| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Fehlklick bei ww1.virus-total. de eeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
22.10.2015, 20:57
| #1 |
 |  Fehlklick bei ww1.virus-total. de ee Moin Moin. Da will ich eine exe prüfen und vertipp mich. Dann nicht richtig hingeguckt und auf den sehr kontrastarmen link gedrückt.    Nun folgende Beobachtungen: Gleich darauf fing das INet an zu zicken. Langsame, ruckelige bis unmögliche Videos auf Youtube, Inet-Radio ständig mit Verbindungsabbrüchen und zu guter letzt in Chrome ein sehr mehrkwürdiger Reiter. Hab ich noch für Überlastetes WLan bzw. INet gehalten. Im Browsergame DieSiedler tauchte ausserdem ein Fenster auf, das nur mit OK. zu bestätigen war: guiicon_lib/deposit_corn.png. Habe statt dessen den Browser FF geschlossen. In Chrome sind oben rechts das Minus zum minimieren, das Quadrat für Vollbild und das Kreuz zum Beenden. Links neben diesem Minus nun ein graues Feld mit meinem Chrome Anmeldenamen sowie einem gelben Dreieck mit Ausrufezeichen. Angeklickt und es wollten sich nacheinander 3 neue Erweiterungen installieren. Ausserdem war dort auch die Rede von einem AmazonAddon. Solch eines habe ich nicht installiert und will es auch nicht. Unter Einstellung teilt Chrome nun mit: "Die Anmeldeinformationen für dieses Konto sind veraltet. Erneut anmelden." (Noch) nicht gemacht. Ein FlashUpdate habe ich zweimal machen müssen. Kann nicht sagen warum und ob das zu Merkwürdigkeiten geführt hat. Ich traue meinem Router nicht mehr und würde den gerne zurücksetzen. Bitte Ansagen, wann der richtige Zeitpunkt gekommen ist. defogger: erledigt Gmer führt zum einfrieren des PC. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:21-10-2015 01 durchgeführt von ***** (Administrator) auf *****(22-10-2015 20:42:54) Gestartet von C:\Users\*****\Downloads Geladene Profile: ***** (Verfügbare Profile: ***** & .NET v4.5 & .NET v4.5 Classic) Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Malwarebytes) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe (Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (DEVGURU Co., LTD.) D:\Program Files (x86)\USB Drivers\25_escape\conn\ss_conn_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Malwarebytes) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Windows\System32\wuapihost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe (Microsoft Corporation) C:\Users\*****\AppData\Local\Snip\Snip.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36711472 2015-10-13] (Dropbox, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Google Update] => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.) HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [WEB.DE Application {sync-000021}] => C:\Users\*****\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe [781312 2015-02-18] (1&1 Mail & Media GmbH) HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [HP Photosmart Plus B210 series (NET)] => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP) HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd) HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.) HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-09-21] (Sandboxie Holdings, LLC) HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Snip] => C:\Users\*****\AppData\Local\Snip\Snip.exe [1713312 2015-10-19] (Microsoft Corporation) HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Policies\Explorer: [NoSecurityTab] 0 ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-10-06] ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-10-06] ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2015-03-27] Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-09-10] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{1f429b3c-0def-4794-9fcd-1bd8383e754d}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{f4f984b3-14b6-4096-bca6-c6781cd9c88e}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> d:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-10-06] (LastPass) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-10] (Oracle Corporation) BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> d:\Program Files (x86)\LastPass\LPToolbar.dll [2014-10-06] (LastPass) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-10] (Oracle Corporation) Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - d:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-10-06] (LastPass) Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - d:\Program Files (x86)\LastPass\LPToolbar.dll [2014-10-06] (LastPass) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798 FF Homepage: hxxp://www.diesiedleronline.de/de/spielen FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-21] () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.) FF Plugin: @lastpass.com/NPLastPass -> d:\Program Files (x86)\LastPass\nplastpass64.dll [2014-10-06] (LastPass) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=2.1.2 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-21] () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-10] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-10] (Oracle Corporation) FF Plugin-x32: @lastpass.com/NPLastPass -> d:\Program Files (x86)\LastPass\nplastpass.dll [2014-10-06] (LastPass) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @tools.google.com/Google Update;version=3 -> C:\Users\*****\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @tools.google.com/Google Update;version=9 -> C:\Users\*****\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\*****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.) FF Extension: LastPass - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\support@lastpass.com [2015-09-26] FF Extension: Video AdBlock for Firefox - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92} [2015-09-14] [ist nicht signiert] FF Extension: WOT - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-09] FF Extension: ProxMate - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2015-06-01] FF Extension: uBlock Origin - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\uBlock0@raymondhill.net.xpi [2015-10-21] FF Extension: NoScript - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-10-13] FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24] FF Extension: BetterPrivacy - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-06-01] FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [ist nicht signiert] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.spiegel.de/","hxxp://forum.ubuntuusers.de/topic/kann-keine-programme-per-software-center-downl/","hxxp://www.happypainting.de/","hxxp://www.pentaxians.de/","hxxp://www.web.de/","hxxp://www.t-online.de/","hxxp://www.trojaner-board.de/166488-re-infekt-malaha-net-diverse-beobachtungen.html" CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (NoScript Suite Lite) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahnanjpbkghcdgmlchbcfoiefnifjeni [2015-06-20] CHR Extension: (Google Drive) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (TV) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-05-02] CHR Extension: (ColorZilla) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2015-09-05] CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-08-05] CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Meine IP-Adresse) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccfphbgnmmhjfalloifioeeeokjemobf [2015-05-02] CHR Extension: (Adblock Plus) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-22] CHR Extension: (TrafficLight) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2015-05-02] CHR Extension: (Adblock für Youtube™) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-10-15] CHR Extension: (Google-Suche) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-02] CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-05-02] CHR Extension: (Best Utility Apps) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnfkmehkjocihlfmcjkmdiekloihfaog [2015-05-02] CHR Extension: (VTchromizer) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2015-09-14] CHR Extension: (Facebook Disconnect) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2015-05-02] CHR Extension: (Google Text & Tabellen Offline) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03] CHR Extension: (AdBlock) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-13] CHR Extension: („Pin it“-Button) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-10-04] CHR Extension: (LastPass: Free Password Manager) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-09-03] CHR Extension: (PDF Mergy) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2015-05-02] CHR Extension: (Subscriptions for YouTube™) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcngljpkdlakkbhmbfhjabcblbcldbl [2015-05-02] CHR Extension: (Proxmate) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2015-10-21] CHR Extension: (Dropbox) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-07-01] CHR Extension: (Interstellar) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\kackgkhdbldcojljaeoaghlhfbbldkil [2015-05-02] CHR Extension: (Google Maps) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-18] CHR Extension: (Chrono Download Manager) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2015-09-30] CHR Extension: (Ghostery) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-09-19] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24] CHR Extension: (Hover Zoom) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2015-09-28] CHR Extension: (AdBlock Pro) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-10-08] CHR Extension: (QVIVO) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohdmoikcfdlgffkebhcojlghnccgngbg [2015-05-02] CHR Extension: (Meine IP-Adresse) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhoeoiodcebkkigjiooibeccnfmmkoe [2015-05-02] CHR Extension: (Google Mail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-02] CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Präsentationen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-22] CHR Extension: (Google Docs) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-22] CHR Extension: (Google Drive) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-22] CHR Extension: (Google-Suche) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-22] CHR Extension: (Google Tabellen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-22] CHR Extension: (Google Docs Offline) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-22] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-22] CHR Extension: (Google Mail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-22] CHR HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fknfdieimobmimhdkfkheeejenmdjhoe] - C:\Program Files (x86)\pandasecuritytb\chrome-newtab-search.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12] CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\*****\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-02-15] Opera: ======= OPR Extension: (Ghostery) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2015-10-15] OPR Extension: (NoFlash) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\cfkmglogfkpfekddlalobmhdbkjneejb [2015-08-03] OPR Extension: (AdBlock for YouTube™) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\cgdogbijachehheddakopmfjahhgmmma [2015-08-03] OPR Extension: (Avira Browserschutz) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2015-09-08] OPR Extension: (WOT) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2015-08-03] OPR Extension: (Cookie Jar) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\gapogllmojifhogcdfmommbeafllndoa [2015-08-03] OPR Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\hmffjpdmbgflojiohllanjaggdenggdo [2015-08-03] OPR Extension: (NoScript Lite) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\ipiopppcaojnchgoepoemlbdccogeije [2015-08-03] OPR Extension: (Flash Player for YouTube™) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\knbfimhapmnifdchcafinkbfikmomaak [2015-09-10] OPR Extension: (History Eraser) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\lfpoajlbkhlfoeeokbppmecpplmieedm [2015-08-03] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.) R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [218768 2015-06-24] (DTS) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation) R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation) R2 MBAMScheduler; d:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; d:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [Datei ist nicht signiert] R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-09-21] (Sandboxie Holdings, LLC) R2 ss_conn_service; D:\Program Files (x86)\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.) R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe [241400 2015-10-12] (RaMMicHaeL) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-09] (Microsoft Corporation) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-09] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) S3 AmUHubftr; C:\Windows\System32\drivers\AmUHubftr.sys [25880 2013-12-20] (Alcor Micro, Corp.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices) S3 Bulk1528; C:\Windows\System32\Drivers\Bulk1528.sys [17792 2009-10-20] (SunPlus) S2 Ca1528av; C:\Windows\System32\Drivers\Ca1528av.sys [533760 2008-12-17] (Digital Camera) R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] () R3 i8042HDR; C:\Windows\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows (R) Codename Longhorn DDK provider) S3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34424 2015-08-27] (Microsoft Corporation) R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-22] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation) S3 MEMSWEEP2; C:\WINDOWS\system32\15E3.tmp [6144 2009-06-18] (Sophos Plc) [Datei ist nicht signiert] R3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2204304 2015-07-10] (MediaTek Inc.) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [191624 2015-09-21] (Sandboxie Holdings, LLC) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] () S1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] () S1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] () S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-10-22 20:42 - 2015-10-22 20:42 - 00016148 _____ C:\WINDOWS\system32\OPQIWUER_*****_HistoryPrediction.bin 2015-10-22 20:40 - 2015-10-22 20:42 - 00039826 _____ C:\Users\*****\Downloads\FRST.txt 2015-10-22 20:40 - 2015-10-22 20:40 - 00380416 _____ C:\Users\*****\Downloads\bzei1ksf.exe 2015-10-22 20:40 - 2015-10-22 20:40 - 00022357 _____ C:\Users\*****\Downloads\Addition.txt 2015-10-22 20:39 - 2015-10-22 20:42 - 00000000 ____D C:\FRST 2015-10-22 20:39 - 2015-10-22 20:39 - 02196480 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe 2015-10-22 20:39 - 2015-10-22 20:39 - 00000468 _____ C:\Users\*****\Downloads\defogger_disable.log 2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _____ C:\Users\*****\defogger_reenable 2015-10-22 20:38 - 2015-10-22 20:38 - 00050477 _____ C:\Users\*****\Downloads\Defogger.exe 2015-10-22 15:35 - 2015-10-22 15:35 - 00002424 _____ C:\Users\*****\Desktop\***** Grünert - Chrome.lnk 2015-10-21 16:32 - 2015-10-21 16:32 - 00001093 _____ C:\Users\Public\Desktop\WISO Mein Geld 365 Belegschnellerfassung.lnk 2015-10-21 16:32 - 2015-10-21 16:32 - 00000955 _____ C:\Users\Public\Desktop\WISO Mein Geld 365 starten.lnk 2015-10-21 16:32 - 2015-10-21 16:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Mein Geld 365 2015-10-21 16:32 - 2015-10-21 16:32 - 00000000 ____D C:\Program Files (x86)\StickRoot 2015-10-21 16:17 - 2015-10-21 16:31 - 88173384 _____ (Buhl Data Service GmbH) C:\Users\*****\Downloads\WISOFinanz365 (1).exe 2015-10-21 16:16 - 2015-10-21 16:21 - 88173384 _____ (Buhl Data Service GmbH) C:\Users\*****\Downloads\WISOFinanz365.exe 2015-10-21 15:44 - 2015-10-21 15:44 - 00000408 _____ C:\MyUpdateLogs.log 2015-10-21 15:33 - 2015-10-21 15:33 - 00000000 ____D C:\Users\*****\Documents\Turbo Lister 2015-10-21 15:02 - 2015-10-21 15:38 - 00000000 ____D C:\Users\*****\Documents\Turbo Lister Backup 2015-10-20 12:49 - 2015-10-20 12:53 - 00000000 ____D C:\Users\*****\Documents\StarCraft II Beta 2015-10-20 12:35 - 2015-10-20 12:35 - 00000849 _____ C:\Users\Public\Desktop\StarCraft II - Legacy of the Void Beta.lnk 2015-10-20 12:35 - 2015-10-20 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II - Legacy of the Void Beta 2015-10-20 12:17 - 2015-10-20 12:17 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Snip 2015-10-20 12:17 - 2015-10-20 12:17 - 00000000 ____D C:\Users\*****\AppData\Local\Snip 2015-10-19 13:22 - 2015-10-19 13:22 - 00000240 _____ C:\WINDOWS\SysWOW64\defogger_enable.log 2015-10-18 09:16 - 2015-10-18 09:16 - 00001219 _____ C:\Users\Public\Desktop\LibreOffice 5.0.lnk 2015-10-18 09:16 - 2015-10-18 09:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0 2015-10-17 18:20 - 2015-10-17 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-10-16 18:12 - 2015-10-16 18:12 - 00000000 ____D C:\Users\*****\AppData\Local\AMD 2015-10-16 16:33 - 2015-10-16 17:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-10-15 18:57 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\is-50IRB.tmp 2015-10-13 20:12 - 2015-10-13 20:12 - 00000000 ____D C:\WINDOWS\PCHEALTH 2015-10-13 19:59 - 2015-10-10 09:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-10-13 19:59 - 2015-10-10 08:40 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-10-13 19:59 - 2015-10-10 08:07 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-10-13 19:59 - 2015-10-06 05:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-10-13 19:59 - 2015-10-06 04:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-10-13 19:59 - 2015-10-01 06:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2015-10-13 19:59 - 2015-10-01 06:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2015-10-13 19:59 - 2015-10-01 06:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2015-10-13 19:59 - 2015-10-01 06:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2015-10-13 19:59 - 2015-10-01 06:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-10-13 19:59 - 2015-10-01 05:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2015-10-13 19:59 - 2015-09-25 06:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2015-10-13 19:59 - 2015-09-25 06:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2015-10-13 19:59 - 2015-09-25 05:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-10-13 19:59 - 2015-09-25 05:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2015-10-13 19:59 - 2015-09-25 05:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2015-10-13 19:59 - 2015-09-25 05:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-10-13 19:59 - 2015-09-25 05:17 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-10-13 19:59 - 2015-09-25 05:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll 2015-10-13 19:59 - 2015-09-25 05:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll 2015-10-13 19:59 - 2015-09-25 05:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-10-13 19:59 - 2015-09-25 05:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2015-10-13 19:59 - 2015-09-25 05:04 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-10-13 19:59 - 2015-09-25 05:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-10-13 19:59 - 2015-09-25 05:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2015-10-13 19:59 - 2015-09-25 05:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2015-10-13 19:59 - 2015-09-25 05:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-10-13 19:59 - 2015-09-25 05:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2015-10-13 19:59 - 2015-09-25 05:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-10-13 19:59 - 2015-09-25 05:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2015-10-13 19:59 - 2015-09-25 05:02 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-10-13 19:59 - 2015-09-25 05:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-10-13 19:59 - 2015-09-25 05:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-10-13 19:59 - 2015-09-25 05:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2015-10-13 19:59 - 2015-09-25 05:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-10-13 19:59 - 2015-09-25 05:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2015-10-13 19:59 - 2015-09-25 05:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2015-10-13 19:59 - 2015-09-25 04:59 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-10-13 19:59 - 2015-09-25 04:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2015-10-13 19:59 - 2015-09-25 04:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2015-10-13 19:59 - 2015-09-25 04:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2015-10-13 19:59 - 2015-09-25 04:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2015-10-13 19:59 - 2015-09-25 04:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2015-10-13 19:59 - 2015-09-25 04:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll 2015-10-13 19:59 - 2015-09-25 04:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2015-10-13 19:59 - 2015-09-25 04:48 - 19325952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-10-13 19:59 - 2015-09-25 04:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2015-10-13 19:59 - 2015-09-25 04:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll 2015-10-13 19:59 - 2015-09-25 04:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-10-13 19:59 - 2015-09-25 04:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-10-13 19:59 - 2015-09-25 04:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2015-10-13 19:59 - 2015-09-25 04:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-10-13 19:59 - 2015-09-25 04:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-10-13 19:59 - 2015-09-25 04:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2015-10-13 19:59 - 2015-09-25 04:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2015-10-13 19:59 - 2015-09-25 04:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-10-13 19:59 - 2015-09-25 04:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2015-10-13 19:59 - 2015-09-25 04:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2015-10-13 19:59 - 2015-09-25 04:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2015-10-13 19:59 - 2015-09-25 04:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2015-10-13 19:59 - 2015-09-25 04:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2015-10-13 19:59 - 2015-09-25 04:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2015-10-13 19:59 - 2015-09-25 04:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll 2015-10-13 19:59 - 2015-09-25 04:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2015-10-13 19:59 - 2015-09-25 04:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2015-10-11 12:06 - 2015-10-11 12:06 - 00001884 _____ C:\Users\*****\Desktop\blue-screen....txt 2015-10-11 11:48 - 2015-10-11 11:48 - 00281832 _____ C:\WINDOWS\Minidump\101115-11046-01.dmp 2015-10-09 20:11 - 2015-10-11 11:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2015-10-08 17:55 - 2015-10-18 09:13 - 00000000 ____D C:\Users\*****\Documents\W.I.R 2015-10-08 14:49 - 2015-10-20 23:47 - 00001202 _____ C:\Users\*****\Desktop\Sandboxed Web Browser.lnk 2015-10-08 14:49 - 2015-10-08 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie 2015-10-07 16:54 - 2015-10-07 16:54 - 00062133 _____ C:\WINDOWS\SysWOW64\CCCInstall_201510071654173760.log 2015-10-07 16:54 - 2015-10-07 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2015-10-07 16:53 - 2015-10-07 16:53 - 00000000 ____D C:\Program Files\ATI Technologies 2015-10-07 16:53 - 2015-10-07 16:53 - 00000000 ____D C:\Program Files (x86)\ATI Technologies 2015-10-07 16:52 - 2015-10-07 16:52 - 00061253 _____ C:\WINDOWS\SysWOW64\CCCInstall_201510071652594297.log 2015-10-07 16:51 - 2015-10-21 14:34 - 00000797 _____ C:\WINDOWS\setupact.log 2015-10-07 16:51 - 2015-10-07 16:51 - 47794160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 39721456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 30776304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 27544560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 25320432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 22327280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 15725552 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 09355016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 08982440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 08864928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 08009360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 07683096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 07482560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 06686192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 05216240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap 2015-10-07 16:51 - 2015-10-07 16:51 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap 2015-10-07 16:51 - 2015-10-07 16:51 - 01256432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 01196032 _____ C:\WINDOWS\system32\amdocl_as64.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 01070592 _____ C:\WINDOWS\system32\amdocl_ld64.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 01004032 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00833800 _____ C:\WINDOWS\system32\amdicdxx.dat 2015-10-07 16:51 - 2015-10-07 16:51 - 00807424 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00683504 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00662392 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb 2015-10-07 16:51 - 2015-10-07 16:51 - 00662392 _____ C:\WINDOWS\system32\atiapfxx.blb 2015-10-07 16:51 - 2015-10-07 16:51 - 00631280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00524272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00471320 _____ C:\WINDOWS\system32\amdmiracast.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00375792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00255472 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00243696 _____ C:\WINDOWS\system32\clinfo.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00213488 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00199664 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00198640 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00177344 _____ C:\WINDOWS\system32\ativce03.dat 2015-10-07 16:51 - 2015-10-07 16:51 - 00175648 _____ C:\WINDOWS\system32\amde31a.dat 2015-10-07 16:51 - 2015-10-07 16:51 - 00168944 _____ C:\WINDOWS\system32\atieah64.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00152560 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00143344 _____ C:\WINDOWS\system32\amdhdl64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00136176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00132080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00130072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00122352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00112368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00111600 _____ C:\WINDOWS\system32\hsa-thunk64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00111088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00103408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00100816 _____ C:\WINDOWS\system32\ativce02.dat 2015-10-07 16:51 - 2015-10-07 16:51 - 00096752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00083952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00073712 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00071152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00068080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00064496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00060912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00059888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00057840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00048112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00038384 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00000000 _____ C:\WINDOWS\setuperr.log 2015-10-05 19:26 - 2015-10-05 19:26 - 00000000 ____D C:\Program Files (x86)\ESET 2015-10-04 11:23 - 2015-10-18 17:22 - 00003568 _____ C:\WINDOWS\PFRO.log 2015-09-30 21:56 - 2015-09-19 07:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll 2015-09-30 21:56 - 2015-09-17 08:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2015-09-30 21:56 - 2015-09-17 08:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2015-09-30 21:56 - 2015-09-17 08:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2015-09-30 21:56 - 2015-09-17 08:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2015-09-30 21:56 - 2015-09-17 08:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2015-09-30 21:56 - 2015-09-17 08:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2015-09-30 21:56 - 2015-09-17 08:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys 2015-09-30 21:56 - 2015-09-17 08:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2015-09-30 21:56 - 2015-09-17 08:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2015-09-30 21:56 - 2015-09-17 08:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2015-09-30 21:56 - 2015-09-17 08:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2015-09-30 21:56 - 2015-09-17 08:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2015-09-30 21:56 - 2015-09-17 08:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2015-09-30 21:56 - 2015-09-17 08:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2015-09-30 21:56 - 2015-09-17 08:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys 2015-09-30 21:56 - 2015-09-17 08:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2015-09-30 21:56 - 2015-09-17 08:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2015-09-30 21:56 - 2015-09-17 08:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-09-30 21:56 - 2015-09-17 08:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2015-09-30 21:56 - 2015-09-17 08:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2015-09-30 21:56 - 2015-09-17 08:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2015-09-30 21:56 - 2015-09-17 08:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2015-09-30 21:56 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2015-09-30 21:56 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2015-09-30 21:56 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2015-09-30 21:56 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2015-09-30 21:56 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2015-09-30 21:56 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2015-09-30 21:56 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2015-09-30 21:56 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll 2015-09-30 21:56 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2015-09-30 21:56 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll 2015-09-30 21:56 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2015-09-30 21:56 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2015-09-30 21:56 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2015-09-30 21:56 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2015-09-30 21:56 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-09-30 21:56 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2015-09-30 21:56 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2015-09-30 21:56 - 2015-09-17 08:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2015-09-30 21:56 - 2015-09-17 08:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2015-09-30 21:56 - 2015-09-17 08:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2015-09-30 21:56 - 2015-09-17 08:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2015-09-30 21:56 - 2015-09-17 08:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2015-09-30 21:56 - 2015-09-17 08:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll 2015-09-30 21:56 - 2015-09-17 08:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe 2015-09-30 21:56 - 2015-09-17 08:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll 2015-09-30 21:56 - 2015-09-17 08:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2015-09-30 21:56 - 2015-09-17 08:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2015-09-30 21:56 - 2015-09-17 08:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-09-30 21:56 - 2015-09-17 08:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2015-09-30 21:56 - 2015-09-17 08:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2015-09-30 21:56 - 2015-09-17 08:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2015-09-30 21:56 - 2015-09-17 08:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll 2015-09-30 21:56 - 2015-09-17 08:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2015-09-30 21:56 - 2015-09-17 08:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2015-09-30 21:56 - 2015-09-17 08:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2015-09-30 21:56 - 2015-09-17 08:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2015-09-30 21:56 - 2015-09-17 08:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2015-09-30 21:56 - 2015-09-17 08:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll 2015-09-30 21:56 - 2015-09-17 08:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-09-30 21:56 - 2015-09-17 08:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-09-30 21:56 - 2015-09-17 08:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2015-09-30 21:56 - 2015-09-17 08:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll 2015-09-30 21:56 - 2015-09-17 07:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2015-09-30 21:56 - 2015-09-17 07:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2015-09-30 21:56 - 2015-09-17 07:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2015-09-30 21:56 - 2015-09-17 07:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2015-09-30 21:56 - 2015-09-17 07:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2015-09-30 21:56 - 2015-09-17 07:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-09-30 21:56 - 2015-09-17 07:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2015-09-30 21:56 - 2015-09-17 07:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-09-30 21:56 - 2015-09-17 07:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2015-09-30 21:56 - 2015-09-17 07:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll 2015-09-30 21:56 - 2015-09-17 07:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2015-09-30 21:56 - 2015-09-17 07:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll 2015-09-30 21:56 - 2015-09-17 07:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll 2015-09-30 21:56 - 2015-09-17 07:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll 2015-09-30 21:56 - 2015-09-17 07:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2015-09-30 21:56 - 2015-09-17 07:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll 2015-09-30 21:56 - 2015-09-17 07:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2015-09-30 21:56 - 2015-09-17 07:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2015-09-30 21:56 - 2015-09-17 07:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll 2015-09-30 21:56 - 2015-09-17 07:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2015-09-30 21:56 - 2015-09-17 07:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2015-09-30 21:56 - 2015-09-17 07:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2015-09-30 21:56 - 2015-09-17 07:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-09-30 21:56 - 2015-09-17 07:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2015-09-30 21:56 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2015-09-30 21:56 - 2015-09-17 07:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2015-09-30 21:56 - 2015-09-17 07:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2015-09-30 21:56 - 2015-09-17 07:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys 2015-09-30 21:56 - 2015-09-17 07:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2015-09-30 21:56 - 2015-09-17 07:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll 2015-09-30 21:56 - 2015-09-17 07:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys 2015-09-30 21:56 - 2015-09-17 07:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-09-30 21:56 - 2015-09-17 07:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2015-09-30 21:56 - 2015-09-17 07:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2015-09-30 21:56 - 2015-09-17 07:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll 2015-09-30 21:56 - 2015-09-17 07:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll 2015-09-30 21:56 - 2015-09-17 07:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2015-09-30 21:56 - 2015-09-17 07:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll 2015-09-30 21:56 - 2015-09-17 07:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll 2015-09-30 21:56 - 2015-09-17 07:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll 2015-09-30 21:56 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll 2015-09-30 21:56 - 2015-09-17 07:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2015-09-30 21:56 - 2015-09-17 07:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2015-09-30 21:56 - 2015-09-17 07:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2015-09-30 21:56 - 2015-09-17 07:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2015-09-30 21:56 - 2015-09-17 07:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll 2015-09-30 21:56 - 2015-09-17 07:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2015-09-30 21:56 - 2015-09-17 07:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2015-09-30 21:56 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2015-09-30 21:56 - 2015-09-17 07:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2015-09-30 21:56 - 2015-09-17 07:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2015-09-30 21:56 - 2015-09-17 07:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2015-09-30 21:56 - 2015-09-17 07:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2015-09-30 21:56 - 2015-09-17 07:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2015-09-30 21:56 - 2015-09-17 07:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2015-09-30 21:56 - 2015-09-17 07:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2015-09-30 21:56 - 2015-09-17 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll 2015-09-30 21:56 - 2015-09-17 07:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-09-30 21:56 - 2015-09-17 07:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2015-09-30 21:56 - 2015-09-17 07:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2015-09-30 21:56 - 2015-09-17 07:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2015-09-30 21:56 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2015-09-30 21:56 - 2015-09-17 07:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2015-09-30 21:56 - 2015-09-17 07:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2015-09-30 21:56 - 2015-09-17 07:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2015-09-30 21:56 - 2015-09-17 07:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll 2015-09-30 21:56 - 2015-09-17 07:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll 2015-09-30 21:56 - 2015-09-17 07:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2015-09-30 21:56 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2015-09-30 21:56 - 2015-09-17 07:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2015-09-30 21:56 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-09-30 21:56 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2015-09-30 21:56 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2015-09-30 21:56 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-09-30 21:56 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2015-09-30 21:56 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2015-09-30 21:56 - 2015-09-17 07:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2015-09-30 21:56 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll 2015-09-30 21:56 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll 2015-09-30 21:56 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2015-09-30 21:56 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-09-30 21:56 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2015-09-30 21:56 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2015-09-30 21:56 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2015-09-30 21:56 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2015-09-30 21:56 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll 2015-09-30 21:56 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2015-09-30 21:56 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll 2015-09-30 21:56 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2015-09-30 21:56 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-09-30 21:56 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2015-09-30 21:56 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2015-09-30 21:56 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-09-30 21:56 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2015-09-30 21:56 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll 2015-09-30 21:56 - 2015-09-17 07:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2015-09-30 21:56 - 2015-09-13 04:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2015-09-30 21:56 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2015-09-30 21:55 - 2015-09-17 08:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2015-09-30 21:55 - 2015-09-17 07:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll 2015-09-30 21:55 - 2015-09-17 07:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-09-30 21:55 - 2015-09-17 07:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll 2015-09-30 21:55 - 2015-09-17 07:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll 2015-09-30 21:55 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-10-22 20:42 - 2015-09-19 13:11 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-10-22 20:42 - 2015-08-30 11:34 - 00479134 _____ C:\Users\*****\AppData\Local\Snip.txt 2015-10-22 20:42 - 2015-06-13 15:47 - 00000000 ___RD C:\Users\*****\Dropbox 2015-10-22 20:42 - 2015-06-13 15:45 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2015-10-22 20:42 - 2015-06-13 15:45 - 00000000 ____D C:\Users\*****\AppData\Local\Dropbox 2015-10-22 20:42 - 2015-05-02 11:27 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-10-22 20:42 - 2015-03-24 18:45 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-10-22 20:41 - 2015-07-30 21:05 - 00000000 ____D C:\Users\***** 2015-10-22 20:41 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-10-22 20:40 - 2014-03-16 13:40 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA.job 2015-10-22 20:35 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru 2015-10-22 20:25 - 2014-10-26 16:05 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{687F2EEC-A316-484A-B958-97FEC835D3B2} 2015-10-22 20:23 - 2015-09-14 13:22 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-10-22 19:55 - 2015-06-13 15:45 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2015-10-22 19:53 - 2015-05-02 11:27 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-10-22 18:40 - 2014-03-16 13:40 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core.job 2015-10-22 18:37 - 2014-01-20 23:03 - 00000000 ____D C:\Users\*****\AppData\LocalLow\LastPass 2015-10-22 18:11 - 2015-05-23 17:16 - 00003412 _____ C:\WINDOWS\Sandboxie.ini 2015-10-22 15:35 - 2015-05-28 15:05 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit 2015-10-22 13:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-10-22 00:34 - 2014-04-04 17:44 - 00000000 ____D C:\Users\*****\AppData\Local\Battle.net 2015-10-21 21:54 - 2015-07-30 19:11 - 00000000 ____D C:\Users\*****\Documents\WISO Mein Geld 2015-10-21 21:52 - 2015-09-18 18:37 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-10-21 19:11 - 2014-05-07 19:37 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc 2015-10-21 16:50 - 2014-11-06 16:41 - 00000325 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2015-10-21 16:50 - 2014-11-06 16:32 - 00000000 ____D C:\Users\*****\AppData\Local\Buhl Data Service GmbH 2015-10-21 16:48 - 2015-08-30 11:34 - 00000000 ____D C:\Users\*****\Documents\My Snips 2015-10-21 16:32 - 2014-03-22 16:29 - 00000000 ____D C:\Users\*****\AppData\Roaming\Buhl Data Service GmbH 2015-10-21 16:32 - 2014-03-19 20:06 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH 2015-10-21 16:21 - 2014-10-17 21:33 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe 2015-10-21 14:35 - 2015-07-30 21:13 - 01899178 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-10-21 14:35 - 2015-07-10 18:34 - 00801936 _____ C:\WINDOWS\system32\perfh007.dat 2015-10-21 14:35 - 2015-07-10 18:34 - 00164536 _____ C:\WINDOWS\system32\perfc007.dat 2015-10-20 15:03 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-10-20 12:56 - 2014-01-20 22:56 - 00000000 ____D C:\Users\*****\AppData\Roaming\Skype 2015-10-20 12:49 - 2014-04-04 16:10 - 00000000 ____D C:\ProgramData\Blizzard Entertainment 2015-10-20 12:17 - 2015-08-30 11:34 - 00000000 ____D C:\Users\*****\AppData\Local\Package Cache 2015-10-19 14:13 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-10-19 13:24 - 2015-09-18 19:11 - 00003638 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask 2015-10-19 13:24 - 2015-03-27 21:20 - 00001504 _____ C:\DelFix.txt 2015-10-18 22:45 - 2015-09-17 19:58 - 00001276 _____ C:\Users\*****\Desktop\CoreTemp.ini 2015-10-18 17:22 - 2015-07-10 14:20 - 00454064 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-10-18 09:16 - 2015-09-06 21:08 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5 2015-10-18 08:12 - 2015-07-31 23:06 - 00000146 _____ C:\Users\*****\Desktop\Sound - Verknüpfung.lnk 2015-10-17 23:55 - 2015-09-14 13:22 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2015-10-17 18:20 - 2015-06-13 15:45 - 00000000 ____D C:\Program Files (x86)\Dropbox 2015-10-17 16:23 - 2015-07-30 19:10 - 00000000 ____D C:\Users\*****\Documents\StarCraft II 2015-10-17 15:23 - 2015-09-14 13:22 - 00004086 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2015-10-17 13:54 - 2015-05-02 11:27 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-10-17 13:42 - 2014-07-02 17:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-10-16 05:10 - 2015-07-10 13:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-10-16 05:10 - 2015-07-10 13:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-10-15 18:59 - 2014-08-13 18:27 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-10-15 18:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-10-15 18:58 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2015-10-15 18:57 - 2015-05-23 11:05 - 00000825 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-10-15 18:57 - 2015-03-24 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-10-13 20:13 - 2014-05-10 14:38 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-10-13 20:11 - 2013-08-22 15:25 - 00000203 _____ C:\WINDOWS\win.ini 2015-10-13 20:10 - 2014-01-20 22:10 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-10-13 20:06 - 2014-01-20 22:10 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-10-12 20:05 - 2014-01-20 21:44 - 00000000 ____D C:\WINDOWS\CSC 2015-10-12 19:10 - 2013-08-22 15:25 - 00002053 _____ C:\WINDOWS\system32\Drivers\etc\hosts_bak_590 2015-10-11 11:48 - 2015-08-01 12:44 - 00000000 ____D C:\WINDOWS\Minidump 2015-10-08 14:49 - 2015-05-17 13:48 - 00000000 ____D C:\Program Files\Sandboxie 2015-10-07 16:53 - 2015-07-30 21:04 - 00000000 ____D C:\ProgramData\Package Cache 2015-10-07 16:52 - 2012-07-26 09:25 - 00000000 ____D C:\AMD 2015-10-07 16:51 - 2015-07-16 02:12 - 00162240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll 2015-10-07 16:51 - 2015-07-16 02:11 - 12088008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll 2015-10-07 16:51 - 2015-07-16 02:11 - 10211016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll 2015-10-07 16:51 - 2015-07-16 02:11 - 01479808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2015-10-07 16:51 - 2015-07-16 02:11 - 01223552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2015-10-07 16:51 - 2015-07-16 02:11 - 00143056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll 2015-10-07 16:51 - 2015-07-16 02:06 - 21648880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys 2015-10-07 16:51 - 2015-07-16 01:13 - 00674288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys 2015-10-07 16:51 - 2015-07-16 01:12 - 00874480 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll 2015-10-05 09:50 - 2015-03-24 18:45 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-10-05 09:50 - 2015-03-24 18:45 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2015-10-04 17:18 - 2015-09-13 22:01 - 00000000 ____D C:\Users\*****\AppData\Roaming\MPC-HC 2015-10-04 17:14 - 2015-03-12 15:20 - 00000000 ____D C:\Users\*****\AppData\Roaming\dvdcss 2015-10-04 14:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache 2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12 2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning 2015-10-04 11:23 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\L2Schemas 2015-10-01 18:59 - 2015-09-01 17:36 - 00003962 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1438604478 2015-10-01 18:59 - 2015-08-03 14:21 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-10-01 18:59 - 2015-04-30 19:34 - 00000000 ____D C:\Program Files (x86)\Opera ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-01-20 23:03 - 2014-10-06 18:29 - 13024768 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe 2015-07-30 19:04 - 2015-07-30 19:05 - 0000467 _____ () C:\Users\*****\AppData\Roaming\burnaware.ini 2015-07-30 22:44 - 2015-07-30 22:44 - 0000078 _____ () C:\Users\*****\AppData\Roaming\mainhst.zgh 2014-10-04 14:43 - 2014-10-04 14:43 - 0001285 _____ () C:\Users\*****\AppData\Local\recently-used.xbel 2015-05-01 21:58 - 2015-05-01 21:58 - 0007595 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg 2015-08-30 11:34 - 2015-10-22 20:42 - 0479134 _____ () C:\Users\*****\AppData\Local\Snip.txt 2015-02-14 11:57 - 2015-02-14 11:57 - 0000057 _____ () C:\ProgramData\Ament.ini 2015-07-30 21:04 - 2015-07-30 21:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-11-06 16:41 - 2015-10-21 16:50 - 0000325 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\*****\fbchathistory.dat Einige Dateien in TEMP: ==================== C:\Users\*****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbkg9ci.dll C:\Users\*****\AppData\Local\Temp\unrar.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-10-13 18:53 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:21-10-2015 01
durchgeführt von ***** (2015-10-22 20:40:47)
Gestartet von C:\Users\*****\Downloads
Windows 10 Pro (X64) (2015-07-30 19:13:22)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1888364831-2858631773-2981139133-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1888364831-2858631773-2981139133-503 - Limited - Disabled)
Gast (S-1-5-21-1888364831-2858631773-2981139133-501 - Limited - Disabled)
***** (S-1-5-21-1888364831-2858631773-2981139133-1001 - Administrator - Enabled) => C:\Users\*****
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
„Der Herr der Ringe Online™“ v1301.0055.0535.4025 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 1301.0055.0535.4025 - Turbine, Inc.)
7-Zip 9.20 (HKLM-x32\...\{23170F69-40C1-2701-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.36 beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios)
Alcor Micro Generic Hub Filter Driver (HKLM-x32\...\AmUHubftr) (Version: 2.0.11.0 - Alcor Micro Corp.)
Alcor Micro Generic Hub Filter Driver (x32 Version: 2.0.11.0 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver (x32 Version: 20.26.3317.04170 - Alcor Micro Corp.) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BurnAware Free 8.3 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Double Action: Boogaloo (HKLM-x32\...\Steam App 317360) (Version: - Double Action Factory)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
DxO Optics Pro 7 (HKLM\...\{64579E10-6249-4BB1-B1D1-8EF55042DB45}) (Version: 7.5.5 - DxO Labs)
Elite Dangerous Launcher version 0.4.2854.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.2854.0 - Frontier Developments)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
FileZilla Client 3.13.1 (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\FileZilla Client) (Version: 3.13.1 - Tim Kosse)
Free MP4 Video Converter version 5.0.63.913 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.63.913 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.71 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Google Photos Backup) (Version: 1.1.1.259 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP ENVY 4500 series - Grundlegende Software für das Gerät (HKLM\...\{5C519C69-AC39-40D0-9FF3-1F3FEE4640B2}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP ENVY 4500 series Hilfe (HKLM-x32\...\{6767CCD2-B939-4542-BF08-015B5496D4EC}) (Version: 30.0.0 - Hewlett Packard)
HP Photosmart Plus B210 series - Grundlegende Software für das Gerät (HKLM\...\{1686185A-3D85-428D-8786-ACB403B9D420}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart Plus B210 series Hilfe (HKLM-x32\...\{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}) (Version: 140.0.54.54 - Hewlett Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
K-Lite Mega Codec Pack 11.4.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.4.0 - )
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version: - LastPass)
LibreOffice 5.0.2.2 (HKLM-x32\...\{71508AE2-346A-4E56-AE95-DBB8DE692258}) (Version: 5.0.2.2 - The Document Foundation)
LOTRO Plugin Compendium (HKLM-x32\...\{3BF7818D-2482-4676-A237-915A11A97847}) (Version: 1.0.3 - Lunarwater)
Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
Opera Stable 32.0.1948.69 (HKLM-x32\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.313.1 - Tracker Software Products Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version: - Uber Entertainment)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.336 - Qualcomm Atheros Communications)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.35.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.37.1119.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15022.8 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15022.8 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 5.04 (64-bit) (HKLM\...\Sandboxie) (Version: 5.04 - Sandboxie Holdings, LLC)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Ski Challenge 15 (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\sc15-GAMETWIST_MAIN) (Version: - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Snip (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\{525d439e-e22a-4221-8fd1-25b845fe0038}) (Version: 0.1.5119.0 - Microsoft Corporation)
Snip (x32 Version: 0.1.5119.0 - Microsoft) Hidden
SPCA1528 PC Driver (HKLM-x32\...\{570C2A84-A145-4DF0-AE9D-012584DF09DC}) (Version: 2.2.4.0 - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
StarCraft II - Legacy of the Void Beta (HKLM-x32\...\StarCraft II - Legacy of the Void Beta) (Version: - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Studie zur Verbesserung von HP ENVY 4500 series (HKLM\...\{3590B83E-FCEB-43E2-9F3D-2917825547D0}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Unchecky v0.4 (HKLM-x32\...\Unchecky) (Version: 0.4 - RaMMicHaeL)
Unity Web Player (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WEB.DE Club SmartFax (HKLM-x32\...\WEB.DE Club SmartFax) (Version: 2.00.235 - 1&1 Mail & Media GmbH)
WEB.DE Online-Speicher 1.11.4174.0 (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\WEB.DE Application {sync-000021}) (Version: 1.11.4174.0 - 1&1 Mail & Media GmbH)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WISO Mein Geld 365 Professional (HKLM-x32\...\WISO Mein Geld 365 Professional) (Version: - Buhl Data Service GmbH)
WISO Mein Geld 365 Professional (x32 Version: 21.0.0.0 - Buhl Data Service GmbH) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
==================== Wiederherstellungspunkte =========================
19-10-2015 13:24:14 Ende der Bereinigung
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2015-10-19 13:09 - 00002053 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
Da befinden sich 10 zusätzliche Einträge.
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {011B42D3-DFDF-4C79-BC17-EF6717F44986} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {13896B67-0FCD-42C2-A928-DC02BAFFFCAD} - System32\Tasks\{6644215F-D573-4448-B8E2-12B972183707} => pcalua.exe -a "C:\Program Files (x86)\pandasecuritytb\uninstall.exe"
Task: {187B46F7-A8B8-4F63-94EF-393FD2B00E9E} - System32\Tasks\{70F927D6-EBE1-457D-A298-444941E8E902} => pcalua.exe -a "C:\Users\*****\Desktop\Galaxy S3 - Mini\SAMSUNG_USB_Driver_for_Mobile_Phones.exe" -d "C:\Users\*****\Desktop\Galaxy S3 - Mini"
Task: {19123DE3-4CE2-47EB-951C-000B9086A899} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {1D2E8BE4-15AF-45C9-B1BB-8AE269980BD5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
Task: {20CEB925-62C3-4BE2-AC72-232D8EEEC4C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-02] (Google Inc.)
Task: {262C2D0D-990C-4A39-8A1A-7FCECDA34A8D} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {2ECDE3D1-17B5-4C78-83A3-961EBC1858CD} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {2F19BF84-ECD9-489B-B717-18E7D00AD177} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL e:\e67415113b809610ca462725cd5d34\ipoint\Setup64\Files\1031\Deu.rtf
Task: {30F520F0-ECDE-4773-8DF4-791D3E820289} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {3AF644C2-3E4D-4A96-8523-77213AB94E38} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {53F8794E-726C-4A97-9BB8-347ECDC5CB94} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {5A73AB7F-ABDA-4DEA-ACE4-066E9E744A0C} - System32\Tasks\{A8A0A7FB-B363-4CBD-91B8-947FA6EA8EAA} => pcalua.exe -a C:\Users\*****\Downloads\k30v106.EXE -d C:\Users\*****\Downloads
Task: {5B46D580-7A03-4856-88F2-8E578DABC387} - System32\Tasks\Opera scheduled Autoupdate 1438604478 => C:\Program Files (x86)\Opera\launcher.exe [2015-09-25] (Opera Software)
Task: {7D3F2A3A-91AF-4E5C-8D4A-956ECC22B4BC} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [2015-08-11] (Microsoft Corporation)
Task: {9ABF69B7-6E21-4FBE-A448-CFD73E6FC963} - System32\Tasks\{B4166901-0BCE-4DB5-9228-DF2E0E6A54F0} => pcalua.exe -a E:\TYPO3_4.7.7\typo3start.exe -d e:\TYPO3_4.7.7
Task: {AADE5BB0-9229-466A-87CF-F451459353E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-02] (Google Inc.)
Task: {DEB7CFFF-C665-4D19-A9F9-16AFEB868E86} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-13] (Microsoft Corporation)
Task: {E18984A1-5A1E-490A-A44F-ABD5DCC69332} - System32\Tasks\{70F4BB8E-DF69-4214-A82D-13742A7694BD} => pcalua.exe -a E:\typo3-winstall-6.0.0rc2\typo3start.exe -d E:\typo3-winstall-6.0.0rc2
Task: {E50A83C6-22D9-46C6-8EDE-F7B65D25B88E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-21] (Adobe Systems Incorporated)
Task: {E52C04F3-0641-4907-8F29-A02D3A7352F6} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {F6FDE532-F25A-40C7-AAAF-B33AF91282B9} - System32\Tasks\{2B43B2A3-A783-4ECE-BEF2-BEE44272E399} => pcalua.exe -a "C:\Users\*****\Desktop\Galaxy3 Mini - Android Update\SAMSUNG_USB_Driver (1)\SAMSUNG_USB_Driver_for_Mobile_Phones.exe" -d "C:\Users\*****\Desktop\Galaxy3 Mini - Android Update\SAMSUNG_USB_Driver (1)"
Task: {FE45DD55-A6EC-4F57-9056-FF15EECC96A7} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-08-24] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
Mban von heute: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 22.10.2015 Suchlaufzeit: 15:53 Protokolldatei: mbam.von.heute.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.10.22.03 Rootkit-Datenbank: v2015.10.16.01 Lizenz: Premium-Version Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Aktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: ***** Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 438138 Abgelaufene Zeit: 4 Min., 23 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Deaktiviert Rootkits: Deaktiviert Heuristik: Deaktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Gruß verrant Bitte um Unterstützung. beste Grüße verrant |
|
23.10.2015, 06:56
| #2 |
| /// the machine /// TB-Ausbilder    | Fehlklick bei ww1.virus-total. de ee hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
23.10.2015, 11:21
| #3 |
| | Fehlklick bei ww1.virus-total. de ee Hi schrauber.
__________________Beide male nichts gefunden: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.10.23.02
rootkit: v2015.10.16.01
Windows 10 x64 NTFS
Internet Explorer 11.0.10240.16431
Kay :: ***** [administrator]
23.10.2015 11:19:03
mbar-log-2015-10-23 (11-19-03).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 454186
Time elapsed: 9 minute(s), 14 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 12:01:45.0895 0x2328 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
12:01:45.0895 0x2328 UEFI system
12:01:51.0680 0x2328 ============================================================
12:01:51.0680 0x2328 Current date / time: 2015/10/23 12:01:51.0680
12:01:51.0680 0x2328 SystemInfo:
12:01:51.0680 0x2328
12:01:51.0680 0x2328 OS Version: 10.0.10240 ServicePack: 0.0
12:01:51.0680 0x2328 Product type: Workstation
12:01:51.0680 0x2328 ComputerName: *****
12:01:51.0680 0x2328 UserName: *****
12:01:51.0680 0x2328 Windows directory: C:\WINDOWS
12:01:51.0680 0x2328 System windows directory: C:\WINDOWS
12:01:51.0680 0x2328 Running under WOW64
12:01:51.0680 0x2328 Processor architecture: Intel x64
12:01:51.0680 0x2328 Number of processors: 4
12:01:51.0680 0x2328 Page size: 0x1000
12:01:51.0680 0x2328 Boot type: Normal boot
12:01:51.0680 0x2328 ============================================================
12:01:51.0742 0x2328 KLMD registered as C:\WINDOWS\system32\drivers\43561432.sys
12:01:52.0320 0x2328 System UUID: {0B5A5B54-B2F2-89F6-F0B5-AA09FE3E7769}
12:01:52.0851 0x2328 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:01:52.0883 0x2328 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:01:57.0086 0x2328 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:01:57.0086 0x2328 ============================================================
12:01:57.0086 0x2328 \Device\Harddisk0\DR0:
12:01:57.0086 0x2328 GPT partitions:
12:01:57.0086 0x2328 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {BCF91871-72BB-4CEF-8E7F-D9C0A4955E9D}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
12:01:57.0086 0x2328 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {10C44319-F5CB-4456-B544-BF94C4B5B9D6}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
12:01:57.0086 0x2328 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2916D671-1614-44CF-BBA0-0B3B08A75243}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x9592000
12:01:57.0086 0x2328 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B9D19218-9999-49CE-B3FB-B81716936588}, Name: , StartLBA 0x9604800, BlocksNum 0xE1000
12:01:57.0086 0x2328 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {40074772-7E2B-407C-8063-16DF5DC9932E}, Name: , StartLBA 0x96E5800, BlocksNum 0xAF000
12:01:57.0086 0x2328 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {62BD0C43-E716-4F22-8881-2956BF62C438}, Name: , StartLBA 0xB91C000, BlocksNum 0xFD000
12:01:57.0086 0x2328 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {0FC63DAF-8483-4772-8E79-3D69D8477DE4}, UniqueGUID: {BEF882A5-816C-404E-98A9-38A8BE2AB8C6}, Name: , StartLBA 0xBA19000, BlocksNum 0x257B800
12:01:57.0086 0x2328 MBR partitions:
12:01:57.0086 0x2328 \Device\Harddisk1\DR1:
12:01:57.0086 0x2328 MBR partitions:
12:01:57.0086 0x2328 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x21CE4800
12:01:57.0086 0x2328 \Device\Harddisk2\DR2:
12:01:57.0102 0x2328 MBR partitions:
12:01:57.0102 0x2328 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A380D41
12:01:57.0102 0x2328 ============================================================
12:01:57.0102 0x2328 C: <-> \Device\Harddisk0\DR0\Partition3
12:01:57.0133 0x2328 D: <-> \Device\Harddisk1\DR1\Partition1
12:01:57.0133 0x2328 E: <-> \Device\Harddisk2\DR2\Partition1
12:01:57.0133 0x2328 H: <-> \Device\Harddisk0\DR0\Partition6
12:01:57.0133 0x2328 ============================================================
12:01:57.0133 0x2328 Initialize success
12:01:57.0133 0x2328 ============================================================
12:01:59.0824 0x01b0 ============================================================
12:01:59.0824 0x01b0 Scan started
12:01:59.0824 0x01b0 Mode: Manual;
12:01:59.0824 0x01b0 ============================================================
12:01:59.0824 0x01b0 KSN ping started
12:02:02.0214 0x01b0 KSN ping finished: true
12:02:02.0527 0x01b0 ================ Scan system memory ========================
12:02:02.0527 0x01b0 System memory - ok
12:02:02.0527 0x01b0 ================ Scan services =============================
12:02:02.0621 0x01b0 1394ohci - ok
12:02:02.0621 0x01b0 3ware - ok
12:02:02.0621 0x01b0 ACPI - ok
12:02:02.0636 0x01b0 acpiex - ok
12:02:02.0636 0x01b0 acpipagr - ok
12:02:02.0636 0x01b0 AcpiPmi - ok
12:02:02.0652 0x01b0 acpitime - ok
12:02:02.0683 0x01b0 [ 8C194A201698B4B4F77D974549819D1F, 081A2496FE1CE519E48677D99A831FF1FEEB1B33C75224CF288FA52F3E0E5FF0 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:02:02.0683 0x01b0 AdobeFlashPlayerUpdateSvc - ok
12:02:02.0699 0x01b0 ADP80XX - ok
12:02:02.0699 0x01b0 AFD - ok
12:02:02.0699 0x01b0 agp440 - ok
12:02:02.0699 0x01b0 ahcache - ok
12:02:02.0699 0x01b0 AJRouter - ok
12:02:02.0699 0x01b0 ALG - ok
12:02:02.0714 0x01b0 [ 6DD5B6F43B389A058FA92C2C955F1296, 66575E05E91D88B1ED9BD2817A667DA91279B480106B6F97A82BB1DD7B731052 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
12:02:02.0730 0x01b0 AMD External Events Utility - ok
12:02:02.0730 0x01b0 AmdK8 - ok
12:02:02.0730 0x01b0 [ F2FF8C1B41B3784EDBD5C6D5397F403C, 104873700D2BDF4812DC48200B4609F46A63E7A50594A0599100EF1438863708 ] amdkmafd C:\WINDOWS\system32\drivers\amdkmafd.sys
12:02:02.0730 0x01b0 amdkmafd - ok
12:02:02.0730 0x01b0 amdkmdag - ok
12:02:02.0746 0x01b0 [ 8653B22467365AC4853566B2E20C36DE, AB2896370C6EBFDAE4195E3A25F40E440B709280A472ACCB4F8912E59D4C5DC6 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
12:02:02.0761 0x01b0 amdkmdap - ok
12:02:02.0761 0x01b0 AmdPPM - ok
12:02:02.0761 0x01b0 amdsata - ok
12:02:02.0761 0x01b0 amdsbs - ok
12:02:02.0777 0x01b0 amdxata - ok
12:02:02.0777 0x01b0 [ F3537882AA371C4DB220F82E63EA2D67, F92C5C2F9B0465E975AD5D0B407CD7BC50DADEB255356E2654C01EAD8F5951FE ] AmUHubftr C:\WINDOWS\System32\drivers\AmUHubftr.sys
12:02:02.0777 0x01b0 AmUHubftr - ok
12:02:02.0792 0x01b0 AppHostSvc - ok
12:02:02.0792 0x01b0 AppID - ok
12:02:02.0792 0x01b0 AppIDSvc - ok
12:02:02.0792 0x01b0 Appinfo - ok
12:02:02.0792 0x01b0 AppMgmt - ok
12:02:02.0792 0x01b0 AppReadiness - ok
12:02:02.0808 0x01b0 AppXSvc - ok
12:02:02.0808 0x01b0 arcsas - ok
12:02:02.0808 0x01b0 aspnet_state - ok
12:02:02.0824 0x01b0 AsyncMac - ok
12:02:02.0824 0x01b0 atapi - ok
12:02:02.0824 0x01b0 [ 4ECC791539F23982411864037D1AC8FC, 063CBA00E453B5FF3CDFDFB5FA2E6A190A0DC3D399EC36F646262BE76F98A60C ] AthDfu C:\WINDOWS\System32\Drivers\AthDfu.sys
12:02:02.0839 0x01b0 AthDfu - ok
12:02:02.0871 0x01b0 [ 36322190763845975E0D001E90687BF2, EA3DB2D112015CA5C744C5A84CDEFF6D02CE7D0E7E6E141AE3E527C2FAB5600E ] athur C:\WINDOWS\system32\DRIVERS\athurx.sys
12:02:02.0917 0x01b0 athur - ok
12:02:02.0917 0x01b0 [ 0966FD5BAB1F9BE200875E9EED0A0A13, F4BE70C0581B51ED6DAE6412A5FF74AE310BF88DE89C5A5E5880BEED543B01D7 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
12:02:02.0933 0x01b0 AtiHDAudioService - ok
12:02:02.0933 0x01b0 AudioEndpointBuilder - ok
12:02:02.0933 0x01b0 Audiosrv - ok
12:02:02.0933 0x01b0 AxInstSV - ok
12:02:02.0933 0x01b0 b06bdrv - ok
12:02:02.0933 0x01b0 BasicDisplay - ok
12:02:02.0949 0x01b0 BasicRender - ok
12:02:02.0949 0x01b0 bcmfn2 - ok
12:02:02.0949 0x01b0 BDESVC - ok
12:02:02.0949 0x01b0 Beep - ok
12:02:02.0949 0x01b0 BFE - ok
12:02:02.0949 0x01b0 BITS - ok
12:02:02.0949 0x01b0 bowser - ok
12:02:02.0964 0x01b0 BrokerInfrastructure - ok
12:02:02.0964 0x01b0 Browser - ok
12:02:02.0980 0x01b0 [ AF7DEA6A0E93AF8517A310D189B656BE, 008FE5102EE6B73A8D9AFC2B0E563C6A3567167380FCEDC538278240D2AE1FD4 ] BTATH_BUS C:\WINDOWS\system32\drivers\btath_bus.sys
12:02:02.0980 0x01b0 BTATH_BUS - ok
12:02:02.0980 0x01b0 [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
12:02:03.0011 0x01b0 BtFilter - ok
12:02:03.0011 0x01b0 BthAvrcpTg - ok
12:02:03.0011 0x01b0 BthEnum - ok
12:02:03.0011 0x01b0 BthHFEnum - ok
12:02:03.0027 0x01b0 bthhfhid - ok
12:02:03.0027 0x01b0 BthHFSrv - ok
12:02:03.0027 0x01b0 BTHMODEM - ok
12:02:03.0027 0x01b0 BthPan - ok
12:02:03.0027 0x01b0 BTHPORT - ok
12:02:03.0027 0x01b0 bthserv - ok
12:02:03.0042 0x01b0 BTHUSB - ok
12:02:03.0042 0x01b0 [ 5B2459D05A4C04B84D1D4CCEB57FA77B, 11E7BBA4893145A00C06CBFE31484B098B23C884709845D5A6EE153FFAA5860E ] Bulk1528 C:\WINDOWS\System32\Drivers\Bulk1528.sys
12:02:03.0042 0x01b0 Bulk1528 - ok
12:02:03.0058 0x01b0 buttonconverter - ok
12:02:03.0074 0x01b0 [ 68BD23A0AD9E934F037A1D8A1929D1E2, 7104B04435930D085D01779065C8F293A265800D90C9DEFB19C998D9326E44E7 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
12:02:03.0105 0x01b0 c2cautoupdatesvc - ok
12:02:03.0136 0x01b0 [ 13297729C696656F990A5DBA53023129, EB2B34B04B79756199DBBBDE99ACBB576D20C7C0AF3E4F3C0CF0040948216AAC ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
12:02:03.0152 0x01b0 c2cpnrsvc - ok
12:02:03.0167 0x01b0 [ C211378E7D577EE3B04E9BD00FC24AD3, 46B311466EB9492B45CA8AD9D76FFCE8E697B9B7D4B9D62E8E0F92325734F5D5 ] Ca1528av C:\WINDOWS\System32\Drivers\Ca1528av.sys
12:02:03.0183 0x01b0 Ca1528av - ok
12:02:03.0183 0x01b0 CapImg - ok
12:02:03.0183 0x01b0 cdfs - ok
12:02:03.0183 0x01b0 CDPSvc - ok
12:02:03.0199 0x01b0 cdrom - ok
12:02:03.0199 0x01b0 CertPropSvc - ok
12:02:03.0199 0x01b0 circlass - ok
12:02:03.0199 0x01b0 CLFS - ok
12:02:03.0199 0x01b0 ClipSVC - ok
12:02:03.0214 0x01b0 CmBatt - ok
12:02:03.0214 0x01b0 CNG - ok
12:02:03.0214 0x01b0 cnghwassist - ok
12:02:03.0230 0x01b0 CompositeBus - ok
12:02:03.0230 0x01b0 COMSysApp - ok
12:02:03.0230 0x01b0 condrv - ok
12:02:03.0230 0x01b0 CoreMessagingRegistrar - ok
12:02:03.0246 0x01b0 CryptSvc - ok
12:02:03.0246 0x01b0 CSC - ok
12:02:03.0246 0x01b0 CscService - ok
12:02:03.0246 0x01b0 dam - ok
12:02:03.0246 0x01b0 dbupdate - ok
12:02:03.0246 0x01b0 dbupdatem - ok
12:02:03.0246 0x01b0 DcomLaunch - ok
12:02:03.0261 0x01b0 DcpSvc - ok
12:02:03.0261 0x01b0 defragsvc - ok
12:02:03.0261 0x01b0 DeviceAssociationService - ok
12:02:03.0261 0x01b0 DeviceInstall - ok
12:02:03.0261 0x01b0 DevQueryBroker - ok
12:02:03.0261 0x01b0 Dfsc - ok
12:02:03.0277 0x01b0 [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:02:03.0292 0x01b0 dg_ssudbus - ok
12:02:03.0308 0x01b0 Dhcp - ok
12:02:03.0308 0x01b0 diagnosticshub.standardcollector.service - ok
12:02:03.0308 0x01b0 DiagTrack - ok
12:02:03.0308 0x01b0 disk - ok
12:02:03.0308 0x01b0 DmEnrollmentSvc - ok
12:02:03.0308 0x01b0 dmvsc - ok
12:02:03.0308 0x01b0 dmwappushservice - ok
12:02:03.0324 0x01b0 Dnscache - ok
12:02:03.0324 0x01b0 dot3svc - ok
12:02:03.0324 0x01b0 DPS - ok
12:02:03.0324 0x01b0 drmkaud - ok
12:02:03.0324 0x01b0 DsmSvc - ok
12:02:03.0324 0x01b0 DsSvc - ok
12:02:03.0339 0x01b0 [ 5CED7A7088FF65A61A816EDA048D7B1F, 5529A8757DB763E88346CBB07D5FE6A9EE2F06AC17F3AD801E58621C3D6822A8 ] DTSAudioService C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
12:02:03.0339 0x01b0 DTSAudioService - ok
12:02:03.0339 0x01b0 DXGKrnl - ok
12:02:03.0339 0x01b0 Eaphost - ok
12:02:03.0339 0x01b0 ebdrv - ok
12:02:03.0355 0x01b0 EFS - ok
12:02:03.0355 0x01b0 EhStorClass - ok
12:02:03.0355 0x01b0 EhStorTcgDrv - ok
12:02:03.0355 0x01b0 embeddedmode - ok
12:02:03.0355 0x01b0 EntAppSvc - ok
12:02:03.0355 0x01b0 ErrDev - ok
12:02:03.0371 0x01b0 [ DDF090A1D27D496BA6BFBF7C59693A7F, 4EEB8970B11A64FA2DAE216574C7637541DE9435AD063DB3157ECF0D09D4A94C ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys
12:02:03.0371 0x01b0 ESProtectionDriver - ok
12:02:03.0371 0x01b0 EventSystem - ok
12:02:03.0371 0x01b0 exfat - ok
12:02:03.0371 0x01b0 fastfat - ok
12:02:03.0371 0x01b0 Fax - ok
12:02:03.0386 0x01b0 fcvsc - ok
12:02:03.0386 0x01b0 fdc - ok
12:02:03.0386 0x01b0 fdPHost - ok
12:02:03.0386 0x01b0 FDResPub - ok
12:02:03.0386 0x01b0 fhsvc - ok
12:02:03.0386 0x01b0 FileCrypt - ok
12:02:03.0386 0x01b0 FileInfo - ok
12:02:03.0402 0x01b0 Filetrace - ok
12:02:03.0402 0x01b0 flpydisk - ok
12:02:03.0402 0x01b0 FltMgr - ok
12:02:03.0402 0x01b0 FontCache - ok
12:02:03.0402 0x01b0 FontCache3.0.0.0 - ok
12:02:03.0402 0x01b0 FsDepends - ok
12:02:03.0402 0x01b0 Fs_Rec - ok
12:02:03.0417 0x01b0 fvevol - ok
12:02:03.0417 0x01b0 gagp30kx - ok
12:02:03.0417 0x01b0 gencounter - ok
12:02:03.0417 0x01b0 genericusbfn - ok
12:02:03.0417 0x01b0 GPIOClx0101 - ok
12:02:03.0417 0x01b0 gpsvc - ok
12:02:03.0417 0x01b0 GpuEnergyDrv - ok
12:02:03.0433 0x01b0 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:02:03.0433 0x01b0 gupdate - ok
12:02:03.0433 0x01b0 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:02:03.0433 0x01b0 gupdatem - ok
12:02:03.0449 0x01b0 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:02:03.0464 0x01b0 gusvc - ok
12:02:03.0464 0x01b0 HDAudBus - ok
12:02:03.0464 0x01b0 HidBatt - ok
12:02:03.0480 0x01b0 HidBth - ok
12:02:03.0480 0x01b0 hidi2c - ok
12:02:03.0480 0x01b0 hidinterrupt - ok
12:02:03.0480 0x01b0 HidIr - ok
12:02:03.0480 0x01b0 hidserv - ok
12:02:03.0480 0x01b0 HidUsb - ok
12:02:03.0496 0x01b0 HomeGroupListener - ok
12:02:03.0496 0x01b0 HomeGroupProvider - ok
12:02:03.0496 0x01b0 HpSAMD - ok
12:02:03.0496 0x01b0 HTTP - ok
12:02:03.0496 0x01b0 hwpolicy - ok
12:02:03.0496 0x01b0 hyperkbd - ok
12:02:03.0496 0x01b0 HyperVideo - ok
12:02:03.0511 0x01b0 [ 45E0F744B0887E2701B1C59DC86147EC, 04EB75A07B2949AB994F355BBEE33DE2069F94504D738DC7E66ABB1C9F1C31C8 ] i8042HDR C:\WINDOWS\system32\DRIVERS\i8042HDR.sys
12:02:03.0511 0x01b0 i8042HDR - ok
12:02:03.0511 0x01b0 i8042prt - ok
12:02:03.0527 0x01b0 iaLPSSi_GPIO - ok
12:02:03.0527 0x01b0 iaLPSSi_I2C - ok
12:02:03.0527 0x01b0 iaStorAV - ok
12:02:03.0527 0x01b0 iaStorV - ok
12:02:03.0527 0x01b0 ibbus - ok
12:02:03.0527 0x01b0 icssvc - ok
12:02:03.0542 0x01b0 [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
12:02:03.0558 0x01b0 IDriverT - ok
12:02:03.0558 0x01b0 IEEtwCollectorService - ok
12:02:03.0558 0x01b0 IKEEXT - ok
12:02:03.0636 0x01b0 [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
12:02:03.0699 0x01b0 IntcAzAudAddService - ok
12:02:03.0714 0x01b0 [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
12:02:04.0428 0x01b0 Intel(R) Capability Licensing Service Interface - ok
12:02:04.0444 0x01b0 [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
12:02:05.0195 0x01b0 Intel(R) Capability Licensing Service TCP IP Interface - ok
12:02:05.0195 0x01b0 intelide - ok
12:02:05.0195 0x01b0 intelpep - ok
12:02:05.0210 0x01b0 intelppm - ok
12:02:05.0210 0x01b0 IoQos - ok
12:02:05.0210 0x01b0 IpFilterDriver - ok
12:02:05.0210 0x01b0 iphlpsvc - ok
12:02:05.0210 0x01b0 IPMIDRV - ok
12:02:05.0210 0x01b0 IPNAT - ok
12:02:05.0210 0x01b0 IRENUM - ok
12:02:05.0210 0x01b0 isapnp - ok
12:02:05.0226 0x01b0 iScsiPrt - ok
12:02:05.0226 0x01b0 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
12:02:05.0226 0x01b0 jhi_service - ok
12:02:05.0226 0x01b0 kbdclass - ok
12:02:05.0226 0x01b0 kbdhid - ok
12:02:05.0241 0x01b0 kdnic - ok
12:02:05.0241 0x01b0 KeyIso - ok
12:02:05.0241 0x01b0 KSecDD - ok
12:02:05.0241 0x01b0 KSecPkg - ok
12:02:05.0241 0x01b0 ksthunk - ok
12:02:05.0241 0x01b0 KtmRm - ok
12:02:05.0257 0x01b0 LanmanServer - ok
12:02:05.0257 0x01b0 LanmanWorkstation - ok
12:02:05.0257 0x01b0 [ CB832B008ABB822FD5ECDF03BA46C66E, 9512D5F5FDE1B05B0F2487FFE0E32C9091FD3D829AB8518FCAD660BD03779BB0 ] LcUvcUpper C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys
12:02:05.0257 0x01b0 LcUvcUpper - ok
12:02:05.0257 0x01b0 lfsvc - ok
12:02:05.0257 0x01b0 LicenseManager - ok
12:02:05.0257 0x01b0 lltdio - ok
12:02:05.0273 0x01b0 lltdsvc - ok
12:02:05.0273 0x01b0 lmhosts - ok
12:02:05.0273 0x01b0 LSI_SAS - ok
12:02:05.0273 0x01b0 LSI_SAS2i - ok
12:02:05.0273 0x01b0 LSI_SAS3i - ok
12:02:05.0273 0x01b0 LSI_SSS - ok
12:02:05.0288 0x01b0 LSM - ok
12:02:05.0288 0x01b0 luafv - ok
12:02:05.0288 0x01b0 MapsBroker - ok
12:02:05.0304 0x01b0 [ B2E0C6FD6CA1B5EBC4E8DB8C674A661B, B0B7E41CB28482307CF4A3DD1909D277C661A73AA03E552DB6AAA71F017C9E19 ] MbaeSvc C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
12:02:05.0304 0x01b0 MbaeSvc - ok
12:02:05.0320 0x01b0 [ E681CE4AE5C09651D53CB4387CA3560E, F8503DB901FE65191AE0229BA44F0BB417626224DEC0743BFC771914D4EEDFDD ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
12:02:05.0320 0x01b0 mbamchameleon - ok
12:02:05.0320 0x01b0 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
12:02:05.0320 0x01b0 MBAMProtector - ok
12:02:05.0438 0x01b0 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler d:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
12:02:05.0532 0x01b0 MBAMScheduler - ok
12:02:05.0595 0x01b0 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService d:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
12:02:05.0641 0x01b0 MBAMService - ok
12:02:05.0641 0x01b0 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
12:02:05.0641 0x01b0 MBAMSwissArmy - ok
12:02:05.0657 0x01b0 [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
12:02:05.0657 0x01b0 MBAMWebAccessControl - ok
12:02:05.0657 0x01b0 megasas - ok
12:02:05.0657 0x01b0 megasr - ok
12:02:05.0657 0x01b0 [ 18B9AD128EC84E8D16A83F70CF36594F, 199DF15D68E2A079794E5DD325162C1A68A65EF26EEF5A6C6154281DDE57279A ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
12:02:05.0688 0x01b0 MEIx64 - ok
12:02:05.0688 0x01b0 [ 1595FECFFBE9EA2417E06D5FD0BFA4C4, 96006C7F19FDC1700EEBA870F96433D3260DEA06AD7215EAD8F1D74C953E1B50 ] MEMSWEEP2 C:\WINDOWS\system32\15E3.tmp
12:02:05.0688 0x01b0 MEMSWEEP2 - ok
12:02:05.0704 0x01b0 Microsoft SharePoint Workspace Audit Service - ok
12:02:05.0704 0x01b0 mlx4_bus - ok
12:02:05.0704 0x01b0 MMCSS - ok
12:02:05.0704 0x01b0 Modem - ok
12:02:05.0704 0x01b0 monitor - ok
12:02:05.0704 0x01b0 mouclass - ok
12:02:05.0720 0x01b0 mouhid - ok
12:02:05.0720 0x01b0 mountmgr - ok
12:02:05.0720 0x01b0 [ C34AB4280614658903BE848CE79ACDB5, 9A943D9B3CF941DAE4EA4E2771B5EC5DA37AB16AD43095EF092B4259D62FF810 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:02:05.0720 0x01b0 MozillaMaintenance - ok
12:02:05.0720 0x01b0 mpsdrv - ok
12:02:05.0735 0x01b0 MpsSvc - ok
12:02:05.0735 0x01b0 MRxDAV - ok
12:02:05.0735 0x01b0 mrxsmb - ok
12:02:05.0735 0x01b0 mrxsmb10 - ok
12:02:05.0735 0x01b0 mrxsmb20 - ok
12:02:05.0751 0x01b0 MsBridge - ok
12:02:05.0751 0x01b0 MSDTC - ok
12:02:05.0751 0x01b0 Msfs - ok
12:02:05.0751 0x01b0 msgpiowin32 - ok
12:02:05.0751 0x01b0 mshidkmdf - ok
12:02:05.0751 0x01b0 mshidumdf - ok
12:02:05.0751 0x01b0 msisadrv - ok
12:02:05.0766 0x01b0 MSiSCSI - ok
12:02:05.0766 0x01b0 msiserver - ok
12:02:05.0766 0x01b0 MSKSSRV - ok
12:02:05.0766 0x01b0 MsLldp - ok
12:02:05.0766 0x01b0 MSPCLOCK - ok
12:02:05.0766 0x01b0 MSPQM - ok
12:02:05.0766 0x01b0 MsRPC - ok
12:02:05.0782 0x01b0 mssmbios - ok
12:02:05.0782 0x01b0 MSTEE - ok
12:02:05.0782 0x01b0 MTConfig - ok
12:02:05.0782 0x01b0 Mup - ok
12:02:05.0782 0x01b0 mvumis - ok
12:02:05.0798 0x01b0 NativeWifiP - ok
12:02:05.0798 0x01b0 NcaSvc - ok
12:02:05.0798 0x01b0 NcbService - ok
12:02:05.0798 0x01b0 NcdAutoSetup - ok
12:02:05.0798 0x01b0 ndfltr - ok
12:02:05.0798 0x01b0 NDIS - ok
12:02:05.0798 0x01b0 NdisCap - ok
12:02:05.0813 0x01b0 NdisImPlatform - ok
12:02:05.0813 0x01b0 NdisTapi - ok
12:02:05.0813 0x01b0 Ndisuio - ok
12:02:05.0813 0x01b0 NdisVirtualBus - ok
12:02:05.0813 0x01b0 NdisWan - ok
12:02:05.0813 0x01b0 ndiswanlegacy - ok
12:02:05.0813 0x01b0 ndproxy - ok
12:02:05.0829 0x01b0 Ndu - ok
12:02:05.0829 0x01b0 NetBIOS - ok
12:02:05.0829 0x01b0 NetBT - ok
12:02:05.0829 0x01b0 Netlogon - ok
12:02:05.0829 0x01b0 Netman - ok
12:02:05.0829 0x01b0 netprofm - ok
12:02:05.0829 0x01b0 netr28ux - ok
12:02:05.0845 0x01b0 NetSetupSvc - ok
12:02:05.0845 0x01b0 NetTcpActivator - ok
12:02:05.0845 0x01b0 NetTcpPortSharing - ok
12:02:05.0845 0x01b0 netvsc - ok
12:02:05.0845 0x01b0 NgcCtnrSvc - ok
12:02:05.0860 0x01b0 NgcSvc - ok
12:02:05.0860 0x01b0 NlaSvc - ok
12:02:05.0860 0x01b0 Npfs - ok
12:02:05.0860 0x01b0 npsvctrig - ok
12:02:05.0860 0x01b0 nsi - ok
12:02:05.0860 0x01b0 nsiproxy - ok
12:02:05.0876 0x01b0 NTFS - ok
12:02:05.0876 0x01b0 Null - ok
12:02:05.0876 0x01b0 nvraid - ok
12:02:05.0876 0x01b0 nvstor - ok
12:02:05.0876 0x01b0 nv_agp - ok
12:02:05.0876 0x01b0 OneSyncSvc - ok
12:02:05.0891 0x01b0 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:02:05.0891 0x01b0 ose - ok
12:02:05.0970 0x01b0 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:02:06.0048 0x01b0 osppsvc - ok
12:02:06.0063 0x01b0 p2pimsvc - ok
12:02:06.0063 0x01b0 p2psvc - ok
12:02:06.0063 0x01b0 Parport - ok
12:02:06.0063 0x01b0 partmgr - ok
12:02:06.0063 0x01b0 PcaSvc - ok
12:02:06.0063 0x01b0 pci - ok
12:02:06.0063 0x01b0 pciide - ok
12:02:06.0079 0x01b0 pcmcia - ok
12:02:06.0079 0x01b0 pcw - ok
12:02:06.0079 0x01b0 pdc - ok
12:02:06.0079 0x01b0 PEAUTH - ok
12:02:06.0079 0x01b0 PeerDistSvc - ok
12:02:06.0079 0x01b0 percsas2i - ok
12:02:06.0079 0x01b0 percsas3i - ok
12:02:06.0110 0x01b0 PerfHost - ok
12:02:06.0126 0x01b0 PimIndexMaintenanceSvc - ok
12:02:06.0126 0x01b0 pla - ok
12:02:06.0126 0x01b0 PlugPlay - ok
12:02:06.0126 0x01b0 PNRPAutoReg - ok
12:02:06.0141 0x01b0 PNRPsvc - ok
12:02:06.0141 0x01b0 [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64 C:\WINDOWS\System32\drivers\point64.sys
12:02:06.0141 0x01b0 Point64 - ok
12:02:06.0141 0x01b0 PolicyAgent - ok
12:02:06.0141 0x01b0 Power - ok
12:02:06.0141 0x01b0 PptpMiniport - ok
12:02:06.0204 0x01b0 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:02:06.0266 0x01b0 PrintNotify - ok
12:02:06.0282 0x01b0 Processor - ok
12:02:06.0282 0x01b0 ProfSvc - ok
12:02:06.0282 0x01b0 Psched - ok
12:02:06.0282 0x01b0 QWAVE - ok
12:02:06.0282 0x01b0 QWAVEdrv - ok
12:02:06.0298 0x01b0 [ 8C505C4CF714DCB7158FCFCACF7416AC, C6FCF9192EE1402FC19882433F8E98075FD1D589F7D9D5FAB47EA39CD4C3E289 ] RalinkRegistryWriter C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
12:02:06.0345 0x01b0 RalinkRegistryWriter - ok
12:02:06.0345 0x01b0 [ 16C12C49A599873C191DCD50D02DB7CB, 3CA61E39301787FCE6EB3F7B1F8A784A59FC551DD75AD9F0C5779174AFCDD768 ] RalinkRegistryWriter64 C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
12:02:06.0391 0x01b0 RalinkRegistryWriter64 - ok
12:02:06.0423 0x01b0 [ 2977F7750EA2BECB3E623814D2C18800, A2FAE078FC18481C59D7D3B465D4E53756D85C1C49F6471D3840EEF49814EA19 ] RaMediaServer C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
12:02:06.0829 0x01b0 RaMediaServer - ok
12:02:06.0829 0x01b0 RasAcd - ok
12:02:06.0829 0x01b0 RasAgileVpn - ok
12:02:06.0829 0x01b0 RasAuto - ok
12:02:06.0829 0x01b0 Rasl2tp - ok
12:02:06.0829 0x01b0 RasMan - ok
12:02:06.0845 0x01b0 RasPppoe - ok
12:02:06.0845 0x01b0 RasSstp - ok
12:02:06.0845 0x01b0 rdbss - ok
12:02:06.0845 0x01b0 rdpbus - ok
12:02:06.0845 0x01b0 RDPDR - ok
12:02:06.0860 0x01b0 RdpVideoMiniport - ok
12:02:06.0860 0x01b0 rdyboost - ok
12:02:06.0860 0x01b0 ReFSv1 - ok
12:02:06.0860 0x01b0 RemoteAccess - ok
12:02:06.0860 0x01b0 RemoteRegistry - ok
12:02:06.0860 0x01b0 RetailDemo - ok
12:02:06.0876 0x01b0 RFCOMM - ok
12:02:06.0876 0x01b0 RpcEptMapper - ok
12:02:06.0876 0x01b0 RpcLocator - ok
12:02:06.0876 0x01b0 RpcSs - ok
12:02:06.0876 0x01b0 rspndr - ok
12:02:06.0876 0x01b0 rt640x64 - ok
12:02:06.0891 0x01b0 [ 333224D4D25F9BCCA488E08345083E1C, 368CA50C6791849A029F0E55036D0F2952922D5D17BE3C35D1195C6AFED0D94F ] RTL8187 C:\WINDOWS\system32\DRIVERS\rtl8187.sys
12:02:06.0907 0x01b0 RTL8187 - ok
12:02:06.0923 0x01b0 s3cap - ok
12:02:06.0923 0x01b0 SamSs - ok
12:02:06.0923 0x01b0 [ 5A4DE7A65657965208296635F2C01E94, 8028303C7098B2C42DF6172DB39070AD4BF69B16E19EBC85B9AD6865C732C322 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
12:02:06.0938 0x01b0 SbieDrv - ok
12:02:06.0938 0x01b0 [ 75AE2224F4427B737C1DEF1A4F2DFDA8, 71C4B60B0C1AC4A5684C6718A65C4275ECEE300C99085E4490934DDB0DC3784E ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
12:02:06.0954 0x01b0 SbieSvc - ok
12:02:06.0954 0x01b0 sbp2port - ok
12:02:06.0970 0x01b0 SCardSvr - ok
12:02:06.0970 0x01b0 ScDeviceEnum - ok
12:02:06.0970 0x01b0 scfilter - ok
12:02:06.0970 0x01b0 Schedule - ok
12:02:06.0970 0x01b0 SCPolicySvc - ok
12:02:06.0970 0x01b0 sdbus - ok
12:02:06.0985 0x01b0 SDRSVC - ok
12:02:06.0985 0x01b0 sdstor - ok
12:02:06.0985 0x01b0 seclogon - ok
12:02:06.0985 0x01b0 SENS - ok
12:02:06.0985 0x01b0 SensorDataService - ok
12:02:06.0985 0x01b0 SensorService - ok
12:02:07.0001 0x01b0 SensrSvc - ok
12:02:07.0001 0x01b0 SerCx - ok
12:02:07.0001 0x01b0 SerCx2 - ok
12:02:07.0001 0x01b0 Serenum - ok
12:02:07.0001 0x01b0 Serial - ok
12:02:07.0001 0x01b0 sermouse - ok
12:02:07.0016 0x01b0 SessionEnv - ok
12:02:07.0016 0x01b0 sfloppy - ok
12:02:07.0016 0x01b0 SharedAccess - ok
12:02:07.0016 0x01b0 ShellHWDetection - ok
12:02:07.0016 0x01b0 simptcp - ok
12:02:07.0032 0x01b0 SiSRaid2 - ok
12:02:07.0032 0x01b0 SiSRaid4 - ok
12:02:07.0032 0x01b0 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:02:07.0032 0x01b0 SkypeUpdate - ok
12:02:07.0048 0x01b0 smphost - ok
12:02:07.0048 0x01b0 SmsRouter - ok
12:02:07.0048 0x01b0 SNMPTRAP - ok
12:02:07.0048 0x01b0 spaceport - ok
12:02:07.0063 0x01b0 SpbCx - ok
12:02:07.0079 0x01b0 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\WINDOWS\SysWOW64\speedfan.sys
12:02:07.0220 0x01b0 speedfan - ok
12:02:07.0235 0x01b0 Spooler - ok
12:02:07.0235 0x01b0 sppsvc - ok
12:02:07.0235 0x01b0 srv - ok
12:02:07.0235 0x01b0 srv2 - ok
12:02:07.0235 0x01b0 srvnet - ok
12:02:07.0251 0x01b0 SSDPSRV - ok
12:02:07.0251 0x01b0 SstpSvc - ok
12:02:07.0251 0x01b0 [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
12:02:07.0266 0x01b0 ssudmdm - ok
12:02:07.0376 0x01b0 [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service D:\Program Files (x86)\USB Drivers\25_escape\conn\ss_conn_service.exe
12:02:07.0423 0x01b0 ss_conn_service - ok
12:02:07.0423 0x01b0 StateRepository - ok
12:02:07.0438 0x01b0 [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:02:07.0454 0x01b0 Steam Client Service - ok
12:02:07.0454 0x01b0 stexstor - ok
12:02:07.0454 0x01b0 [ 7C4D2F167FA6153B4FE7145FE6D3DF15, F39ED9CDF323DDC57D0F64F9CC121E911EA53819A3A941A2F6EA557C35FCB372 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
12:02:07.0470 0x01b0 StillCam - ok
12:02:07.0470 0x01b0 stisvc - ok
12:02:07.0470 0x01b0 storahci - ok
12:02:07.0470 0x01b0 storflt - ok
12:02:07.0485 0x01b0 stornvme - ok
12:02:07.0485 0x01b0 storqosflt - ok
12:02:07.0485 0x01b0 StorSvc - ok
12:02:07.0485 0x01b0 storufs - ok
12:02:07.0485 0x01b0 storvsc - ok
12:02:07.0485 0x01b0 svsvc - ok
12:02:07.0516 0x01b0 swenum - ok
12:02:07.0516 0x01b0 swprv - ok
12:02:07.0516 0x01b0 Synth3dVsc - ok
12:02:07.0516 0x01b0 SysMain - ok
12:02:07.0516 0x01b0 SystemEventsBroker - ok
12:02:07.0516 0x01b0 TabletInputService - ok
12:02:07.0532 0x01b0 TapiSrv - ok
12:02:07.0532 0x01b0 Tcpip - ok
12:02:07.0532 0x01b0 Tcpip6 - ok
12:02:07.0532 0x01b0 tcpipreg - ok
12:02:07.0532 0x01b0 tdx - ok
12:02:07.0548 0x01b0 terminpt - ok
12:02:07.0548 0x01b0 TermService - ok
12:02:07.0548 0x01b0 Themes - ok
12:02:07.0548 0x01b0 tiledatamodelsvc - ok
12:02:07.0548 0x01b0 TimeBroker - ok
12:02:07.0563 0x01b0 TPM - ok
12:02:07.0563 0x01b0 TrkWks - ok
12:02:07.0563 0x01b0 TrustedInstaller - ok
12:02:07.0563 0x01b0 TsUsbFlt - ok
12:02:07.0563 0x01b0 TsUsbGD - ok
12:02:07.0563 0x01b0 tunnel - ok
12:02:07.0579 0x01b0 uagp35 - ok
12:02:07.0579 0x01b0 UASPStor - ok
12:02:07.0579 0x01b0 UcmCx0101 - ok
12:02:07.0579 0x01b0 UcmUcsi - ok
12:02:07.0579 0x01b0 Ucx01000 - ok
12:02:07.0579 0x01b0 UdeCx - ok
12:02:07.0595 0x01b0 udfs - ok
12:02:07.0595 0x01b0 UEFI - ok
12:02:07.0595 0x01b0 Ufx01000 - ok
12:02:07.0595 0x01b0 UfxChipidea - ok
12:02:07.0595 0x01b0 ufxsynopsys - ok
12:02:07.0610 0x01b0 UI0Detect - ok
12:02:07.0610 0x01b0 [ 6E566C1708DDC93ADF9286E9C714B652, AF179BCA9395D51ACDFB5BACE29388E2B4D5587FCAB53898AAA4F4011851B115 ] UimBus C:\WINDOWS\System32\drivers\UimBus.sys
12:02:07.0626 0x01b0 UimBus - ok
12:02:07.0626 0x01b0 [ 7DF6A08B0B74C4F9357EFBAE309B87F1, 9A5BB8EA70709519A3599D0818923321AE691CC9EBC1ABC3F5BB008AF18B797B ] Uim_DEVIM C:\WINDOWS\System32\drivers\uim_devim.sys
12:02:07.0641 0x01b0 Uim_DEVIM - ok
12:02:07.0657 0x01b0 [ 2DDD63E0948474B91046CF1AB7661189, A91A1F1E646B928C95C30DA4D70220262D3A67C1B66E365C981AA23A401624E9 ] Uim_IM C:\WINDOWS\System32\drivers\uim_im.sys
12:02:07.0673 0x01b0 Uim_IM - ok
12:02:07.0673 0x01b0 uliagpkx - ok
12:02:07.0673 0x01b0 umbus - ok
12:02:07.0688 0x01b0 UmPass - ok
12:02:07.0688 0x01b0 UmRdpService - ok
12:02:07.0688 0x01b0 [ 20E2D894031B5769482148A4166B29A0, 338CEF86430998AE3E6A8FF0A3B13374A9A240F2E39AEDEC5BA549DAF8550F7B ] Unchecky C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe
12:02:07.0720 0x01b0 Unchecky - ok
12:02:07.0720 0x01b0 UnistoreSvc - ok
12:02:07.0720 0x01b0 upnphost - ok
12:02:07.0735 0x01b0 UrsChipidea - ok
12:02:07.0735 0x01b0 UrsCx01000 - ok
12:02:07.0735 0x01b0 UrsSynopsys - ok
12:02:07.0735 0x01b0 usbaudio - ok
12:02:07.0735 0x01b0 usbccgp - ok
12:02:07.0735 0x01b0 usbcir - ok
12:02:07.0751 0x01b0 usbehci - ok
12:02:07.0751 0x01b0 usbhub - ok
12:02:07.0751 0x01b0 USBHUB3 - ok
12:02:07.0751 0x01b0 usbohci - ok
12:02:07.0751 0x01b0 usbprint - ok
12:02:07.0751 0x01b0 usbser - ok
12:02:07.0766 0x01b0 USBSTOR - ok
12:02:07.0766 0x01b0 usbuhci - ok
12:02:07.0766 0x01b0 usbvideo - ok
12:02:07.0766 0x01b0 USBXHCI - ok
12:02:07.0766 0x01b0 UserDataSvc - ok
12:02:07.0782 0x01b0 UserManager - ok
12:02:07.0782 0x01b0 UsoSvc - ok
12:02:07.0782 0x01b0 VaultSvc - ok
12:02:07.0782 0x01b0 vdrvroot - ok
12:02:07.0782 0x01b0 vds - ok
12:02:07.0782 0x01b0 VerifierExt - ok
12:02:07.0798 0x01b0 vhdmp - ok
12:02:07.0798 0x01b0 vhf - ok
12:02:07.0798 0x01b0 vmbus - ok
12:02:07.0798 0x01b0 VMBusHID - ok
12:02:07.0798 0x01b0 vmicguestinterface - ok
12:02:07.0798 0x01b0 vmicheartbeat - ok
12:02:07.0813 0x01b0 vmickvpexchange - ok
12:02:07.0813 0x01b0 vmicrdv - ok
12:02:07.0813 0x01b0 vmicshutdown - ok
12:02:07.0813 0x01b0 vmictimesync - ok
12:02:07.0813 0x01b0 vmicvmsession - ok
12:02:07.0813 0x01b0 vmicvss - ok
12:02:07.0829 0x01b0 volmgr - ok
12:02:07.0829 0x01b0 volmgrx - ok
12:02:07.0829 0x01b0 volsnap - ok
12:02:07.0829 0x01b0 vpci - ok
12:02:07.0829 0x01b0 vsmraid - ok
12:02:07.0829 0x01b0 VSS - ok
12:02:07.0845 0x01b0 VSTXRAID - ok
12:02:07.0845 0x01b0 vwifibus - ok
12:02:07.0845 0x01b0 vwififlt - ok
12:02:07.0845 0x01b0 vwifimp - ok
12:02:07.0845 0x01b0 W32Time - ok
12:02:07.0845 0x01b0 w3logsvc - ok
12:02:07.0860 0x01b0 W3SVC - ok
12:02:07.0860 0x01b0 WacomPen - ok
12:02:07.0860 0x01b0 WalletService - ok
12:02:07.0860 0x01b0 wanarp - ok
12:02:07.0860 0x01b0 wanarpv6 - ok
12:02:07.0860 0x01b0 WAS - ok
12:02:07.0876 0x01b0 wbengine - ok
12:02:07.0876 0x01b0 WbioSrvc - ok
12:02:07.0876 0x01b0 Wcmsvc - ok
12:02:07.0876 0x01b0 wcncsvc - ok
12:02:07.0876 0x01b0 WcsPlugInService - ok
12:02:07.0891 0x01b0 WdBoot - ok
12:02:07.0891 0x01b0 Wdf01000 - ok
12:02:07.0891 0x01b0 WdFilter - ok
12:02:07.0891 0x01b0 WdiServiceHost - ok
12:02:07.0891 0x01b0 WdiSystemHost - ok
12:02:07.0891 0x01b0 wdiwifi - ok
12:02:07.0907 0x01b0 WdNisDrv - ok
12:02:07.0907 0x01b0 WdNisSvc - ok
12:02:07.0907 0x01b0 WebClient - ok
12:02:07.0907 0x01b0 Wecsvc - ok
12:02:07.0907 0x01b0 WEPHOSTSVC - ok
12:02:07.0907 0x01b0 wercplsupport - ok
12:02:07.0923 0x01b0 WerSvc - ok
12:02:07.0923 0x01b0 wfpcapture - ok
12:02:07.0923 0x01b0 WFPLWFS - ok
12:02:07.0923 0x01b0 WiaRpc - ok
12:02:07.0923 0x01b0 WIMMount - ok
12:02:07.0923 0x01b0 WinDefend - ok
12:02:07.0938 0x01b0 WindowsTrustedRT - ok
12:02:07.0938 0x01b0 WindowsTrustedRTProxy - ok
12:02:07.0938 0x01b0 WinHttpAutoProxySvc - ok
12:02:07.0938 0x01b0 WinMad - ok
12:02:07.0954 0x01b0 Winmgmt - ok
12:02:07.0954 0x01b0 WinRM - ok
12:02:07.0954 0x01b0 WINUSB - ok
12:02:07.0954 0x01b0 WinVerbs - ok
12:02:07.0970 0x01b0 WlanSvc - ok
12:02:07.0970 0x01b0 wlidsvc - ok
12:02:07.0970 0x01b0 WmiAcpi - ok
12:02:07.0970 0x01b0 wmiApSrv - ok
12:02:07.0970 0x01b0 WMPNetworkSvc - ok
12:02:07.0985 0x01b0 Wof - ok
12:02:07.0985 0x01b0 workfolderssvc - ok
12:02:07.0985 0x01b0 wpcfltr - ok
12:02:07.0985 0x01b0 WPDBusEnum - ok
12:02:07.0985 0x01b0 WpdUpFltr - ok
12:02:08.0001 0x01b0 WpnService - ok
12:02:08.0001 0x01b0 ws2ifsl - ok
12:02:08.0001 0x01b0 wscsvc - ok
12:02:08.0001 0x01b0 WSDPrintDevice - ok
12:02:08.0001 0x01b0 WSDScan - ok
12:02:08.0016 0x01b0 WSearch - ok
12:02:08.0016 0x01b0 WSService - ok
12:02:08.0016 0x01b0 wuauserv - ok
12:02:08.0016 0x01b0 WudfPf - ok
12:02:08.0016 0x01b0 WUDFRd - ok
12:02:08.0032 0x01b0 wudfsvc - ok
12:02:08.0032 0x01b0 WUDFWpdFs - ok
12:02:08.0032 0x01b0 WwanSvc - ok
12:02:08.0032 0x01b0 XblAuthManager - ok
12:02:08.0032 0x01b0 XblGameSave - ok
12:02:08.0032 0x01b0 xboxgip - ok
12:02:08.0048 0x01b0 XboxNetApiSvc - ok
12:02:08.0048 0x01b0 xinputhid - ok
12:02:08.0048 0x01b0 ================ Scan global ===============================
12:02:08.0048 0x01b0 [ Global ] - ok
12:02:08.0048 0x01b0 ================ Scan MBR ==================================
12:02:08.0063 0x01b0 [ 711D71876975FCBDDCB75DD5E4FA122A ] \Device\Harddisk0\DR0
12:02:08.0063 0x01b0 \Device\Harddisk0\DR0 - ok
12:02:08.0063 0x01b0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:02:08.0079 0x01b0 \Device\Harddisk1\DR1 - ok
12:02:08.0095 0x01b0 [ 012E24D18995E9D5E9DFD102C7896BB5 ] \Device\Harddisk2\DR2
12:02:08.0110 0x01b0 \Device\Harddisk2\DR2 - ok
12:02:08.0110 0x01b0 ================ Scan VBR ==================================
12:02:08.0110 0x01b0 [ 7F96C0687E7168D6B74228D7C193EB7C ] \Device\Harddisk0\DR0\Partition1
12:02:08.0110 0x01b0 \Device\Harddisk0\DR0\Partition1 - ok
12:02:08.0110 0x01b0 [ A1A1CC4BA4AE1C51FC0245E9B1587FFB ] \Device\Harddisk0\DR0\Partition2
12:02:08.0110 0x01b0 \Device\Harddisk0\DR0\Partition2 - ok
12:02:08.0126 0x01b0 [ 3054637CF289AA088D391010A15F4875 ] \Device\Harddisk0\DR0\Partition3
12:02:08.0126 0x01b0 \Device\Harddisk0\DR0\Partition3 - ok
12:02:08.0126 0x01b0 [ F33D633F4B00B50DFE4C7490075F29AD ] \Device\Harddisk0\DR0\Partition4
12:02:08.0126 0x01b0 \Device\Harddisk0\DR0\Partition4 - ok
12:02:08.0126 0x01b0 [ EE77BC8971B6DE0AED5F6AA5AA5FEC81 ] \Device\Harddisk0\DR0\Partition5
12:02:08.0126 0x01b0 \Device\Harddisk0\DR0\Partition5 - ok
12:02:08.0126 0x01b0 [ 2692A46ED4D92F896948BFB6F6D63EC4 ] \Device\Harddisk0\DR0\Partition6
12:02:08.0126 0x01b0 \Device\Harddisk0\DR0\Partition6 - ok
12:02:08.0126 0x01b0 [ A208D8179B548F64013B5051111A051C ] \Device\Harddisk0\DR0\Partition7
12:02:08.0126 0x01b0 \Device\Harddisk0\DR0\Partition7 - ok
12:02:08.0126 0x01b0 [ B5F17FBDCE0DD41D97D17CE3DF5976F7 ] \Device\Harddisk1\DR1\Partition1
12:02:08.0126 0x01b0 \Device\Harddisk1\DR1\Partition1 - ok
12:02:08.0141 0x01b0 [ A689C00E7EE6D1C83B8E707C569F1F00 ] \Device\Harddisk2\DR2\Partition1
12:02:08.0157 0x01b0 \Device\Harddisk2\DR2\Partition1 - ok
12:02:08.0157 0x01b0 ================ Scan generic autorun ======================
12:02:08.0298 0x01b0 [ 22EBD5AE3B3220D713E544D1D3AB3FEE, 9EF058B096DAA5C6242FBEB3DF509108180B1EB1EA252E63C437CF6C1B743BE0 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
12:02:08.0407 0x01b0 RTHDVCPL - ok
12:02:08.0438 0x01b0 [ 31821EC63BDEDE18E64C11F7248B32AB, 6982AE866F8EC7943FDB3E4B77B03542A2E3E07F080B8D806C4ED903DE3368CE ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
12:02:08.0454 0x01b0 RtHDVBg_DTS - ok
12:02:08.0501 0x01b0 [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] C:\Program Files\Microsoft IntelliPoint\ipoint.exe
12:02:08.0532 0x01b0 IntelliPoint - ok
12:02:08.0563 0x01b0 [ EA4F9B19B3614349C79CC97DCA4C23A8, EC330F2E4F002FE450CDC1FC84AC0122C21C7912A483A99143450822004795E3 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
12:02:08.0563 0x01b0 StartCCC - ok
12:02:08.0579 0x01b0 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
12:02:08.0579 0x01b0 BCSSync - ok
12:02:08.0633 0x01b0 [ 90F08C914B0492762B6A8A99703FFA2E, D3EDEF6E285E6FC63E06EA820C1D598AE3574A2AA1567809E1AA073919C82406 ] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
12:02:08.0658 0x01b0 Malwarebytes Anti-Exploit - ok
12:02:08.0658 0x01b0 Dropbox - ok
12:02:08.0674 0x01b0 [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
12:02:08.0689 0x01b0 SunJavaUpdateSched - ok
12:02:08.0721 0x01b0 OneDriveSetup - ok
12:02:08.0721 0x01b0 OneDriveSetup - ok
12:02:08.0721 0x01b0 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
12:02:08.0721 0x01b0 Google Update - ok
12:02:08.0736 0x01b0 [ F32DC30C69DE1E1A7396E2F56AE3CCF5, 0C93F594719E1787CEDF34187B62940F28DC8C64E89B979053F987CF405C744E ] C:\Users\*****\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe
12:02:08.0752 0x01b0 WEB.DE Application {sync-000021} - ok
12:02:08.0799 0x01b0 [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe
12:02:08.0830 0x01b0 HP Photosmart Plus B210 series (NET) - ok
12:02:08.0892 0x01b0 [ 501E808B5832505C51F539874E586353, 2F0C36BBB52052DD86E31BD7E0D3B7DD3BB7CF84E212900518E9CBE0C935DC43 ] C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
12:02:08.0924 0x01b0 HP ENVY 4500 series (NET) - ok
12:02:08.0939 0x01b0 [ C2D2FFD27F46815951C9562F0A2EC864, 892A5DC5C3D797E3FD36230710BA9AF43ADA5CDFD19A03268D20D5A9DA3CCB3A ] C:\Users\*****\AppData\Local\Microsoft\OneDrive\OneDrive.exe
12:02:08.0955 0x01b0 OneDrive - ok
12:02:08.0955 0x01b0 Speech Recognition - ok
12:02:09.0124 0x01b0 [ FB5B78A3DE88FD3B725DA574497BC225, 0096C3ED0E29153E6A9E84C121B79A170FEDFE521AEA1BC602BC536E1795E5F3 ] C:\Program Files\CCleaner\CCleaner64.exe
12:02:09.0284 0x01b0 CCleaner Monitoring - ok
12:02:09.0284 0x01b0 Skype - ok
12:02:09.0300 0x01b0 [ 85456F8A40C3248C63E34A733AE96833, 1548FB3A219363D552ED408E1A9067E5710E209CEF3803201B9931A131E4603C ] C:\Program Files\Sandboxie\SbieCtrl.exe
12:02:09.0315 0x01b0 SandboxieControl - ok
12:02:09.0347 0x01b0 [ 5B48CA36D366B319C327F99766986CEB, 30AC702B882B440F4DBA59590F9FB2A0CD4D4E4F4CD986CA57C7D5E96021A6C0 ] C:\Users\*****\AppData\Local\Snip\Snip.exe
12:02:09.0362 0x01b0 Snip - ok
12:02:09.0362 0x01b0 OneDriveSetup - ok
12:02:09.0362 0x01b0 OneDriveSetup - ok
12:02:09.0362 0x01b0 Waiting for KSN requests completion. In queue: 44
12:02:10.0384 0x01b0 Waiting for KSN requests completion. In queue: 17
12:02:11.0399 0x01b0 Waiting for KSN requests completion. In queue: 17
12:02:11.0743 0x1fbc Object required for P2P: [ 20E2D894031B5769482148A4166B29A0 ] Unchecky
12:02:12.0415 0x01b0 Waiting for KSN requests completion. In queue: 16
12:02:13.0416 0x01b0 Waiting for KSN requests completion. In queue: 16
12:02:14.0260 0x1fbc Object send P2P result: true
12:02:14.0503 0x01b0 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x61100 ( enabled : updated )
12:02:14.0513 0x01b0 Win FW state via NFP2: enabled ( trusted )
12:02:16.0916 0x01b0 ============================================================
12:02:16.0916 0x01b0 Scan finished
12:02:16.0916 0x01b0 ============================================================
12:02:16.0928 0x14a0 Detected object count: 0
12:02:16.0928 0x14a0 Actual detected object count: 0
12:02:43.0960 0x1454 Deinitialize success
verrant |
|
24.10.2015, 09:38
| #4 |
| /// the machine /// TB-Ausbilder | Fehlklick bei ww1.virus-total. de ee Lösch mal den Browser Cache und die temporären Dateien über die Datenträgerbereinigung und starte den Rechner neu.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.10.2015, 11:04
| #5 |
| | Fehlklick bei ww1.virus-total. de ee Hallo Schrauber. Browser Chache(s), Chrome, FF, Opera über Datenträgerbereinigung gelöscht. Bluescreen. Fehlermeldung mit BlueScreenView ausgelesen. Der selbe Fehler wie beim letzten mal. Code:
ATTFilter Dump File Crash Time Bug Check String Bug Check Code Parameter 1 Parameter 2 Parameter 3 Parameter 4 Caused By Driver Caused By Address File Description Product Name Company File Version Processor Crash Address Stack Address 1 Stack Address 2 Stack Address 3 Computer Name Full Path Processors Count Major Version Minor Version Dump File Size Dump File Time
102415-11218-01.dmp 24.10.2015 11:19:56 BAD_POOL_HEADER 0x00000019 00000000`00000020 ffffe000`466df770 ffffe000`466df790 00000000`04020004 tcpip.sys tcpip.sys+81351 x64 ntoskrnl.exe+14e2e0 C:\WINDOWS\Minidump\102415-11218-01.dmp 4 15 10240 281.832 24.10.2015 11:22:01
101115-11046-01.dmp 11.10.2015 10:47:26 BAD_POOL_HEADER 0x00000019 00000000`00000020 ffffe001`89937970 ffffe001`89937990 00000000`04020029 tcpip.sys tcpip.sys+81351 x64 ntoskrnl.exe+14e240 C:\WINDOWS\Minidump\101115-11046-01.dmp 4 15 10240 281.832 11.10.2015 10:48:18
Code:
ATTFilter Filename Address In Stack From Address To Address Size Time Stamp Time String Product Name File Description File Version Company Full Path
ntoskrnl.exe ntoskrnl.exe+273fe8 fffff801`6e213000 fffff801`6ea65000 0x00852000 0x560ca418 01.10.2015 04:10:16
tcpip.sys tcpip.sys+81351 fffff800`0aa00000 fffff800`0ac5f000 0x0025f000 0x55fa5310 17.09.2015 06:43:44
hal.dll fffff801`6ea65000 fffff801`6ead6000 0x00071000 0x55a86499 17.07.2015 03:12:41
kd.dll fffff801`6caab000 fffff801`6cab6000 0x0000b000 0x559f388f 10.07.2015 04:14:23
mcupdate_GenuineIntel.dll fffff800`0a550000 fffff800`0a5dd000 0x0008d000 0x559f389c 10.07.2015 04:14:36
werkernel.sys fffff800`0a5e0000 fffff800`0a5f0000 0x00010000 0x559f390f 10.07.2015 04:16:31
CLFS.SYS fffff800`09c00000 fffff800`09c64000 0x00064000 0x559f3840 10.07.2015 04:13:04
tm.sys fffff800`09c70000 fffff800`09c93000 0x00023000 0x559f3834 10.07.2015 04:12:52
PSHED.dll fffff800`09ca0000 fffff800`09cb7000 0x00017000 0x559f3839 10.07.2015 04:12:57 Betriebssystem Microsoft® Windows® Plattformspezifischer Hardwarefehlertreiber 10.0.10240.16384 (th1.150709-1700) Microsoft Corporation C:\WINDOWS\system32\PSHED.dll
BOOTVID.dll fffff800`09cc0000 fffff800`09ccb000 0x0000b000 0x559f3834 10.07.2015 04:12:52 Microsoft® Windows® Operating System VGA Boot Driver 10.0.10240.16384 (th1.150709-1700) Microsoft Corporation C:\WINDOWS\system32\BOOTVID.dll
cmimcext.sys fffff800`09cd0000 001ffa87`09cde000 0x002002870000e000 0x559f3834 10.07.2015 04:12:52
ntosext.sys fffff800`09ce0000 ffffc800`09cec000 0xffffd0000000c000 0x559f3834 10.07.2015 04:12:52
CI.dll fffff800`09cf0000 fffff800`09d89000 0x00099000 0x55d55f27 20.08.2015 06:01:27
msrpc.sys fffff800`09d90000 fffff800`09dec000 0x0005c000 0x559f388f 10.07.2015 04:14:23
FLTMGR.SYS fffff800`09df0000 fffff800`09e52000 0x00062000 0x559f383f 10.07.2015 04:13:03
ksecdd.sys fffff800`09e60000 fffff800`09e87000 0x00027000 0x559f388b 10.07.2015 04:14:19
clipsp.sys fffff800`09e90000 fffff800`09f2c000 0x0009c000 0x559f39a5 10.07.2015 04:19:01
Wdf01000.sys fffff800`09f30000 fffff800`0a00c000 0x000dc000 0x55fa52b2 17.09.2015 06:42:10
WDFLDR.SYS fffff800`0a010000 fffff800`0a023000 0x00013000 0x559f3835 10.07.2015 04:12:53
acpiex.sys fffff800`0a030000 fffff800`0a053000 0x00023000 0x559f38ba 10.07.2015 04:15:06
WppRecorder.sys fffff800`0a060000 fffff800`0a06d000 0x0000d000 0x559f3835 10.07.2015 04:12:53
cng.sys fffff800`0a070000 fffff800`0a108000 0x00098000 0x55a866c4 17.07.2015 03:21:56
ACPI.sys fffff800`0a110000 fffff800`0a1a0000 0x00090000 0x55af1117 22.07.2015 04:42:15
WMILIB.SYS fffff800`0a1a0000 fffff800`0a1ac000 0x0000c000 0x559f3834 10.07.2015 04:12:52
WindowsTrustedRT.sys fffff800`0a1c0000 fffff800`0a1df000 0x0001f000 0x559f386c 10.07.2015 04:13:48
WindowsTrustedRTProxy.sys fffff800`0a1e0000 fffff800`0a1eb000 0x0000b000 0x559f386b 10.07.2015 04:13:47
pcw.sys fffff800`0a1f0000 fffff800`0a202000 0x00012000 0x559f3834 10.07.2015 04:12:52
msisadrv.sys fffff800`0a210000 fffff800`0a21b000 0x0000b000 0x559f3a0d 10.07.2015 04:20:45
pci.sys fffff800`0a220000 fffff800`0a275000 0x00055000 0x55a5ba1c 15.07.2015 02:40:44
vdrvroot.sys fffff800`0a280000 fffff800`0a28f000 0x0000f000 0x559f394b 10.07.2015 04:17:31
pdc.sys fffff800`0a290000 fffff800`0a2ae000 0x0001e000 0x55fa528d 17.09.2015 06:41:33
CEA.sys fffff800`0a2b0000 40f10ddb`0a2c9000 0x40f115db00019000 0x559f38a5 10.07.2015 04:14:45
partmgr.sys fffff800`0a2d0000 fffff800`0a2f2000 0x00022000 0x559f383b 10.07.2015 04:12:59
spaceport.sys fffff800`0a300000 fffff800`0a378000 0x00078000 0x559f3a28 10.07.2015 04:21:12
volmgr.sys fffff800`0a380000 fffff800`0a398000 0x00018000 0x559f383c 10.07.2015 04:13:00
volmgrx.sys fffff800`0a3a0000 fffff800`0a3fe000 0x0005e000 0x559f3840 10.07.2015 04:13:04
mountmgr.sys fffff800`0a400000 fffff800`0a41d000 0x0001d000 0x55c02a2d 04.08.2015 03:57:49
storahci.sys fffff800`0a420000 fffff800`0a445000 0x00025000 0x559f3a43 10.07.2015 04:21:39
storport.sys fffff800`0a450000 fffff800`0a4c1000 0x00071000 0x55c9baf6 11.08.2015 10:05:58
EhStorClass.sys fffff800`0a4d0000 fffff800`0a4ec000 0x0001c000 0x559f3b69 10.07.2015 04:26:33
fileinfo.sys fffff800`0a4f0000 fffff800`0a509000 0x00019000 0x559f38b1 10.07.2015 04:14:57
Wof.sys fffff800`0a510000 fffff800`0a548000 0x00038000 0x55c2c2d7 06.08.2015 03:13:43
WdFilter.sys fffff800`0b570000 fffff800`0b5bb000 0x0004b000 0x559f39a9 10.07.2015 04:19:05
NTFS.sys fffff800`0a600000 fffff800`0a810000 0x00210000 0x55b99edf 30.07.2015 04:49:51
Fs_Rec.sys fffff800`0a810000 fffff800`0a81d000 0x0000d000 0x559f3834 10.07.2015 04:12:52
ndis.sys fffff800`0a820000 fffff800`0a946000 0x00126000 0x55fa52f8 17.09.2015 06:43:20
NETIO.SYS fffff800`0a950000 fffff800`0a9c6000 0x00076000 0x559f3890 10.07.2015 04:14:24
ksecpkg.sys fffff800`0a9d0000 fffff800`0a9fd000 0x0002d000 0x559f3994 10.07.2015 04:18:44
fwpkclnt.sys fffff800`0ac60000 fffff800`0acc6000 0x00066000 0x55fa52e3 17.09.2015 06:42:59
wfplwfs.sys fffff800`0acd0000 fffff800`0acfa000 0x0002a000 0x559f3ab4 10.07.2015 04:23:32
btath_bus.sys fffff800`0ad00000 fffff800`0ad0d000 0x0000d000 0x52dd30a5 20.01.2014 15:20:21
fvevol.sys fffff800`0ad10000 fffff800`0adaf000 0x0009f000 0x559f38b9 10.07.2015 04:15:05
volsnap.sys fffff800`0adb0000 fffff800`0ae10000 0x00060000 0x559f383d 10.07.2015 04:13:01
rdyboost.sys fffff800`0ae10000 fffff800`0ae54000 0x00044000 0x55c2c2e2 06.08.2015 03:13:54
mup.sys fffff800`0ae60000 fffff800`0ae83000 0x00023000 0x559f38ba 10.07.2015 04:15:06
disk.sys fffff800`0aea0000 fffff800`0aebe000 0x0001e000 0x559f383b 10.07.2015 04:12:59
CLASSPNP.SYS fffff800`0aec0000 fffff800`0af20000 0x00060000 0x559f383f 10.07.2015 04:13:03
crashdmp.sys fffff800`0af40000 fffff800`0af59000 0x00019000 0x559f3a17 10.07.2015 04:20:55
cdrom.sys fffff800`0b020000 fffff800`0b051000 0x00031000 0x559f383c 10.07.2015 04:13:00
filecrypt.sys fffff800`0b060000 fffff800`0b07c000 0x0001c000 0x559f3897 10.07.2015 04:14:31
tbs.sys fffff800`0b080000 fffff800`0b08c000 0x0000c000 0x559f38b3 10.07.2015 04:14:59
mbamchameleon.sys fffff800`0b090000 fffff800`0b0ae000 0x0001e000 0x554cf757 08.05.2015 18:50:15
Null.SYS fffff800`0b0b0000 fffff800`0b0ba000 0x0000a000 0x00000000
Beep.SYS fffff800`0b0c0000 fffff800`0b0ca000 0x0000a000 0x559f3a0a 10.07.2015 04:20:42
BasicDisplay.sys fffff800`0b0d0000 fffff800`0b0e4000 0x00014000 0x559f390c 10.07.2015 04:16:28
watchdog.sys fffff800`0b0f0000 fffff800`0b105000 0x00015000 0x559f390b 10.07.2015 04:16:27
dxgkrnl.sys fffff800`0b110000 fffff800`0b2f9000 0x001e9000 0x55fa5392 17.09.2015 06:45:54
BasicRender.sys fffff800`0b300000 fffff800`0b312000 0x00012000 0x559f3911 10.07.2015 04:16:33
Npfs.SYS fffff800`0b320000 fffff800`0b338000 0x00018000 0x559f3835 10.07.2015 04:12:53
Msfs.SYS fffff800`0b340000 fffff800`0b34f000 0x0000f000 0x559f3835 10.07.2015 04:12:53
tdx.sys fffff800`0b350000 fffff800`0b371000 0x00021000 0x559f3889 10.07.2015 04:14:17
TDI.SYS fffff800`0b380000 fffff800`0b38f000 0x0000f000 0x559f3888 10.07.2015 04:14:16
netbt.sys fffff800`0b390000 fffff800`0b3d9000 0x00049000 0x559f3890 10.07.2015 04:14:24
afd.sys fffff800`0b3e0000 fffff800`0b472000 0x00092000 0x559f389a 10.07.2015 04:14:34
vwififlt.sys fffff800`0b480000 fffff800`0b499000 0x00019000 0x559f3a71 10.07.2015 04:22:25
pacer.sys fffff800`0b4a0000 fffff800`0b4cb000 0x0002b000 0x559f3a80 10.07.2015 04:22:40
netbios.sys fffff800`0b4d0000 fffff800`0b4e2000 0x00012000 0x559f3a77 10.07.2015 04:22:31
rdbss.sys fffff800`0b4f0000 fffff800`0b562000 0x00072000 0x559f3b6d 10.07.2015 04:26:37
csc.sys fffff800`0c7b0000 fffff800`0c83c000 0x0008c000 0x559f3b6a 10.07.2015 04:26:34
UimFIO.SYS fffff800`0c8f0000 fffff800`0c975a00 0x00085a00 0x536ca082 09.05.2014 10:31:46
nsiproxy.sys fffff800`0c9b0000 fffff800`0c9c0000 0x00010000 0x559f3893 10.07.2015 04:14:27
npsvctrig.sys fffff800`0c9c0000 fffff800`0c9cd000 0x0000d000 0x559f3897 10.07.2015 04:14:31
mssmbios.sys fffff800`0c9d0000 fffff800`0c9e0000 0x00010000 0x559f3891 10.07.2015 04:14:25
gpuenergydrv.sys fffff800`0c9e0000 fffff800`0c9ea000 0x0000a000 0x559f3bb5 10.07.2015 04:27:49
mbae64.sys fffff800`0c9f0000 fffff800`0c9fd780 0x0000d780 0x540df503 08.09.2014 19:27:15
dfsc.sys fffff800`0b800000 fffff800`0b829000 0x00029000 0x559f3b62 10.07.2015 04:26:26
ahcache.sys fffff800`0b850000 fffff800`0b88b000 0x0003b000 0x559f3b67 10.07.2015 04:26:31
CompositeBus.sys fffff800`0b890000 fffff800`0b8a1000 0x00011000 0x559f3a0b 10.07.2015 04:20:43
serscan.sys fffff800`0b8b0000 fffff800`0b8bb000 0x0000b000 0x559f3979 10.07.2015 04:18:17
ksthunk.sys fffff800`0b8c0000 fffff800`0b8ce000 0x0000e000 0x559f3da3 10.07.2015 04:36:03
ks.sys fffff800`0b8d0000 fffff800`0b936000 0x00066000 0x559f3a18 10.07.2015 04:20:56
kdnic.sys fffff800`0b940000 fffff800`0b94d000 0x0000d000 0x559f3a31 10.07.2015 04:21:21
umbus.sys fffff800`0b950000 fffff800`0b965000 0x00015000 0x559f3a19 10.07.2015 04:20:57
atikmpag.sys fffff800`0b970000 fffff800`0ba19000 0x000a9000 0x55d7d41c 22.08.2015 02:45:00
atikmdag.sys fffff800`0e8d0000 fffff800`0fddf000 0x0150f000 0x55d7d9fb 22.08.2015 03:10:03
HDAudBus.sys fffff800`0e000000 fffff800`0e01b000 0x0001b000 0x559f3a57 10.07.2015 04:21:59
portcls.sys fffff800`0e020000 fffff800`0e076000 0x00056000 0x55fa54a9 17.09.2015 06:50:33
drmk.sys fffff800`0e080000 fffff800`0e0a1000 0x00021000 0x559f3a3e 10.07.2015 04:21:34
TeeDriverx64.sys fffff800`0e0b0000 fffff800`0e0cc000 0x0001c000 0x51d31e10 02.07.2013 19:38:08
usbehci.sys fffff800`0e0d0000 fffff800`0e0ec000 0x0001c000 0x559f3b76 10.07.2015 04:26:46
USBPORT.SYS fffff800`0e0f0000 fffff800`0e166000 0x00076000 0x559f3a42 10.07.2015 04:21:38
USBXHCI.SYS fffff800`0e170000 fffff800`0e1d0000 0x00060000 0x55d2d74f 18.08.2015 07:57:19
ucx01000.sys fffff800`0e1d0000 fffff800`0e208000 0x00038000 0x559f3a57 10.07.2015 04:21:59
rt640x64.sys fffff800`0e210000 fffff800`0e2a3000 0x00093000 0x551c01f7 01.04.2015 15:34:31
1394ohci.sys fffff800`0e2b0000 fffff800`0e2f0000 0x00040000 0x559f3a32 10.07.2015 04:21:22
i8042prt.sys fffff800`0e2f0000 fffff800`0e312000 0x00022000 0x559f3a14 10.07.2015 04:20:52
i8042HDR.sys fffff800`0e320000 fffff800`0e328000 0x00008000 0x456170c5 20.11.2006 10:09:25
kbdclass.sys fffff800`0e330000 fffff800`0e343000 0x00013000 0x559f3a15 10.07.2015 04:20:53
serial.sys fffff800`0e350000 fffff800`0e36b000 0x0001b000 0x559f3a12 10.07.2015 04:20:50
serenum.sys fffff800`0e370000 fffff800`0e37f000 0x0000f000 0x559f3a0a 10.07.2015 04:20:42
intelppm.sys fffff800`0e380000 fffff800`0e3a9000 0x00029000 0x559f383b 10.07.2015 04:12:59
wmiacpi.sys fffff800`0e3b0000 fffff800`0e3bc000 0x0000c000 0x559f38b8 10.07.2015 04:15:04
NdisVirtualBus.sys fffff800`0e3c0000 fffff800`0e3cd000 0x0000d000 0x559f3a7a 10.07.2015 04:22:34
swenum.sys fffff800`0e3d0000 fffff800`0e3dc000 0x0000c000 0x559f3a0b 10.07.2015 04:20:43
rdpbus.sys fffff800`0e3e0000 fffff800`0e3ee000 0x0000e000 0x559f3b03 10.07.2015 04:24:51
fastfat.SYS fffff800`0e3f0000 fffff800`0e445000 0x00055000 0x55fa52e6 17.09.2015 06:43:02
usbhub.sys fffff800`0e450000 fffff800`0e4cf000 0x0007f000 0x5604b9df 25.09.2015 04:05:03
USBD.SYS fffff800`0e4d0000 fffff800`0e4de000 0x0000e000 0x559f3a12 10.07.2015 04:20:50
UsbHub3.sys fffff800`0e4e0000 fffff800`0e564000 0x00084000 0x55fa54a9 17.09.2015 06:50:33
AtihdWT6.sys fffff800`0e570000 fffff800`0e58e000 0x0001e000 0x5563caaf 26.05.2015 02:21:51
RTKVHD64.sys fffff800`0ba20000 fffff800`0bea2000 0x00482000 0x55800089 16.06.2015 11:55:05
netr28ux.sys fffff800`0e590000 fffff800`0e7b2000 0x00222000 0x53912405 06.06.2014 03:14:29
vwifibus.sys fffff800`0e7c0000 fffff800`0e7ce000 0x0000e000 0x559f3a7a 10.07.2015 04:22:34
usbccgp.sys fffff800`0e7d0000 fffff800`0e7fb000 0x0002b000 0x559f3a15 10.07.2015 04:20:53
hidusb.sys fffff800`0e800000 fffff800`0e811000 0x00011000 0x559f3a1c 10.07.2015 04:21:00
HIDCLASS.SYS fffff800`0e820000 fffff800`0e84d000 0x0002d000 0x559f3a21 10.07.2015 04:21:05
HIDPARSE.SYS fffff800`0e850000 fffff800`0e861000 0x00011000 0x559f3a18 10.07.2015 04:20:56
usbaudio.sys fffff800`0e870000 fffff800`0e896000 0x00026000 0x559f3a46 10.07.2015 04:21:42
mouhid.sys fffff800`0e8a0000 fffff800`0e8af000 0x0000f000 0x559f3a14 10.07.2015 04:20:52
point64.sys fffff800`0e8b0000 fffff800`0e8c0000 0x00010000 0x4dd37e38 18.05.2011 09:07:20
mouclass.sys fffff800`0fde0000 fffff800`0fdf2000 0x00012000 0x559f3a11 10.07.2015 04:20:49
btfilter.sys fffff800`0beb0000 fffff800`0bf57000 0x000a7000 0x5359d020 25.04.2014 04:01:52
BTHUSB.sys fffff800`0bf60000 fffff800`0bf7c000 0x0001c000 0x559f3b68 10.07.2015 04:26:32
bthport.sys fffff800`0bf80000 fffff800`0c06a000 0x000ea000 0x55fa54a3 17.09.2015 06:50:27
win32k.sys fffff960`ed9c0000 fffff960`ed9e3000 0x00023000 0x559f3900 10.07.2015 04:16:16
win32kfull.sys fffff960`eca00000 fffff960`ecd81000 0x00381000 0x5604b8f7 25.09.2015 04:01:11
win32kbase.sys fffff960`ecd90000 fffff960`eceef000 0x0015f000 0x5604b8d6 25.09.2015 04:00:38
dump_diskdump.sys fffff800`0c560000 fffff800`0c56f000 0x0000f000 0x559f3a0e 10.07.2015 04:20:46
dump_storahci.sys fffff800`0c5a0000 fffff800`0c5c5000 0x00025000 0x559f3a43 10.07.2015 04:21:39
dump_dumpfve.sys fffff800`0c5f0000 fffff800`0c60a000 0x0001a000 0x559f3891 10.07.2015 04:14:25
dxgmms1.sys fffff800`0c610000 fffff800`0c675000 0x00065000 0x55fa55ae 17.09.2015 06:54:54
monitor.sys fffff800`0c680000 fffff800`0c690000 0x00010000 0x559f3900 10.07.2015 04:16:16
dxgmms2.sys fffff800`0c690000 fffff800`0c710000 0x00080000 0x55fa55af 17.09.2015 06:54:55
BthEnum.sys fffff800`0c710000 fffff800`0c730000 0x00020000 0x559f3a4f 10.07.2015 04:21:51
TSDDD.dll fffff960`ecf00000 fffff960`ecf0a000 0x0000a000 0x559f3b02 10.07.2015 04:24:50
bthpan.sys fffff800`0c730000 fffff800`0c755000 0x00025000 0x559f3a7b 10.07.2015 04:22:35
rfcomm.sys fffff800`0c760000 fffff800`0c78f000 0x0002f000 0x559f3a3e 10.07.2015 04:21:34
ATMFD.DLL fffff960`ecf50000 fffff960`ecfb0000 0x00060000 0x55dea620 27.08.2015 06:54:40 Adobe Type Manager Windows NT OpenType/Type 1 Font Driver 5.1 Build 246 Adobe Systems Incorporated C:\WINDOWS\system32\ATMFD.DLL
storqosflt.sys fffff800`0c790000 fffff800`0c7a5000 0x00015000 0x559f394b 10.07.2015 04:17:31
luafv.sys fffff800`0c840000 fffff800`0c866000 0x00026000 0x559f389a 10.07.2015 04:14:34
SbieDrv.sys fffff800`0c870000 fffff800`0c8a3000 0x00033000 0x56005598 21.09.2015 20:08:08
lltdio.sys fffff800`0c8b0000 fffff800`0c8c6000 0x00016000 0x559f3a99 10.07.2015 04:23:05
mslldp.sys fffff800`0c8d0000 fffff800`0c8ea000 0x0001a000 0x559f3aa6 10.07.2015 04:23:18
rspndr.sys fffff800`0c980000 fffff800`0c99a000 0x0001a000 0x559f3a95 10.07.2015 04:23:01
ndisuio.sys fffff800`0b830000 fffff800`0b846000 0x00016000 0x559f3a7e 10.07.2015 04:22:38
nwifi.sys fffff800`0c070000 fffff800`0c0f8000 0x00088000 0x559f3a99 10.07.2015 04:23:05
HTTP.sys fffff800`0c100000 fffff800`0c1fe000 0x000fe000 0x559f3899 10.07.2015 04:14:33
bowser.sys fffff800`0c200000 fffff800`0c222000 0x00022000 0x559f38b5 10.07.2015 04:15:01
mrxsmb.sys fffff800`0c230000 fffff800`0c2a0000 0x00070000 0x559f3b91 10.07.2015 04:27:13
mrxsmb20.sys fffff800`0c2a0000 fffff800`0c2de000 0x0003e000 0x559f3bab 10.07.2015 04:27:39
mpsdrv.sys fffff800`0c2e0000 fffff800`0c2f9000 0x00019000 0x559f3a95 10.07.2015 04:23:01
srvnet.sys fffff800`0c3b0000 fffff800`0c3f2000 0x00042000 0x559f38dd 10.07.2015 04:15:41
srv2.sys fffff800`0c400000 fffff800`0c4ac000 0x000ac000 0x559f3b73 10.07.2015 04:26:43
mbam.sys fffff800`0c4b0000 fffff800`0c4ba000 0x0000a000 0x55ca3257 11.08.2015 18:35:19
mmcss.sys fffff800`0c4c0000 fffff800`0c4d4000 0x00014000 0x559f383c 10.07.2015 04:13:00
mrxsmb10.sys fffff800`0c4e0000 fffff800`0c52e000 0x0004e000 0x559f3bac 10.07.2015 04:27:40
Ndu.sys fffff800`0c530000 fffff800`0c556000 0x00026000 0x559f3a77 10.07.2015 04:22:31
peauth.sys fffff800`0af60000 fffff800`0b020000 0x000c0000 0x559f399e 10.07.2015 04:18:54
speedfan.sys fffff800`0c9a0000 fffff800`0c9aa000 0x0000a000 0x50df59b7 29.12.2012 21:59:35 SpeedFan SpeedFan x64 Driver X2.03.11 Almico Software C:\WINDOWS\system32\speedfan.sys
srv.sys fffff800`0c300000 fffff800`0c38c000 0x0008c000 0x559f3b71 10.07.2015 04:26:41
tcpipreg.sys fffff800`0c390000 fffff800`0c3a4000 0x00014000 0x559f3a70 10.07.2015 04:22:24
WdNisDrv.sys fffff800`0b5c0000 fffff800`0b5e2000 0x00022000 0x559f39ab 10.07.2015 04:19:07
vwifimp.sys fffff800`10830000 fffff800`10841000 0x00011000 0x559f3a6e 10.07.2015 04:22:22
condrv.sys fffff800`10850000 fffff800`10861000 0x00011000 0x559f3835 10.07.2015 04:12:53
tunnel.sys fffff800`108d0000 fffff800`108ff000 0x0002f000 0x55b99df2 30.07.2015 04:45:54
rdpvideominiport.sys fffff800`0ff00000 fffff800`0ff0d000 0x0000d000 0x559f3868 10.07.2015 04:13:44
cdd.dll fffff960`ed030000 fffff960`ed06c000 0x0003c000 0x00000000
MBAMSwissArmy.sys fffff800`10170000 fffff800`101a3000 0x00033000 0x55b855d9 29.07.2015 05:26:01
mwac.sys fffff800`101b0000 fffff800`101c3000 0x00013000 0x53a0f444 18.06.2014 03:07:00
Wegen der Anzeige in Chrome auf höhe der Fensterleiste: Ich habe ein zweites Konto in google angelegt. Kann es sich also um ein echtes Chrome-Gimmik handeln? Weil die drei von mir nicht ausgewählten Addons installiert werden sollten, war ich misstrauisch geworden. Beste Grüsse verrant |
|
25.10.2015, 20:16
| #6 |
| /// the machine /// TB-Ausbilder | Fehlklick bei ww1.virus-total. de ee Das mit Chrome versteh ich nicht was du meinst. Der Bluescreen deutet auf Platte oder RAM.
__________________ --> Fehlklick bei ww1.virus-total. de ee |
|
25.10.2015, 20:52
| #7 |
| | Fehlklick bei ww1.virus-total. de ee Moin Schrauber. Chrome: Man kann bei google offensichtlich mehr als ein Konto / Account haben. Ein solches habe ich vor dem Post hier angelegt. Kann es sein, das dann in der Fensterleiste ein solcher Button erscheint. So wie ich das im ersten Post, im 2ten Absatz, beginnend mit "In Chrome sind oben rechts das ..." beschrieben habe? Also offiziell von google dort platziert und angeboten um die Benutzerverwaltung im aktiven Chromefenster zu erleichtern. Das somit diese Beobachtung von mir gar keine Hinweis auf einen Bug bzw. Befall ist? Platte oder Ram? Wie kreise ich das denn weiter ein? Bist Du der richtige Ansprechpartner, oder ist ein Hardware Forum hier die richtige Anlaufstelle? Und irgendwie gehen die Klicks mit der Mouse nicht mehr wie gewohnt. Statt einmal und Aktion, muss ich mehrmals auf Button, Link klicken, bis endlich was passiert. Ist erste heute aufgetreten. Gruß verrant Geändert von verrant (25.10.2015 um 21:18 Uhr) |
|
26.10.2015, 18:54
| #8 |
| /// the machine /// TB-Ausbilder | Fehlklick bei ww1.virus-total. de ee Bitte mal die Festplatte prüfen: Zustand der Festplatte herausfinden - so gehts - Anleitungen Zu Chrome: Kann ich nicht mit Gewissheit sagen, da ich keine 2 Konten hab und Chrome nicht nutze. Schau mal hier: Google Chrome mit mehreren Profilen nutzen - NETZWELT
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.10.2015, 16:22
| #9 |
| | Fehlklick bei ww1.virus-total. de ee Moin. Die Festplattentests: Code:
ATTFilter ----------------------------------------------------------------------------
CrystalDiskInfo 6.5.2 (C) 2008-2015 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 10 Professional [10.0 Build 10240] (x64)
Date : 2015/10/27 16:08:18
-- Controller Map ----------------------------------------------------------
+ Standardmäßiger SATA AHCI- Controller [ATA]
- ATAPI iHAS324 B
+ Intel(R) 6 Series/C200 Series Chipset Family 6 Port SATA AHCI Controller - 1C02 [ATA]
- OCZ-VERTEX3
- WDC WD5000AAKX-001CA0
- WDC WD5000AAVS-00ZTB0
- Microsoft-Controller für Speicherplätze [SCSI]
-- Disk List ---------------------------------------------------------------
(1) OCZ-VERTEX3 : 120,0 GB [0/1/0, pd1] - sf
(2) WDC WD5000AAKX-001CA0 : 500,1 GB [1/1/0, pd1] - wd
(3) WDC WD5000AAVS-00ZTB0 : 500,1 GB [2/1/0, pd1] - wd
----------------------------------------------------------------------------
(1) OCZ-VERTEX3
----------------------------------------------------------------------------
Model : OCZ-VERTEX3
Firmware : 2.25
Serial Number : OCZ-G7K07UA4FV249Z6K
Disk Size : 120,0 GB (8,4/120,0/120,0/120,0)
Buffer Size : Unbekannt
Queue Depth : 32
# of Sectors : 234441648
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ACS-2 Revision 3
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 7435 Std.
Power On Count : 1473 mal
Host Reads : 20327 GB
Host Writes : 10358 GB
Temperature : 30 C (86 F)
Health Status : Gut (100 %)
Features : S.M.A.R.T., APM, 48bit LBA, NCQ, TRIM
APM Level : 00FEh [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr Raw Values (7) Attribute Name
01 104 104 _50 0000000075CE8A Lesefehlerrate (roh)
05 100 100 __3 00000000000001 Schadhafte Blöcke
09 _92 _92 __0 05870A00001D0B Betriebsstunden
0C _99 _99 __0 000000000005C1 Geräte-Einschaltvorgänge
AB __0 __0 __0 00000000000000 Programmfehler
AC __0 __0 __0 00000000000000 Löschfehler
AE __0 __0 __0 00000000000206 Unerwartete Spannungsabfälle
B1 __0 __0 __0 00000000000005 Abnutzungsbereichsdelta
B5 __0 __0 __0 00000000000000 Programmfehler
B6 __0 __0 __0 00000000000000 Löschfehler
BB 100 100 __0 00000000000000 Gemeldete nicht korrigierbare Fehler
C2 _30 _30 __0 00001E001E001E Temperatur
C3 120 120 __0 0000000075CE8A ECC On-the-fly-Anzahl
C4 100 100 __3 00000000000001 Wiederzuweisungsereignisse
C9 120 120 __0 0000000075CE8A Nicht korrigierbare Software-Lesefehler
CC 120 120 __0 0000000075CE8A Software ECC-Korrektur
E6 100 100 __0 00000000000064 Status der Lebensdauerkurve
E7 100 100 _10 00000000000000 Verbleibende SSD-Lebensdauer
E9 __0 __0 __0 00000000002331 Herstellerspezifisch
EA __0 __0 __0 00000000002876 Herstellerspezifisch
F1 __0 __0 __0 00000000002876 Lebensdauer-Schreibvorgänge vom Host
F2 __0 __0 __0 00000000004F67 Lebensdauer-Lesevorgänge vom Host
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 4F43 5A2D 4737 4B30 3755 4134 4656 3234 395A 364B
020: 0000 0000 0004 322E 3235 2020 2020 4F43 5A2D 5645
030: 5254 4558 3320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: 4BB0 0DF9 0000 0007 0003 0078 0078 0078 0078 4200
070: 0000 0000 0000 0000 0000 001F C70E 0006 004C 0040
080: 01FC 0110 746B 7409 6163 7429 B409 6163 207F 0001
090: 0000 00FE FFFE 0000 0000 0000 0000 0000 0000 0000
100: 4BB0 0DF9 0000 0000 0000 0001 4000 0000 5E83 A97F
110: E8FB 2530 0000 0000 0000 0000 0000 0000 0000 401A
120: 4018 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0021 0000 0000 4000
210: 0000 0000 0100 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 B1A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 68 68 8A CE 75 00 00 00 00 05 33
010: 00 64 64 01 00 00 00 00 00 00 09 32 00 5C 5C 0B
020: 1D 00 00 0A 87 05 0C 32 00 63 63 C1 05 00 00 00
030: 00 00 AB 32 00 00 00 00 00 00 00 00 00 00 AC 32
040: 00 00 00 00 00 00 00 00 00 00 AE 30 00 00 00 06
050: 02 00 00 00 00 00 B1 00 00 00 00 05 00 00 00 00
060: 00 00 B5 32 00 00 00 00 00 00 00 00 00 00 B6 32
070: 00 00 00 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 C2 22 00 1E 1E 1E 00 1E 00 1E
090: 00 00 C3 1C 00 78 78 8A CE 75 00 00 00 00 C4 33
0A0: 00 64 64 01 00 00 00 00 00 00 C9 1C 00 78 78 8A
0B0: CE 75 00 00 00 00 CC 1C 00 78 78 8A CE 75 00 00
0C0: 00 00 E6 13 00 64 64 64 00 00 00 00 00 00 E7 13
0D0: 00 64 64 00 00 00 00 00 00 00 E9 00 00 00 00 31
0E0: 23 00 00 00 00 00 EA 32 00 00 00 76 28 00 00 00
0F0: 00 00 F1 32 00 00 00 76 28 00 00 00 00 00 F2 32
100: 00 00 00 67 4F 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7B
170: 03 00 01 00 01 30 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 AA
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 32 00 00 00 00 00 00 00 00 00 00 05 03
010: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
020: 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 00 00
030: 00 00 AB 00 00 00 00 00 00 00 00 00 00 00 AC 00
040: 00 00 00 00 00 00 00 00 00 00 AE 00 00 00 00 00
050: 00 00 00 00 00 00 B1 00 00 00 00 00 00 00 00 00
060: 00 00 B5 00 00 00 00 00 00 00 00 00 00 00 B6 00
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C3 00 00 00 00 00 00 00 00 00 00 00 C4 03
0A0: 00 00 00 00 00 00 00 00 00 00 C9 00 00 00 00 00
0B0: 00 00 00 00 00 00 CC 00 00 00 00 00 00 00 00 00
0C0: 00 00 E6 00 00 00 00 00 00 00 00 00 00 00 E7 0A
0D0: 00 00 00 00 00 00 00 00 00 00 E9 00 00 00 00 00
0E0: 00 00 00 00 00 00 EA 00 00 00 00 00 00 00 00 00
0F0: 00 00 F1 00 00 00 00 00 00 00 00 00 00 00 F2 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5C
----------------------------------------------------------------------------
(2) WDC WD5000AAKX-001CA0
----------------------------------------------------------------------------
Model : WDC WD5000AAKX-001CA0
Firmware : 15.01H15
Serial Number : WD-WCAYUR455166
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : Unbekannt
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 7194 Std.
Power On Count : 3153 mal
Temperature : 35 C (95 F)
Health Status : Gut
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Lesefehlerrate
03 142 141 _21 000000000F3C Mittlere Anlaufzeit
04 _95 _95 __0 0000000016EA Start/Stopp-Zyklen der Spindel
05 200 200 140 000000000000 Wiederzugewiesene Sektoren
07 100 253 __0 000000000000 Suchfehler
09 _91 _91 __0 000000001C1A Betriebsstunden
0A 100 100 __0 000000000000 Misslungene Spindelanläufe
0B 100 100 __0 000000000000 Nnotwendige Rekalibrierungen
0C _97 _97 __0 000000000C51 Geräte-Einschaltvorgänge
C0 200 200 __0 000000000199 Ausschaltungsabbrüche
C1 199 199 __0 000000001550 Laden/Entladen-Zyklen
C2 108 _91 __0 000000000023 Temperatur
C4 200 200 __0 000000000000 Wiederzuweisungsereignisse
C5 200 200 __0 000000000000 Aktuell ausstehende Sektoren
C6 200 200 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
C8 200 200 __0 000000000000 Schreibfehlerrate
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4159 5552 3435 3531 3636
020: 0000 8000 0032 3135 2E30 3148 3135 5744 4320 5744
030: 3530 3030 4141 4B58 2D30 3031 4341 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 170E 0006 0044 0040
080: 01FE 0000 746B 7D61 4123 7469 BC41 4123 207F 002D
090: 002D 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE1
110: 5956 5C2B 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 0125 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 92A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 8E 8D 3C 0F 00 00 00 00 00 04 32 00 5F 5F EA
020: 16 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 5B 5B 1A 1C 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 61 61 51 0C 00 00 00 00 00 C0 32
070: 00 C8 C8 99 01 00 00 00 00 00 C1 32 00 C7 C7 50
080: 15 00 00 00 00 00 C2 22 00 6C 5B 23 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 B0 22 01 7B
170: 03 00 01 00 02 5A 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3D
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 D5
----------------------------------------------------------------------------
(3) WDC WD5000AAVS-00ZTB0
----------------------------------------------------------------------------
Model : WDC WD5000AAVS-00ZTB0
Firmware : 01.01B01
Serial Number : WD-WCASU0826648
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : Unbekannt
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 29597 Std.
Power On Count : 1868 mal
Temperature : 33 C (91 F)
Health Status : Gut
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [ON]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Lesefehlerrate
03 165 162 _21 00000000128E Mittlere Anlaufzeit
04 _91 _91 __0 000000002437 Start/Stopp-Zyklen der Spindel
05 200 200 140 000000000000 Wiederzugewiesene Sektoren
07 100 253 _51 000000000000 Suchfehler
09 _60 _60 __0 00000000739D Betriebsstunden
0A 100 100 _51 000000000000 Misslungene Spindelanläufe
0B 100 100 _51 000000000000 Nnotwendige Rekalibrierungen
0C _99 _99 __0 00000000074C Geräte-Einschaltvorgänge
C0 200 200 __0 0000000000B3 Ausschaltungsabbrüche
C1 180 180 __0 00000000F608 Laden/Entladen-Zyklen
C2 114 _97 __0 000000000021 Temperatur
C4 200 200 __0 000000000000 Wiederzuweisungsereignisse
C5 200 200 __0 000000000000 Aktuell ausstehende Sektoren
C6 200 200 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
C8 200 200 _51 000000000000 Schreibfehlerrate
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4153 5530 3832 3636 3438
020: 0000 4000 0032 3031 2E30 3142 3031 5744 4320 5744
030: 3530 3030 4141 5653 2D30 305A 5442 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0706 0000 0044 0040
080: 01FE 0000 746B 7F61 4123 7469 BE41 4123 207F 0047
090: 0047 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 5646 0602 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 169B 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 6CA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 C8 C8 00 00 00 00 00 00 00 03 03
010: 00 A5 A2 8E 12 00 00 00 00 00 04 32 00 5B 5B 37
020: 24 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 0E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 3C 3C 9D 73 00 00 00 00 00 0A 12 00 64 64 00
050: 00 00 00 00 00 00 0B 12 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 4C 07 00 00 00 00 00 C0 32
070: 00 C8 C8 B3 00 00 00 00 00 00 C1 32 00 B4 B4 08
080: F6 00 00 00 00 00 C2 22 00 72 61 21 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 12
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 10 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 9C 36 01 7B
170: 03 00 01 00 02 A3 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C8
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 64 64 64 64 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 33 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 33 C8 C8 C8 C8 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 21
Nun habe ich das zweite Konto entsprechend eingerichtet und es sieht sehr nach einer gewollten Erweiterung in Chrome aus. Die INet-Fehler sind aktuell auch nicht mehr vorhanden. Gruß verrant |
|
28.10.2015, 08:56
| #10 |
| /// the machine /// TB-Ausbilder | Fehlklick bei ww1.virus-total. de ee Ok, Platte sieht auch gut aus. RAM kann man mit Memtest86+ testen, dazu gibt es auch viele gute Anleitungen im Netz 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.10.2015, 19:43
| #11 |
| | Fehlklick bei ww1.virus-total. de ee Moin schrauber. Brauche bis Sonntag um Konkret darauf zu antworten. o.k.? LG verrant |
|
30.10.2015, 18:10
| #12 |
| /// the machine /// TB-Ausbilder | Fehlklick bei ww1.virus-total. de ee kein Problem
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.11.2015, 12:42
| #13 |
| | Fehlklick bei ww1.virus-total. de ee Moin Schrauber. memtest86+ und andere RAM-Tester brauchen den Rechner mehrere Tage um eine tatsächlich belastbare Aussage zu ermöglichen. So lange kann ich aktuell leider nicht auf diesen Rechner verzichten. In Bezug auf Chrome habe ich folgende Beobachtung nachzuliefern: Bei der Anlage einen zweiten Useres bei einem Kumpel hat die gleichen 3 Addons nach sich gezogen. Diese wurden Angeboten, konnte aber problemlos abgewählt werden. Somit denke ich, das es sich hier tatsächlich um eine Standardfunktion von Google handelt, wenn ein weitere Nutzer für Chrome eingerichtet wird. Dieses Thema damit für mich erledigt. Bezüglich "merkwürdiger" Beobachtungen, hab ich grad nichts mehr anzumelden. Bleibt mir noch der Wunsch, dem Router wieder zu vertrauen. Ob da was ist, weiß ich nicht. Trau dem "Frieden" trotzdem nicht. Beste Grüsse verrant |
|
02.11.2015, 19:12
| #14 |
| /// the machine /// TB-Ausbilder | Fehlklick bei ww1.virus-total. de ee Mehr als Router auf Werkseinstellungen zurücksetzen geht nicht, natürlich gefolgt von der Suche nach einem Firmware Update.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.11.2015, 18:47
| #15 |
| | Fehlklick bei ww1.virus-total. de ee Moin Schrauber. o.k. ... mache ich dann als nächstes. Ist bei Dir noch ein Thema offen? Wenn nicht, würde ich gerne noch bis Freitag testen wollen, ob noch etwas Besonderes Auffällt. LG verrant |
|
| Themen zu Fehlklick bei ww1.virus-total. de ee |
| avira, defender, desktop, dnsapi.dll, ebay, einfrieren, einstellung, exe, flash player, geld, google, google analytics, helper, homepage, install.exe, mozilla, netstat, prozesse, realtek, rundll, scan, services.exe, software, system, ublock, ublock origin, usb, warum, windows, windows 10 pro, wiso, wlan |
Linear-Darstellung
