44 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-31 17:44 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-31 17:44 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-31 17:44 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-31 17:44 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-31 17:44 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-31 17:35 - 2015-08-31 17:36 - 05635666 ____R (Swearware) C:\Users\*****\Desktop\ComboFix.exe
2015-08-31 17:34 - 2015-08-31 17:34 - 00114146 _____ C:\Users\*****\Desktop\zeug.txt
2015-08-30 18:18 - 2015-08-30 18:18 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\*****\Desktop\tdsskiller.exe
2015-08-28 18:34 - 2015-08-31 17:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-28 18:08 - 2015-08-28 18:17 - 00000000 ____D C:\Users\*****\Desktop\mbar
2015-08-28 18:06 - 2015-08-28 18:06 - 16563304 _____ (Malwarebytes Corp.) C:\Users\*****\Desktop\mbar-1.09.2.1008.exe
2015-08-27 21:21 - 2015-05-29 09:50 - 00271272 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-08-27 21:15 - 2015-08-27 21:27 - 00000000 ____D C:\Users\*****\AppData\Roaming\Bitdefender
2015-08-27 21:11 - 2015-08-27 21:27 - 00000000 ____D C:\ProgramData\Bitdefender
2015-08-27 21:10 - 2015-08-27 21:10 - 02868496 _____ C:\Users\*****\Downloads\bitdefender_tsecurity(1).exe
2015-08-27 21:05 - 2015-08-27 21:06 - 00003832 _____ C:\Users\*****\Desktop\ Malwarebytes Anti-Malware .txt
2015-08-27 20:31 - 2015-08-27 20:57 - 00062936 _____ C:\Users\*****\Desktop\GMER.txt
2015-08-27 19:56 - 2015-08-27 19:56 - 00380416 _____ C:\Users\*****\Desktop\Gmer-19357.exe
2015-08-27 19:53 - 2015-08-27 20:50 - 00046897 _____ C:\Users\*****\Desktop\Addition.txt
2015-08-27 19:52 - 2015-09-05 10:01 - 00020676 _____ C:\Users\*****\Desktop\FRST.txt
2015-08-27 19:52 - 2015-09-05 10:01 - 00000000 ____D C:\FRST
2015-08-27 19:51 - 2015-09-03 18:58 - 02188800 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2015-08-27 19:49 - 2015-08-27 20:51 - 00000472 _____ C:\Users\*****\Desktop\defogger_disable.log
2015-08-27 19:49 - 2015-08-27 19:49 - 00000000 _____ C:\Users\*****\defogger_reenable
2015-08-27 19:48 - 2015-08-27 19:48 - 00050477 _____ C:\Users\*****\Desktop\Defogger.exe
2015-08-27 19:44 - 2015-08-27 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-08-26 22:50 - 2015-08-26 23:28 - 3087849472 _____ C:\Users\*****\Desktop\DVD_Video Titel 5 (1).mpg
2015-08-26 22:24 - 2015-08-26 22:27 - 90777375 _____ C:\Users\*****\Desktop\Sophias Homeworkout für schöne ♥ SCHULTERN ♥.mp4
2015-08-26 22:21 - 2015-08-26 22:23 - 51388919 _____ C:\Users\*****\Desktop\Klimmzüge richtig machen -- Training für Anfänger - WWW.SOPHIA-THIEL.DE.mp4
2015-08-26 22:16 - 2015-08-26 22:50 - 2961377280 _____ C:\Users\*****\Desktop\DVD_Video Titel 4.mpg
2015-08-24 22:20 - 2015-08-24 22:23 - 63724833 _____ C:\Users\*****\Desktop\PUSH UPS tutorial.Calisthenics Beginner Series.mp4
2015-08-24 22:09 - 2015-08-24 22:14 - 95659220 _____ C:\Users\*****\Desktop\Calisthenics Beginner Series Hip Mobility and Stretching.mp4
2015-08-24 17:08 - 2015-08-24 17:11 - 29696666 _____ C:\Users\*****\Desktop\3 Little-Known Techniques for Round Shoulders - Middle Deltoid Training.mp4
2015-08-22 07:11 - 2015-08-22 07:12 - 25322036 _____ C:\Users\*****\Desktop\Basic Bodyweight Training Requirements (맨몸운동 필수조건들).mp4
2015-08-19 20:00 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 20:00 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 20:00 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 20:00 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 18:26 - 2015-08-19 18:26 - 07463603 _____ C:\Users\*****\Desktop\Sia - Elastic Heart (Official Video).m4a
2015-08-19 18:24 - 2015-08-19 18:26 - 60886036 _____ C:\Users\*****\Desktop\Sia - Elastic Heart (Official Video).mp4
2015-08-18 20:47 - 2015-08-18 20:47 - 03497916 _____ C:\Users\*****\Desktop\Benny Benassi - 'Satisfaction' (Official Video).m4a
2015-08-18 20:43 - 2015-08-18 20:45 - 33593512 _____ C:\Users\*****\Desktop\Benny Benassi - 'Satisfaction' (Official Video).mp4
2015-08-16 22:22 - 2015-08-16 22:22 - 27622019 _____ C:\Users\*****\Desktop\Kittie - Spit (Full Album).m4a
2015-08-16 22:17 - 2015-08-16 22:18 - 29917578 _____ C:\Users\*****\Desktop\Kittie - In The Black (Full Album).m4a
2015-08-16 22:17 - 2015-08-16 22:17 - 45877691 _____ C:\Users\*****\Desktop\Kittie - Oracle (Full Album).m4a
2015-08-16 22:17 - 2015-08-16 22:17 - 29667134 _____ C:\Users\*****\Desktop\Kittie - Until The End (Full Album).m4a
2015-08-16 22:06 - 2015-08-16 22:13 - 66803965 _____ C:\Users\*****\Desktop\Kittie - Until The End (Full Album).mp4
2015-08-16 21:57 - 2015-08-16 22:00 - 80454883 _____ C:\Users\*****\Desktop\Kittie - In The Black (Full Album).mp4
2015-08-16 21:51 - 2015-08-16 21:55 - 90226730 _____ C:\Users\*****\Desktop\Kittie - Oracle (Full Album).mp4
2015-08-16 21:38 - 2015-08-16 21:50 - 93434308 _____ C:\Users\*****\Desktop\Kittie - Spit (Full Album).mp4
2015-08-16 21:36 - 2015-08-16 21:36 - 05392546 _____ C:\Users\*****\Desktop\Kittie - Brackish (with lyrics).mp4
2015-08-15 07:57 - 2015-08-15 07:57 - 02935969 _____ C:\Users\*****\Desktop\Maxim - Carmen Queasy (feat. Skin) [HQ].m4a
2015-08-15 06:52 - 2015-08-15 06:53 - 17293229 _____ C:\Users\*****\Desktop\Maxim - Carmen Queasy (feat. Skin) [HQ].mp4
2015-08-12 23:53 - 2015-08-12 23:55 - 45397182 _____ C:\Users\*****\Desktop\Handstand Tutorial - How to learn a Handstand.mp4
2015-08-12 23:43 - 2015-08-12 23:44 - 38416870 _____ C:\Users\*****\Desktop\How To Planche - Beginner Tutorial.mp4
2015-08-12 23:39 - 2015-08-12 23:39 - 03551156 _____ C:\Users\*****\Desktop\Billy Idol - Don't You Forget About Me.m4a
2015-08-12 23:38 - 2015-08-12 23:39 - 13414933 _____ C:\Users\*****\Desktop\Billy Idol - Don't You Forget About Me.mp4
2015-08-12 20:20 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 20:20 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 20:03 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 20:03 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 20:03 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 20:03 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 20:03 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 20:03 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 20:03 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 20:03 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 20:03 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 20:03 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 20:03 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 20:03 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 20:03 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 20:03 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 20:03 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 20:03 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 20:03 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 20:03 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 20:03 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 20:03 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 20:03 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 20:03 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 20:03 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 20:03 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 20:03 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 20:03 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 20:03 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 20:03 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 20:03 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 20:03 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 20:03 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 20:03 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 20:03 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 20:03 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 20:03 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 20:03 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 20:03 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 20:03 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 20:03 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 20:03 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 20:03 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 20:03 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 20:03 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 20:03 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 20:03 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 20:03 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 20:03 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 20:03 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 20:03 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 20:03 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 20:03 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 20:03 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 20:03 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 20:03 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 20:03 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 20:03 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 19:55 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 19:55 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 19:55 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 19:55 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 19:55 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 19:55 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 19:55 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 19:55 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 19:55 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 19:55 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 19:55 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 19:55 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 19:55 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 19:55 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 19:55 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 19:55 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 19:55 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 19:55 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 19:55 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 19:55 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 19:55 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 19:55 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 19:55 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 19:55 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 19:55 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 19:55 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 19:55 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 19:55 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 19:55 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 19:55 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 19:55 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 19:55 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 19:55 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 19:55 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 19:55 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 19:55 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 19:55 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 19:55 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 19:55 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 19:55 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 19:55 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 19:55 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 19:55 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 19:55 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 19:55 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 19:55 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 19:55 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 19:55 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 19:55 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 19:55 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 19:55 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 19:55 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 19:55 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 19:55 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 19:55 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 19:55 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 19:55 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 19:55 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 19:55 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 19:55 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 19:53 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 19:53 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 19:53 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 19:53 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 19:53 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 19:53 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 19:53 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 19:53 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 19:53 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 19:53 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 19:53 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 19:53 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 19:53 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 19:53 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 19:53 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 19:53 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 19:53 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 19:53 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 19:52 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 19:52 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 19:52 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 19:52 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 19:52 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 19:52 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 19:52 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 19:52 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 19:52 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 19:52 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 19:52 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 19:52 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 19:52 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 19:52 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 19:52 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 19:52 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 19:52 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 19:52 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 19:52 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 19:52 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 19:52 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 19:52 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 19:52 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 19:52 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 19:52 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 19:52 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 19:52 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 19:52 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 19:52 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 19:52 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 19:52 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 19:52 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-11 00:09 - 2015-08-11 00:14 - 137061011 _____ C:\Users\*****\Desktop\Zuzka's Kettlebell Workout for Shoulders.mp4
2015-08-10 20:15 - 2015-08-10 20:15 - 05290860 _____ C:\Users\*****\Desktop\Adam Lambert - Ghost Town (Official Video).m4a
2015-08-10 19:59 - 2015-08-10 20:14 - 44147368 _____ C:\Users\*****\Desktop\Adam Lambert - Ghost Town (Official Video).mp4
2015-08-10 19:57 - 2015-08-10 19:57 - 05920042 _____ C:\Users\*****\Desktop\Taylor Swift - Bad Blood ft. Kendrick Lamar.m4a
2015-08-10 19:55 - 2015-08-10 19:57 - 51106425 _____ C:\Users\*****\Desktop\Taylor Swift - Bad Blood ft. Kendrick Lamar.mp4
2015-08-10 19:37 - 2015-08-10 19:38 - 01062832 _____ C:\Windows\Minidump\081015-25708-01.dmp
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-05 09:31 - 2012-09-12 12:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-05 09:08 - 2015-06-22 21:57 - 00001214 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-09-05 09:05 - 2014-12-24 09:42 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-05 04:46 - 2012-09-12 12:04 - 02061266 _____ C:\Windows\WindowsUpdate.log
2015-09-05 03:10 - 2015-06-22 21:57 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-09-04 21:53 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-04 21:53 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-04 20:08 - 2015-06-22 21:57 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-04 18:05 - 2014-12-24 09:42 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-04 17:29 - 2010-11-21 08:50 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-09-04 17:29 - 2010-11-21 08:50 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-09-04 17:29 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-03 18:42 - 2014-05-26 22:40 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-01 18:31 - 2015-06-22 22:30 - 00000000 ___RD C:\Users\*****\Dropbox
2015-09-01 18:31 - 2015-06-22 21:57 - 00000000 ____D C:\Users\*****\AppData\Local\Dropbox
2015-09-01 18:31 - 2012-09-12 12:43 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2015-09-01 18:31 - 2012-09-12 12:43 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2015-09-01 18:31 - 2012-09-12 12:35 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2015-09-01 18:29 - 2010-11-21 05:47 - 01297644 _____ C:\Windows\PFRO.log
2015-09-01 18:29 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-01 18:29 - 2009-07-14 06:51 - 00081850 _____ C:\Windows\setupact.log
2015-09-01 17:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PLA
2015-09-01 17:31 - 2014-05-26 21:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-01 17:31 - 2014-05-26 21:31 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-01 17:31 - 2013-07-03 14:57 - 00001104 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-31 17:53 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-31 17:52 - 2012-09-19 13:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-31 17:51 - 2015-01-04 21:07 - 00000000 ____D C:\Windows\erdnt
2015-08-30 22:39 - 2012-11-24 03:59 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc
2015-08-30 22:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-28 18:00 - 2014-12-24 09:42 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-28 18:00 - 2014-12-24 09:42 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-27 21:11 - 2014-11-20 21:59 - 00000000 ____D C:\Program Files\Bitdefender
2015-08-27 21:11 - 2012-09-19 13:12 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-08-27 21:10 - 2015-01-07 21:43 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2015-08-27 19:49 - 2012-09-19 12:49 - 00000000 ____D C:\Users\*****
2015-08-15 23:21 - 2011-02-11 19:13 - 00000000 ____D C:\Windows\panther
2015-08-15 23:17 - 2015-07-10 19:28 - 00000000 ____D C:\$Windows.~BT
2015-08-13 18:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-13 05:59 - 2013-03-16 09:25 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 05:59 - 2013-03-16 09:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 05:59 - 2009-07-14 06:45 - 00415752 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 00:42 - 2014-12-24 08:36 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-13 00:42 - 2014-05-06 20:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 22:58 - 2012-12-30 18:12 - 00000000 ____D C:\Users\*****\AppData\Roaming\dvdcss
2015-08-12 20:20 - 2013-03-16 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 20:17 - 2012-09-29 15:06 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 20:12 - 2009-07-14 04:34 - 00000510 _____ C:\Windows\win.ini
2015-08-12 20:11 - 2013-08-10 17:15 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 20:02 - 2012-09-27 17:56 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 19:31 - 2012-09-12 12:07 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 19:31 - 2012-09-12 12:07 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-12 19:31 - 2012-09-12 12:07 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-10 19:37 - 2015-05-13 11:13 - 928242780 _____ C:\Windows\MEMORY.DMP
2015-08-10 19:37 - 2014-07-08 19:14 - 00000000 ____D C:\Windows\Minidump
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2006-12-11 20:13 - 2006-12-11 20:13 - 0097336 _____ (Un4seen Developments) C:\Users\*****\AppData\Local\bass.dll
2006-12-11 20:13 - 2006-12-11 20:13 - 0013872 _____ (Un4seen Developments) C:\Users\*****\AppData\Local\basscd.dll
2007-08-13 18:46 - 2007-08-13 18:46 - 0102912 _____ (Albert L Faber) C:\Users\*****\AppData\Local\CDRip.dll
2012-09-22 22:49 - 2014-04-06 15:19 - 0035328 _____ () C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-01-18 22:09 - 2007-01-18 22:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\*****\AppData\Local\No23 Recorder.exe
2013-02-14 20:29 - 2015-01-31 09:52 - 0001473 _____ () C:\Users\*****\AppData\Local\RecConfig.xml
Einige Dateien in TEMP:
====================
C:\Users\*****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn4ms22.dll
C:\Users\*****\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-01 00:12
==================== Ende von FRST.txt ============================
|
|
05.09.2015, 15:13
| #15 |
| /// the machine /// TB-Ausbilder | Eventuelles Problem Java updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\****\Downloads\BearShareV10.exe
C:\Users\****\Downloads\Dropbox - CHIP-Installer.exe
C:\Users\****\Downloads\Free YouTube to DVD Converter - CHIP-Installer.exe
C:\Users\****\Downloads\onlineTV - CHIP-Installer.exe
C:\Users\****\Downloads\PDF24 Creator - CHIP-Installer.exe
C:\Users\****\Downloads\wz175-64gev.msi
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloadverhalten überdenken: CHIP-Installer - was ist das? - Anleitungen Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung:Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Eventuelles Problem |
| antivirus, branding, combofix, converter, cpu, dnsapi.dll, downloader, firefox, flash player, help, helper, homepage, installation, internet, internet explorer, problem, registry, rundll, scan, security, server, software, svchost.exe, teamspeak, usb, vista, windows |
WARNUNG an die MITLESER: 
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
